Bojan Zdrnja Diaries
- Macs need to patch too!
- More Black Tuesday workload
- Microsoft September 2013 Black Tuesday Overview
- Adobe September 2013 Black Tuesday Overview
- Microsoft security advisories: RDP and MD5 deprecation in Microsoft root certificates
- Microsoft August 2013 Black Tuesday Overview
- Adobe July 2013 Black Tuesday Overview
- Microsoft July 2013 Black Tuesday Overview
- Adobe June 2013 Black Tuesday Overview
- vmware security advisory VMSA-2013-0008
- Other Microsoft Black Tuesday News
- Microsoft June 2013 Black Tuesday Overview
- Store passwords the right way in your application
- CVE-2013-2094: Linux privilege escalation
- Microsoft Security Advisory 2846338
- Adobe May 2013 Black Tuesday Overview
- Firefox & Thunderbird released
- Microsoft May 2013 Black Tuesday Overview
- Adobe April 2013 Black Tuesday Overview
- Microsoft April 2013 Black Tuesday Overview
- Adobe March 2013 Black Tueday
- Microsoft March 2013 Black Tuesday Overview
- IPv6 Focus Month: How to say no!
- More adobe reader and acrobat (PDF) trouble
- Adobe Feb 2013 Black Tuesday patches
- Microsoft fix-it to disable gadgets - SA 2719662
- Microsoft revoking trust in Microsoft certificates - SA 2728973
- Microsoft July 2012 Black Tuesday Update - Overview
- Online Banking Heists
- Belgian online banking customers hacked.
- Microsoft Security Advisory 2719615 - MSXML - CVE-2012-1889
- Java 7u5 and 6u33 released
- Microsoft June 2012 Black Tuesday Update - Overview
- Adobe June 2012 Black Tuesday patches
- F5 ssh configuration goof
- SAMBA "root" credential remote code execution.
- Microsoft April 2012 Black Tuesday Update - Overview
- Adobe April 2012 Black Tuesday Update
- Windows Vista RIP
- INFOCON Yellow - Microsoft RDP - MS12-020
- Apple Black Tuesday
- Abobe November 2011 Black Tuesday Overview
- Microsoft November 2011 Black Tuesday Overview
- Firefox 8.0 released
- Microsoft Security Intelligence Report (SIR) - Volume 11
- Apple iTunes 10.5
- Critical Control 7 - Application Software Security
- Microsoft Black Tuesday Overview October 2011
- Emergency patch expected for Flash Player
- Diginotar declared bankrupt
- DigiNotar looses their accreditation for qualified certificates
- GlobalSign back in operation
- Adobe September 2011 Black Tuesday overview
- More DigiNotar intermediate certificates blocklisted at Microsoft
- Microsoft September 2011 Black Tuesday
- DigiNotar audit - intermediate report available
- DigiNotar breach - the story so far
- Adobe August 2011 Black Tuesday Overview
- Microsoft August 2011 Black Tuesday Overview
- abuse handling
- Microsoft July 2011 Black Tuesday Overview
- Microsoft June 2011 Black Tuesday Overview
- Adobe releases patches
- MacDefender ups the ante with removing the password need for installation
- Time to disable WebGL ?
- Time to change your facebook password?
- Changing MO in scamming our users ?
- Backtrack 5 released
- May 2011 Microsoft Black Tuesday Overview
- Cyber Security Awarenes Month - Day 24 - Using work computers at home
- Abandoned free email accounts
- DLL hijacking - what are you doing ?
