Bojan Zdrnja Diaries
- Business Email Compromise incidents
- PCI DSS version 3.2.1 is out
- EFAIL, a weakness in openPGP and S\MIME
- The joys of changing Privacy Laws
- DUHK attack, continuing a week of named issues
- Outlook Web Access based attacks
- It has been a month and a bit how is your new patching program holding up?
- Looking for some emails
- Time for some predictions
- Checking my honeypot day
- Malware being distributed pretending to be from AU Fedcourts
- New release of PCI DSS (version 3.2) is available
- Oracle critical updates released
- Call for some logs and/or packets for requests to a2billing/customer/templates/default/header.tpl
- SLOTH, attack on TLS using MD5
- Poetry attack?
- Malware SPAM a new run has started.
- Some password advice
- Patching in 2 days? - "tell him he's dreaming"
- Some more 0-days from ZDI
- Overlayfs flaw in Ubuntu
- Freak Attack - Surprised? No. Worried? A little.
- Some Logs and/or packets please?
- Microsoft advanced notification service changes.
- Honey Pot Entertainment - SSH
- Apple Phishing emails
- FreeBSD Denial of Service advisory (CVE-2004-0230)
- Microsoft & IE support plans, best be on IE11 by 01/2016
- No more Microsoft advisory email notifications?
- In case you missed it - Mobile phone search ruling in US
- Call for packets - Traffic from 116.177.0.0/16
- VMWare updates
- Do you have some DNS requests/replies you could share?
- Spam, talk about false advertising
- Windows XP, slow to die :-(
- VMSA-2014-0006.2 updates OpenSSL libraries in VMWare
- Cryptodefense infection, some lessons learned
- Testing for Heartbleed
- Heartbleed vendor notifications
- For the Adventurous, Java 8 is out
- Full Disclosure list shuts down
- Call for packets dest 5000 or source 6000
- How not to code your mobile app
- facebook, gmail and twitter accounts breached
- Windows "Support" calls
- Updated Standards Part 2 - PCI DSS/PA DSS
- Updated Standards Part 1 - ISO 27001
- Google Drive Phishing
- Setting up Honeypots
- CSAM Some more unusual scans
- CSAM - RFI with a small twist
- "microsoft support" calls - now with ransomware
- Microsoft re-releases patches that were causing an install loop
- Vulnerability Reported in Sophos Web Appliance
- HP Switches? You may want to look at patching them.
- Black Tuesday advanced notification
- DNS servers hijacked in the Netherlands
- Where is my data? When hosting providers go away
- Drupal.org & group.drupal.org password disclosure
- Interesting Credit Card transactions, are you seeing similar?
- Verizon Data Breach report has been released
- MS13-036 has been re-released
- KB2823324 causing boot issues in Brazil and some other locales
- Windows XP end of life, 12 months to go.
- Back to the past with penny stock spam
- Firefox 20 and Thunderbird 17.0.5 updates
- SSH scans from 188.95.234.6
- Request for web log files (mainly 500 error messages)
- World Backup day, Did you miss it?
- IPv6 Focus Month: Device Defaults
- Apple Java Update APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update
- Looking for some packets going to tcp/8520
- McAfee releases extraDAT for W32/Autorun.worm.aaeb-h
- Cyber Security Awareness Month - Day 30 - DSD 35 mitigating controls
- Oracle Critical Patch Update October
- Cyber Security Awareness Month - Day 12 PCI DSS
- Cyber Security Awareness Month - Day 8 ISO 27001
- And the SHA-3 title goes to .....Keccak
- Zeus/Citadel variant causing issues in the Netherlands
- SQL Injection Lilupophilupop style, Part 2
- Adobe Updates for Flash Player. More info can be found here --> http://www.adobe.com/support/security/bulletins/apsb12-14.html
- Packets wanted, DNS DDOS attacks
- Follow up on Got packets? Interested in TCP/8909, TCP/6666, TCP/9415, TCP/27977 and UDP/7
- Print bomb?
- Got packets? Interested in TCP/8909, TCP/6666, TCP/9415, TCP/27977 and UDP/7
- Phising and client side attacks, the future?
- Intersting Facebook SPAM
- KPN (Dutch Telecommunications company) Hack
- SSH Password attacks using domain name elements as userid
- CISCO Ironport C & M Series telnet vulnerability
- The privacy hodgepodge and IP Addresses
- Lilupophilupop tops 1million infected pages
- Bye 2011, Hello 2012, what will you have in store for us?
- SQL Injection Attack happening ATM
- A worm has my network, what now?
- Oracle Critical Patch Update
- Critical Control 5 - Boundary Defence
- Critical Control 1 - Inventory of Authorized and Unauthorized Devices
- Cyber Security Awareness Month Day 1/2 - Introduction to the controls
- Cyber Security Awareness Month Day 1/2 - Schedule
- Adobe Photoshop for Windows Vulnerability (CVE-2011-2443)
- SSL/TLS (part 3)
- SSL/TLS Vulnerability Details to be Released Friday (Part 2)
- October 2011 Cyber Security Awareness Month
- The impact of Diginotar on Certificate Authorities and trust
- How to find unwanted files on workstations
- SSH Brute Force attacks
- Metsploit 4 hits the downloads
- Lion Released
- SSH Brute Force
- Cloud thoughts
- Microsoft Support Scam (again)
- DNS.be DDOS
- Sony DDOS
- When your service provider has a breach
- DDOS, the new black?
- Java Floating point issue (CVE-2010-4476)
- Adobe Patches (shockwave, Flash, Reader & Coldfusion)
- WordPress 3.0.5 (and 3.1 RC4) are out
- Sourceforge attack
- Egypt offline
- White house greeting cards
- Older AV Scam Active again.
