Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Mailbag; Upgrade Mozilla Products; Reading Corner - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Mailbag; Upgrade Mozilla Products; Reading Corner
Mailbag

We continue to receive submission on SSH brute force scan. From one of the submission received, the source is a public website and the the phpinfo() details can be viewed. This is a bad move as you are allowing others to see, not only the php configuration, but also some of the softwares and their version installed on the system. This file should be removed when you have verified the php is installed properly. We have informed the site to investigate.

Upgrade Mozilla Products

Mozilla has released new version for its products against the libpng vulnerability. If you are using Mozilla products, do upgrade them over the weekend:

http://www.mozilla.org/download.html

To know more details on libpng vulnerability, please refer to:
http://www.us-cert.gov/cas/techalerts/TA04-217A.html

Reading Corner

NIST has published a draft guidelines on PDA Forensics. Over the weekend, you may want to take a look:

http://csrc.nist.gov/publications/drafts.html#sp800-72
Kevin

32 Posts

Sign Up for Free or Log In to start participating in the conversation!