- Facebook announces privacy improvements
- OSSEC 2.3 released
- ntpd upgrade to prevent spoofed looping
- Adobe flash player and air patched
- Microsoft November Black Tuesday Overview
- RIM fixes random code execution vulnerability
- TLS Man-in-the-middle on renegotiation vulnerability made public
- Insider threat: The snapnames case
- Legacy systems
- Safari 4.0.3
- Microsoft August 2009 Black Tuesday Overview
- Wordpress unauthenticated administrator password reset
- Oracle Black Tuesday
- ISC DHCP client updated
- Firefox new exploit
- Microsoft July Black Tuesday Overview
- Recent attacks and a false sense of security
- Java 6 update 14 released
- Adobe June Black Tuesday upgrades
- Microsoft June Black Tuesday Overview
- Safari 4.0 released - contains security fixes
- Adobe Acrobat (reader) patches released
- Apple patches and updates
- MSFT's version of responsible disclosure
- May Black Tuesday Overview
- Keeping your (digital) archive
- Oracle quarterly patches
- April Black Tuesday Overview
- VMware exploits - just how bad is it ?
- Adobe Acrobat 9.1 released
- March black Tuesday overview
- conspiracy fodder: pifts.exe
- Browser plug-ins, transparent proxies and same origin policies
- TinyURL and security
- Obama's leaked chopper blueprints: anything we can learn?
- Targeted link diversion attempts
- Java up to date ?
- February Black Tuesday Overview
- On the importance of patching fast
- DNS DDoS - let's use a long term solution
- Windows 7 - not so secure ?
- VMware updates
- Browser Security Handbook
- Contacting us might be hard today
- December Black Tuesday Overview
- Phishing for Google adwords
- November Black Tuesday Overview
- Acrobat continued activity in the wild
- Oracle quarterly patches on black tuesday
- October Black Tuesday Overview
- Day 14 - Containment: a Personal IdentityTheft Incident
- Apple updates iTunes+QuickTime
- wordpress upgrade
- September 2008 Black Tuesday Overview
- Evil side economy: $1 for breaking 1000 CAPTCHAs
- Google Chrome being polished
- The complaint that's an attack
- BIND: -P2 patches are released
- Apple's Security Update 2008-005: DNS workaround finally included
- Linus - Linux and Security - follow-up
- Linus - Linux and Security
- DNS bug - observations
- Dan Kaminsky's DNS bug: revealed? - Patch!
- July 2008 black tuesday overview
- Security implications in HVAC equipment
- SNMP v3 trouble
- Linux ASN.1 BER kernel buffer overflow
- June 2008 Black Tuesday Overview
- Upgrade to QuickTime 7.5
- VLC: needs upgrading too!
- Ransomware keybreaking
- The Planet outage - what can we all learn from it?
- Microsoft office file block & MOICE
- May 2008 black tuesday overview
- OpenSSH: Predictable PRNG in debian and ubuntu Linux
- Symantec's Global Internet Security Threat Report
- Notes file viewer vulnerabilities
- April 2008 - Black Tuesday Overview
- Cisco security advisory overview
- MSIE 5 and 6 FTP vulnerability
- March Black Tuesday Overview
- Firewire in the limelight
- Real player exploit made public
- 'coldboot' - guidance for your users
- Cold boot - Guidance for users
- In memory of hard disk encryption?
- Bad Trend Micro signature
- February Black Tuesday Overview
- Apple security update 2008-001 and 10.5.2 upgrade
- And yet another cable break in the mid east
- Master Boot Record rootkit
- January Black Tuesday overview
- Teredo Security Concerns
- December black tuesday overview
- How to stop javascript from websites infecting clients
- 'Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin.'
- Tiger and Leopard upgrades
- november black tuesday overview
- phone phish twist
- root nameserver migration
- Symantec local privilege escalation (Mac products)
- Firefox 2.0.0.9 update
- Deobfuscating javascript
- Storm - the paper
- October Black Tuesday overview
- Adobe mailto vulnerability
- Cyber Security Awareness Tip #9: Access Controls, Including Wireless, Modems, VPNs, and Physical Access
- Anonymous domainnames
- virtualization and security
- XSIO: Cross Site Image Overlaying
- September microsoft patch overview
- TOR - sniffing exit nodes
- August 'Black Tuesday' overview
- strong -two factor- authentication and still vulnerable ?
