ORACLE SECURITY PATCH |
| 2012-02-01 | Russ McRee | Oracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html |
| 2008-07-30 | David Goldsmith | Serious 0-Day Flaw in Oracle -- Patch Released |
ORACLE |
| 2021-10-09/a> | Guy Bruneau | Scanning for Previous Oracle WebLogic Vulnerabilities |
| 2020-05-05/a> | Russ McRee | Cloud Security Features Don't Replace the Need for Personnel Security Capabilities |
| 2019-06-19/a> | Johannes Ullrich | Critical Actively Exploited WebLogic Flaw Patched CVE-2019-2729 |
| 2018-07-17/a> | Scott Fendley | Oracle Critical Patch Update Release |
| 2017-10-30/a> | Johannes Ullrich | Critical Patch For Oracle's Identity Manager |
| 2016-03-23/a> | Bojan Zdrnja | Abusing Oracles |
| 2014-07-15/a> | Daniel Wesemann | Oracle July 2014 CPU (patch bundle) |
| 2014-07-13/a> | Tony Carothers | Oracle July 2014 Update Pre-Notification |
| 2014-04-16/a> | Johannes Ullrich | Oracle Critical Patch Update for April 2014 |
| 2014-01-30/a> | Johannes Ullrich | Oracle Reports Vulnerability |
| 2014-01-14/a> | Johannes Ullrich | Oracle Critical Patch Update January 2014 |
| 2013-02-20/a> | Johannes Ullrich | Update Palooza |
| 2013-02-19/a> | Johannes Ullrich | Oracle Updates Java (Java 7 Update 15, Java 6 update 41) |
| 2013-01-12/a> | Stephen Hall | Oracle Patch Tuesday Pre-Release |
| 2012-10-17/a> | Mark Hofman | Oracle Critical Patch Update October |
| 2012-09-23/a> | Tony Carothers | Update for CVE-2012-3132 |
| 2012-07-25/a> | Johannes Ullrich | Microsoft Exchange/Sharepoint and others: Oracle Outside In Vulnerability |
| 2012-07-15/a> | Guy Bruneau | Oracle July 2012 Critical Patch Pre-Release Announcement |
| 2012-04-30/a> | Rob VandenBrink | Patch for Oracle TNS Listener issue released ! |
| 2012-04-27/a> | Johannes Ullrich | Critical Unpatched Oracle Vulnerability |
| 2012-04-18/a> | Kevin Shortt | Oracle Critical Patch Update Advisory - April 2012: http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html |
| 2012-04-13/a> | Daniel Wesemann | Oracle CPU Patches announced for Apr 17 |
| 2012-02-16/a> | Tony Carothers | Java Update for February |
| 2012-02-01/a> | Russ McRee | Oracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html |
| 2012-01-18/a> | Richard Porter | Oracle Quarterly Released, http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html |
| 2011-10-22/a> | Guy Bruneau | Oracle Java SE Critical Patch Update |
| 2011-10-19/a> | Mark Hofman | Oracle Critical Patch Update |
| 2011-04-16/a> | Scott Fendley | Oracle Patch Update Pre-Release Announcement |
| 2011-03-07/a> | Bojan Zdrnja | Oracle padding attacks (Codegate crypto 400 writeup) |
| 2011-02-15/a> | Jason Lam | Oracle Java 6 Update 24 |
| 2011-02-09/a> | Mark Hofman | Java Floating point issue (CVE-2010-4476) |
| 2011-01-18/a> | Daniel Wesemann | Oracle Patches (Jan2011 CPU) |
| 2010-10-12/a> | Scott Fendley | Oracle Critical Updates Released |
| 2010-07-10/a> | Tony Carothers | Oracle July 2010 Pre-Release Announcement |
| 2010-04-14/a> | Mark Hofman | Oracle has released 47 critical patches (Includes SUN patches) |
| 2010-02-09/a> | Mark Hofman | Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html |
| 2010-02-06/a> | Guy Bruneau | Oracle WebLogic Server Security Alert |
| 2010-01-12/a> | Johannes Ullrich | Oracle Patches Relased |
| 2009-10-20/a> | Raul Siles | Oracle Critical Patch Update (CPU) - October 2009 |
| 2009-10-16/a> | Adrien de Beaupre | Cyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener |
| 2009-07-14/a> | Swa Frantzen | Oracle Black Tuesday |
| 2009-05-19/a> | Bojan Zdrnja | Advanced blind SQL injection (with Oracle examples) |
| 2009-04-14/a> | Swa Frantzen | Oracle quarterly patches |
| 2008-10-14/a> | Swa Frantzen | Oracle quarterly patches on black tuesday |
| 2008-07-30/a> | David Goldsmith | Serious 0-Day Flaw in Oracle -- Patch Released |
