Bojan Zdrnja Diaries
- My Honeypot is Trendy, My Honeypot is Unpopular
- Sensor Ideas for DEFCON
- Weblogic Exploit Code Made Public (CVE-2018-2893)
- Reporting Malicious Websites in 2018
- Request for Packets: Port 15454
- Do you hear Laurel or Yanny or is it On-Off Keying?
- Getting Incident Response Help from Richard Feynman
- Drupal CVE-2018-7600 PoC is Public
- How did this Memcache thing happen?
- Cisco ASA WebVPN Vulnerability
- Using FLIR in Incident Response?
- Stone Soup Security
- Lessons Learned from Industrial Control Systems
- Nmap/Google Summer of Code
- F-Secure: FSC-2015-2: PATH TRAVERSAL VULNERABILITY
- PHP 5.5.23 is available
- Repurposing Logs
- Shellshock via SMTP
- Are you receiving Empty or "Hi" emails?
- Observations from Key-logged Passwords
- Planning for Failure
- Tor Use Uptick
- Filtering Signal From Noise (Part2)
- VMware ESXi and ESX address an NFC Protocol Unhandled Exception
- Filtering Signal From Noise
- CVE-2013-2251 Apache Struts 2.X OGNL Vulnerability
- Is SSH no more secure than telnet?
- WinLink Check-In
- How Your Webhosting Account is Getting Hacked
- Untangling the News from South Korea
- Why I think you should try Bro
- "My Computer is Acting Strangely"
- Twitter Confirms Compromise of Approximately 250,000 Users
- A Bit About the NVIDIA Vulnerability
- Recent SSH vulnerabilities
- Mobile Malware: Request for Field Reports
- Greek National Arrested on Suspicion of Theft of 9M Records on Fellow Greeks
- IE Fixes Available
- Sophos detecting itself as SHH/Updater-B
- Volatility: 2.2 is Coming Soon
- Quick Bits about Today's Java 0-Day
- Did you get a Better Business Bureau Complaint Today?
- Blizzard Compromise-- what they missed in their user communication
- Vendors: More Patch-Release Options Please
- Updated Poll: Which Patch Delivery Schedule Works the Best for You?
- Investigator's Tool-kit: Timeline
- PHP 5.4.3 and PHP 5.3.13 Released
- May Adobe Security Bulletins
- Symantec False-Positive Issue with XLS Files - Bloodhound.Exploit.459
- New Poll: Which Patch Delivery Schedule Works the Best for You?
- Incident-response without NTP
- Incident-response Management-tip: Standby time
- Monitoring your Log Monitoring Process
- FBI Seeking Victims in Operation Ghost Click/DNS Malware Investigation
- Fujacks Variant Using ACH Lure
- Recent VMWare security advisories
- SSL/TLS Vulnerability Details to be Released Friday
- Managing CVE-0
- MS11-020 (KB2508429) Upgrading from Critical to PATCH NOW
- Happy Open Source Intelligence Analysts Day: April 1st
- APT Tabletop Exercise
- So You Got an AV Alert. Now What?
- DDoS Analysis Process
- Defeating Drive-by Downloads in Windows
- Adobe Shockwave Player "Shockwave Settings" Use-After-Free Vulnerability
- Vulnerability in Internet Explorer Could Allow Remote Code Execution (CVE-2010-3962)
- SQL Slammer Clean-up: Roundup and Review
- SQL Slammer Clean-up: Contacting CERTs
- SQL Slammer Clean-up: Switching Viewpoints
- SQL Slammer Clean-up: Picking up the Phone
- SQL Slammer Clean-up: Reporting Upstream
- Cyber Security Awareness Month - Day 10 - Safe browsing for pre-teens
- SQL Slammer Clean-up: How to Report
- Cyber Security Awareness Month Activity: SQL Slammer Clean-up
- What's not to Like about "Like?"
- Investigating Malicious Website Reports
- How Do I Report Malicious Websites? Part 3
- VMware ESX/ESXi Updates
- How Do I Report Malicious Websites? Take 2
- Sasfis Propagation
- The Importance of Small Files
- Opera 10.53 Released to Address Security Issue
- How Do I Report Malicious Websites?