- Blocklists - make the right choice
- Microsoft Patch support not Free?
- MS07-040: .NET update trouble
- Adobe patches
- IE vs. FF
- WinPcap local privilege escalation
- July 'Black Tuesday' overview
- Invalid ssl certs ...
- IIS 5.0 authentication bypass exploit -- CVE-2007-2815
- PHP 5.2.3 released
- May 2007, Black Tuesday patch overview
- 419 death threat scam
- Mailbag
- Microsoft black Tuesday patches - April 2007
- Pump and Dump reporting
- asus.com exploited
- * Microsoft out of cycle patch
- Week of Vista bugs is a hoax
- Ani cursor exploits against Microsoft E-mail clients - CVE-2007-1765
- IE7.0.exe
- WPAD trouble
- Vista's Windows Mail - program execution - CVE-2007-1658
- IE adoption rate
- IE7 - XSS against local resource - CVE-2007-1499
- Javascript hiding everywhere.
- MS Windows 2003 SP2
- OpenBSD IPv6 remote vulnerability
- Firekeeper
- DST hype
- Comparing Anti-Virus Solutions
- onUnload()
- SupportSoft Active X fixed
- The missing Microsoft patches updated
- Valentine card - be sure not to get more than what you expect
- uTorrent exploit public
- Microsoft Black Tuesday patches - February 2007
- Cisco IOS IPS vunerabilities
- Y3K problems ?
- PHP 5.2.1 released
- Internet Explorer msxml3 concurrency problems: update
- Securing Apache/PHP
- Solaris 10 ICMP induced panic
- New? Microsoft word vulnerability used as vector in targeted attacks
- YaY popup
- MS07-01: Brazilian Grammar Checker
- Microsoft Patches - January 2007 - overview
- Port 6502
- Vista: better security [Y/N] ?
- Careful with the seasonal attachments!
- phpBB 2.0.22 - upgrade time
- The missing Microsoft patches
- Offline Microsoft Patching
- SAV botnet revival ?
- Microsoft Office 2004 - Mac OS X updated
- Microsoft Black Tuesday - December 2006 overview
- ICMP - call for packets ?
- PHP security: the scene might change
- Microsoft patch troubles ?
- SUS: deadline extended - XP SP1 not supported anymore
- Adobe Flash update available
- WinZip 10.0 build 7245 released
- Microsoft Black Tuesday Overview
- MS06-070: Workstation service
- Microsoft XP SP2 wireless hotfix
- Abuse handling and the misfortunes of the good Samaritan
- New OS X PoC virus
- Microsoft black tuesday - October 2006 STATUS
- Spam Backscatter
- Weekend blues
- MS06-053 revisited ?
- Scammer tying in on disasters
- Firefox ...
- Detecting attacks against servers
- Yellow: WebViewFolderIcon setslice exploit spreading
- MSIE: One patched, one pops up again (setslice)
- Powerpoint, yet another new vulnerability
- Yellow: MSIE VML exploit spreading
- Yet another MSIE 0-day: VML
- MSIE DirectAnimation ActiveX 0-day update
- PHP - shared hosters, take note.
- Adobe Flash player upgrade time
- Apple Quicktime 7.1.3 released
- Microsoft security patches for September 2006
- Out Share! Now it's up to you.
- Mailbag grab
- NT botnet submitted
- Tip of the Day: Audit
- Tip of the Day: Standards
- Tip of the Day: The -they shall not be broken into- challenge
- Microsoft August 2006 Patches: STATUS
- Tip of the Day: Logbooks
- winsnort defaced - use caution
- Unpatched exploit gets publicity
- MS06-040: BOLO -- Be On the LookOut
- * MS06-040 exploit in the wild
- Public release of exploits against the windows help system
- Hotfix for MSIE problem related to MS06-042
- Tip of the Day: Use the features of your switches
- Tip of the Day: Surviving the monthly patch cycle
- Microsoft exploits on Reboot Wednesday
- Microsoft updates - overview
- MS06-047: Office & Visual Basic for Application
- MS06-040: Server Service
- Vista reviewed by Symantec
- Microsoft Black Tuesday Patches
- Tip of the Day: mount options
- AOL: the Good, the Bad and the Ugly
- Tip of the Day: Be unpredictable and diverse
- DHCP exploit publicly available (MS06-036)
- Cisco MARS vulnerabilities
- TCP/1433 spike: Call for Packets.
