Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2013-07-10 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ISC StormCast for Thursday, July 11th 2013 http://isc.sans.edu/podcastdetail.html?id=3409

.NL Registrar Compromisse

Published: 2013-07-10
Last Updated: 2013-07-10 20:00:51 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

Based on a note on the website of SIDN [1], as SQL injection vulnerability was used to compromisse the site and place malicious files in the document root. SIDN is the registrar for the .NL country level domain (Netherlands). As a result of the breach, updates to the zone file are suspended. There is no word as to any affects to the zone files, or if the attackers where able to manipulate them.

 

[1] https://www.sidn.nl/en/news/news/article/preventieve-maatregelen-genomen-2/

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: dns nl registrar sidn
0 comment(s)

Websense Appliance at 100% CPU

Published: 2013-07-10
Last Updated: 2013-07-10 19:23:16 UTC
by Richard Porter (Version: 1)
6 comment(s)

Some readers have reported in (Thanks!) that their inline Websense appliances are spiking to 100% after an update. The Websense team is aware and quickly working on a fix we are told. If you are seeing this behavior please let us know!

 

Richard Porter 

@packetalien

richard at pedantictheory dot com

Keywords:
6 comment(s)
Diary Archives