| 2008-07-15/a> | Maarten Van Horenbeeck | Oracle (and BEA, Hyperion and TimesTen) critical patch update July 15th, 2008 |
| 2006-11-29/a> | Toby Kohlenberg | Week of Oracle bugs cancelled |
| 2006-10-18/a> | Robert Danford | Oracle Quarterly Critical Patch Update (Oct 2006) |
SECURITY |
| 2025-01-31/a> | Richard Porter | To Simulate or Replicate: Crafting Cyber Ranges |
| 2025-01-17/a> | Guy Bruneau | Leveraging Honeypot Data for Offensive Security Operations [Guest Diary] |
| 2024-06-26/a> | Guy Bruneau | What Setting Live Traps for Cybercriminals Taught Me About Security [Guest Diary] |
| 2024-06-20/a> | Guy Bruneau | No Excuses, Free Tools to Help Secure Authentication in Ubuntu Linux [Guest Diary] |
| 2023-12-20/a> | Guy Bruneau | How to Protect your Webserver from Directory Enumeration Attack ? Apache2 [Guest Diary] |
| 2023-12-06/a> | Guy Bruneau | Revealing the Hidden Risks of QR Codes [Guest Diary] |
| 2023-11-22/a> | Guy Bruneau | CVE-2023-1389: A New Means to Expand Botnets |
| 2023-10-29/a> | Guy Bruneau | Spam or Phishing? Looking for Credentials & Passwords |
| 2023-09-18/a> | Johannes Ullrich | Internet Wide Multi VPN Search From Single /24 Network |
| 2023-09-06/a> | Johannes Ullrich | Security Relevant DNS Records |
| 2023-05-28/a> | Guy Bruneau | We Can no Longer Ignore the Cost of Cybersecurity |
| 2022-08-23/a> | Xavier Mertens | Who's Looking at Your security.txt File? |
| 2022-08-13/a> | Guy Bruneau | Phishing HTML Attachment as Voicemail Audio Transcription |
| 2022-07-26/a> | Xavier Mertens | How is Your macOS Security Posture? |
| 2022-04-23/a> | Guy Bruneau | Are Roku Streaming Devices Safe from Exploitation? |
| 2021-10-28/a> | Yee Ching Tok | Multiple Apple Patches for October 2021 |
| 2021-07-21/a> | Johannes Ullrich | "Summer of SAM": Microsoft Releases Guidance for CVE-2021-36934 |
| 2021-07-08/a> | Xavier Mertens | Using Sudo with Python For More Security Controls |
| 2021-05-29/a> | Guy Bruneau | Spear-phishing Email Targeting Outlook Mail Clients |
| 2021-05-08/a> | Guy Bruneau | Who is Probing the Internet for Research Purposes? |
| 2021-04-24/a> | Guy Bruneau | Base64 Hashes Used in Web Scanning |
| 2021-02-26/a> | Guy Bruneau | Pretending to be an Outlook Version Update |
| 2020-12-19/a> | Guy Bruneau | Secure Communication using TLS in Elasticsearch |
| 2020-06-05/a> | Johannes Ullrich | Cyber Security for Protests |
| 2020-05-05/a> | Russ McRee | Cloud Security Features Don't Replace the Need for Personnel Security Capabilities |
| 2020-03-24/a> | Russ McRee | Another Critical COVID-19 Shortage: Digital Security |
| 2020-03-21/a> | Guy Bruneau | Honeypot - Scanning and Targeting Devices & Services |
| 2020-03-15/a> | Guy Bruneau | VPN Access and Activity Monitoring |
| 2019-10-19/a> | Russell Eubanks | What Assumptions Are You Making? |
| 2019-07-20/a> | Guy Bruneau | Re-evaluating Network Security - It is Increasingly More Complex |
| 2019-07-09/a> | John Bambenek | MSFT July 2019 Patch Tuesday |
| 2018-12-31/a> | Didier Stevens | Software Crashes: A New Year's Resolution |
| 2018-10-08/a> | Guy Bruneau | Apple Security Updates |
| 2018-06-16/a> | Russ McRee | Anomaly Detection & Threat Hunting with Anomalize |
| 2018-05-30/a> | Bojan Zdrnja | The end of the lock icon |
| 2018-01-23/a> | John Bambenek | Life after GDPR: Implications for Cybersecurity |
| 2017-12-27/a> | Guy Bruneau | What are your Security Challenges for 2018? |
| 2017-12-20/a> | Richard Porter | VMWare Security Advisory: VMSA-2017-0021: https://www.vmware.com/security/advisories/VMSA-2017-0021.html |
| 2017-12-14/a> | Russ McRee | Security Planner: Improve your online safety |
| 2017-07-24/a> | Russell Eubanks | Trends Over Time |
| 2017-06-10/a> | Russell Eubanks | An Occasional Look in the Rear View Mirror |