- IE 0 Day, just in time for Christmas
- Skoudis' Annual Xmas Hacking Challenge - The Nightmare Before Charlie Brown's Christmas
- Microsoft patches
- EXIM MTA vulnerability
- Having a look at the DDOS tool used in the attacks today
- VMware Security Updates VMSA-2010-0018
- AVG Update Bricking windows 7 64 bit
- T'is the season to be SPAMMY, trallalalaa la la la laaa
- Using password cracking as metric/indicator for the organisation's security posture
- Cyber Security Awareness Month - Day 23 - The Importance of compliance
- Cyber Security Awareness Month - Day 2 - Securing the Family Network
- Online Voting
- Controlling bittorrent
- FTP Brute Password guessing attacks
- vBulletin vB 3.8.6 vulnerability
- LNK by any other name
- World cup football South Africa 2010
- SPF how useful is it?
- non-latin TLD to be issued
- SIP Attacks on internet connected port5060 targeting Asterix servers
- And let the patching games continue
- ClamAV 0.94 EOL Reminder
- Oracle has released 47 critical patches (Includes SUN patches)
- Outage Update - isc.sans.org
- Adobe launch issue response/work around.
- MS10-015 re-released
- IE 0-day using .hlp files
- AS/NZ "Online Offensive - Fight fraud online" week March 1-7
- What is your firewall telling you and what is TCP249?
- MS10-015 may cause Windows XP to blue screen (but only if you have malware on it)
- Rogue DHCP server fun
- Dealing with User 2.0
- Why not Yellow?
- Metrics and SPAM
- Apple released some Java updates today APPLE-SA-2009-12-03-1 & 2 (for 10.5 and 10.6). Fixes a number of security issues so updating is a good idea.
- Avast false positives
- What is making you vulnerable?
- Cyber Security Awareness Month - Day 26 port1433/1434 MSSQL
- Some interesting SSL SPAM
- Cyber Security Awareness Month - Day 13 Proxies (TCP 3128, 8080 & ......)
- Cyber Security Awareness Month - Day 12 Ports 161/162 Simple Network Management Protocol (SNMP)
- Microsoft Security Essentials AV
- CISCO Security Advisories
- Storing passwords
- Possible DDOS on gov.au sites starting tonight?
- Critical Infrastructure and dependencies
- Switch hardening on your network
- Firefox Updates
- Happy patching day
- Michael J & Farrah F death SPAM
- PHPMYADMIN scans
- G'day from Sansfire2009
- Patching and Apple - Java issue
- Patching and Adobe
- There is some SMiShing going on in the EU
- Sanitising media
- Webhoneypot fun
- Browsers Tumble at CanSecWest
- Brace yourselves - IE8 reported to be released
- Ubuntu users, today is a good day to patch
- What's up with port 445?
- Phishing with a small twist
- Australian Bushfires
- Request for info - Scan and webmail
- We all "Love" USB drives
- Blocking access to MD5 signed certs
- The twelve (or so) hints of Christmas.
- Microsoft wordpad text converter issue
- To USB or not to USB, well not in the DoD - what do you do?
- Microsoft out-of-band patch - Severity Critical
- Day 16 - Containing a Malware Outbreak
- Another Iphone Update
- Blast from the future?
- SQL injections - an update
- More SQL Injections - very active right now
- Olympic Clicks
- Cleanup in isle 3 please. Asprox lying around
- Live from SANSFIRE
- Where does your network end?
- Free Yahoo email account! Sign me up, Ok well maybe not.
- Microsoft Security advisory for Safari and Windows
- Where did my domain go?
- A week of Cooked Ham and Pork
- More Credit Card numbers go walkabout.
- Mail Anyone?
- In short
- Odds
- Fun with some code
- Doing an audit/pentest or other assessment? Here is part of the report for you.
- Reminder IE7 push on the 12th
- Large scale recovery – results
- Universities in the US being targeted in a Spear Phising attack.
- Large scale recovery
- Shorts - other things happening this week.
- A day in the life of a firewall log
- T'is the season to be jolly - Lindt sale
- Architecture, security and assurance
- yl18.net part II
- Salesforce.com issue?
- Cyber Security Awareness Tip #26 – Safe File Transfer
- Cyber Security Awareness Tip #6: Developing policies and Distribution
- Cyber Security Awareness tips #5 - Social Engineering and Dumpster Diving Awareness
- To AV or not to AV, is that the question?
- Network Solutions having the day off? (nope just a few hrs)
- Vista Patches?
- Phish or Vish? The IRS is back.
- Humour, Politics and Kids online
- MS07-036 Revised
- A patchy kind of day
- The ever morphing Storm
- Port 1433 scanning
- New Hacker Challenge for you all
- Internal Audits, many of us hate them, but....
- Auscert day 3 update
- Microsoft Advisories
- Auscert day 2 update
- Aucert 2007 Update
- BEA 10 users, May 14 may not be your day
- Nokia Intellisync Mobile Suite
- and in other news
- DST and time sensitive transactions
- European Storm Video E-Mail
- Sun Java Vulnerability in processing GIF images
- 'Twas the night before Christmas, when all through the house Not a creature was stirring, not even a mouse.
- Port 8555 and 2967 activity
- PoC for local elevation of privilege on Windows 2000 SP4 upwards
- Challenge Update
- Adobe Acrobat Update
- IPv6 and Security
- Report of possible Malware coming from Chinanet
- Interesting Potential Attack Vector
- ebay.co.uk
- First Shift !