- Oracle quarterly patches
- MS06-029: Script injection through Exchange/OWA
- MS06-031: RPC Mutual Authentication Vulnerability
- MS06-030: Microsoft SMB Vulnerabilities
- MS06-032: Source routing buffer overflow
- MS06-025: RRAS arbitrary code execution
- MS06-023: Microsoft's JScript remote code execution
- MS06-022: buffer overflow in ART image rendering library
- MS06-021: Internet Explorer patch
- MS06-024: buffer overflow in windows media player
- Microsoft patch day
- phpBB 2.0.21
- A malware jungle
- GD DoS
- javascript file upload entry
- Spamassassin - upgrade
- Spam - spam - spam
- Targeted attack: experience from the trenches
- FireFox DoS exploit public
- Swiss security day
- RealVNC exploits in the wild
- IBM websphere: Last Call
- CLICKbot
- Quicktime upgrade time
- Firefox update time
- 'Who is' your friend!
- phpBB 2.0.20 upgrade time
- Cross platform virus PoC
- Apple Mac OS X security patch bundle 2006-002
- Phishing arms race
- Gmail javascript vulnerability (fixed)
- Fresh Apple Patches
- Out of cycle oracle patch part II
- eXchange POP3
- Windows local privilege escalation - Windows access control
- Looking for samples of W32.Kiman.A
- Mozilla Firefox vulnerabilities and upgrade
- Cisco IOS local privilege escalation
- DoS exploit publicly released for Cisco Aironet AP
- FreeBSD packet filter (pf) DoS using fragments.
- Illusions of Security: wrap-up for Mac OS X
- Illusions of security
- Port 13701 spikes
- Cisco sgbp DoS
- Worldnic outage
- Oracle patches
- Tippingpoint IPS DoS
- Apple QuickTime and iTunes continued
- PHP
- CERTs warn about old java bug being exploited
- Superstition
- WMF: Status of Windows 98 and Windows ME ?
- WMF FAQ
- WMF: patches and workarounds explained
- 2nd generation WMF exploit: status of the anti-virus products after one day.
- Overview of the WMF related articles at the ISC
- * New exploit released for the WMF vulnerability - YELLOW
- From extreme to in depth
- phpBB 2.0.19 released
- Evolutions in the honeypot/honeynet arena
- Phishing: Saudi style
- IIS 5.1 DoS exploit released
- Malware samples
- Greetings awareness - Awareness greetings ?
- Black tuesday - the day after
- w00tw00t
- PHP 5.1.1 released
- worldnic DNS servers down
- postcard.gif.exe; virus numbers!; IE7.beta warez bugged; Black Tuesday: be prepared
- Possibility for disaster?; Preparing for a storm
- Microsoft time (cont.); Firefox exploits; PAWS exploit; port 445
- Google Web Accelerator continued; phpBB 2.0.15 released; Backdoors more popular than Viruses?; Anti-Spyware poll results; Google.com DNS glitch; SQL server 2000 SP4
- Solaris telnet/rlogin cont.; Timezones; DNS queries
- Port 533 spike; Planned maintenance completed; Java WebStart Cross Platform Vulnerability, cont.
- phpBB worms continued; Phishing; Spyware from the developers point of view; New server
- TCP port 10000 cont. / Connecting mismatched protocols
- Fun - data integrity / PHP up to date ? / WINS
- Ethics / SSH brute forcing continues
- Cisco Telnet DoS Vulnerability / Suspicious GIF files being mailed? / Paranoia, the right dosage