- CVE-2010-0817 SharePoint XSS Scorecard
- Zeus wants to do your taxes
- Responding to "Copyright Lawsuit filed against you"
- "Copyright Lawsuit filed against you"
- Exploit code available for CVE-2010-0249
- Clearing some things up about Adobe
- Doing the Right Thing
- FireEye takes on Ozdok and Recovery Ideas
- Even More Thoughts on Legacy Systems
- Sun OpenSSO Enterprise/Sun Access Manager XML Vulnerabilities
- Explaining Defense in Depth
- Canada Calling
- Paraskavedekatriaphobia and something I haven't found a word for
- IE7 0day expanded to include IE6 and IE8(beta)
- Making Intelligence Actionable: Part 2
- Opera 9.62 available - security update
- Vista updates (KB957200 and KB953155)
- Day 30 - Applying Patches and Updates
- Not-So "Breaking News"
- Volatility 1.3 Released
- Denial of Service Attack Against Georgia-- Are You Participating?
- Malware Intelligence: Making it Actionable
- Storm Botnet Celebrates Birthday With Fireworks
- Opera 9.5 is Available
- Amazon.com Issues
- Microsoft Security Bulletin Advance Notification for June 2008
- Making Intelligence Actionable
- The Other iframe attack
- Temporal Search: Detecting Hidden Malware Timebombs with Virtual Machines
- MS08-014 causes subtle Excel calculation error
- 2117966.net-- mass iframe injection
- Send your Staff to Security Conventions
- Anticipated Storm-Bot Attack Begins
- Holiday/Family Incident Response
- “There is nothing on my computer that a hacker would be interested in”
- Daylight Saving Time Reminder for North America (with some exceptions)
- APEWS.ORG: Please contact us
- BIND Updates Available
- Recent change in Stock-Spam Tactics (PDF and excel)
- Fun with Darknets
- Defensive Googling
- Lessons Learned from MS07-017
- *Microsoft to Release Out-of-Schedule Patch for ANI Vulnerability
- ANI: It Gets Better
- Chinese Internet Security Response Team Reports ANI Worm
- April 1: DST phase 2 and April Fools' Day
- *ANI exploit code drives INFOCon to Yellow
- Remote File Inclusion Attempts
- Recent Threat/Vulnerability Developments
- Manager/Media Impact
- Classic phpBB vulnerability impacts phpBB-based forums
- American Football Championship Shenanigans
- Friday Security Notes
- Changing Threat Models
- A Security Sampler
- Predicting Microsoft
- UDP/4081 Spike
- A Report from the Field
- A Lesson Learned from the Mailbox
- Powerpoint Vulnerabilty and MalCode Review
- Microsoft July Security Bulletin Review
- Reminder about MS06-025
- Excel Issue Scorecard
- Field Day Exercise
- The Intelligence Cycle for a Vulnerability Intelligence program on-the-cheap
- Symantec AV Vulnerability Latest
- Everyday is April Fools Day in your Mailbox
- OS X is clearly on the radar of exploit-developers.
- A Sad-day for Customer Service
- Where are all of the articles?
- Observations on the Family System Administrator
- RFC2142 is a two-way street
- A couple of handy iptables tutorials
- phpBB <= 2.0.17 exploit code in the wild
- The Family System Administrator
- Artemis Project's N-Eye
- On Dasher
- Open-source Newsbits
- Fingerprinting Phishers
- Adventures in Hunting Rogue Wireless Access Points
- Request for packets 50032
- Bluetooth Followup Links
- Microsoft October Security Bulletin Advanced Notification
- Bluetooth Auditing
- Volunteer Response; OpenSSH issues; Bluetooth delay
- Administrata; MS05-026 exploits in the field? No, not really; OpenRBL ist Kaput; Passive Reconnaissance and the Disaster Response threat-space; mod_jrun exploit sweep
- Windows HIDS; Port 80, IP-hopping scan;Why old exploits are still popular; A Simple Phishing Investigation Tip
- Firefox patches; MS DoSed my Grandma; MS05-019 Exploit published
- 2-factor auth poll-results; Sticky firewall question; Handling Incidents Involving Dynamic DNS; Sybase Buffer Overflow Vulnerability Details to Be Announced; Mac OS X Issues Released; Belated Happy N
- Updating early and often; NPR gets it right
- Etymology; Homographic Attacks; and other BIG words
- 6101 and 6129 scans on the rise; “infected links”; A reader Query; A Goodie Basket for Grandma
- GDI+ exploit mutation lessons and How to (not) report an attack to a large organization
- New Ethereal released; A different Kind of Storm Center
- Libpng and putty vulnerabilities announced today
- BHO FAQ, Survival Time, and auth/ident activity
- CVSHOME.ORG back on-line