| 2017-05-23/a> | Rob VandenBrink | What did we Learn from WannaCry? - Oh Wait, We Already Knew That! |
| 2017-04-28/a> | Russell Eubanks | KNOW before NO |
| 2017-04-02/a> | Guy Bruneau | IPFire - A Household Multipurpose Security Gateway |
| 2017-03-25/a> | Russell Eubanks | Distraction as a Service |
| 2017-03-11/a> | Russell Eubanks | What's On Your Not To Do List? |
| 2016-10-02/a> | Guy Bruneau | Is there an Infosec Cybersecurity Talent Shortage? |
| 2016-06-09/a> | Xavier Mertens | Offensive or Defensive Security? Both! |
| 2016-02-27/a> | Guy Bruneau | OpenSSL Security Update Planned for 1 March Release |
| 2016-01-10/a> | Jim Clausing | VMware security update |
| 2015-12-04/a> | Tom Webb | Automating Phishing Analysis using BRO |
| 2015-10-18/a> | Russell Eubanks | Security Awareness for Security Professionals |
| 2015-10-17/a> | Russell Eubanks | CIS Critical Security Controls - Version 6.0 |
| 2015-10-09/a> | Guy Bruneau | Adobe Acrobat and Reader Pre-Announcement |
| 2015-09-23/a> | Daniel Wesemann | Making our users unlearn what we taught them |
| 2014-11-25/a> | Adrien de Beaupre | Less is, umm, less? |
| 2014-10-13/a> | Lorna Hutcheson | For or Against: Port Security for Network Access Control |
| 2014-10-01/a> | Russ McRee | Security Onion news: Updated ShellShock detection scripts for Bro |
| 2014-08-12/a> | Adrien de Beaupre | Adobe updates for 2014/08 |
| 2014-07-28/a> | Guy Bruneau | Management and Control of Mobile Device Security |
| 2014-07-06/a> | Richard Porter | Physical Access, Point of Sale, Vegas |
| 2014-07-02/a> | Johannes Ullrich | July Ouch! Security Awareness Newsletter Released. E-mail Do's and Don'ts http://www.securingthehuman.org/resources/newsletters/ouch/2014#july2014 |
| 2014-06-19/a> | Tony Carothers | WordPress and Security |
| 2014-06-17/a> | Rob VandenBrink | New Security Advisories / Updates from Microsoft - Heads up for Next Patch Tuesday! |
| 2014-06-12/a> | Guy Bruneau | BIND Security Update for CVE-2014-3859 |
| 2014-04-12/a> | Guy Bruneau | Critical Security Update for JetPack WordPress Plugin. Bug has existed since Jetpack 1.9, released in October 2012. - http://jetpack.me/2014/04/10/jetpack-security-update/ |
| 2014-04-11/a> | Rob VandenBrink | VMware Security Advisories / Patches released for 2 issues (NOT Heartbleed) - http://www.vmware.com/security/advisories/VMSA-2014-0003.html and http://www.vmware.com/security/advisories/VMSA-2014-0002.html |
| 2014-04-02/a> | Kevin Shortt | Apple Security Update for Safari 6.1.3/7.0.3: http://support.apple.com/kb/HT6181 |
| 2014-03-24/a> | Johannes Ullrich | Integrating Physical Security Sensors |
| 2014-02-05/a> | Johannes Ullrich | SANS Ouch Security Awareness Newsletter What is Malware http://www.securingthehuman.org/ouch |
| 2014-01-25/a> | Guy Bruneau | Finding in Cisco's Annual Security Report |
| 2013-12-28/a> | Russ McRee | Weekend Reading List 27 DEC |
| 2013-12-17/a> | Adrien de Beaupre | Apple security updates Mac OS X and Safari |
| 2013-12-06/a> | Guy Bruneau | VMware ESX 4.x Security Advisory |
| 2013-11-22/a> | Rick Wanner | Port 0 DDOS |
| 2013-10-30/a> | Russ McRee | SIR v15: Five good reasons to leave Windows XP behind |
| 2013-10-01/a> | Adrien de Beaupre | CSAM! Send us your logs! |
| 2013-09-24/a> | Tom Webb | IDS, NSM, and Log Management with Security Onion 12.04.3 |
| 2013-09-17/a> | John Bambenek | Microsoft Releases Out-of-Band Advisory for all Versions of Internet Explorer |
| 2013-08-13/a> | Swa Frantzen | Microsoft security advisories: RDP and MD5 deprecation in Microsoft root certificates |
| 2013-07-28/a> | Guy Bruneau | Wireshark 1.8.9 and 1.10.1 Security Update |
| 2013-07-03/a> | Kevin Shortt | Apple Security Update 2013-003 |
| 2013-06-27/a> | Tony Carothers | Physical Security in the Cyber World |
| 2013-06-11/a> | Swa Frantzen | Other Microsoft Black Tuesday News |
| 2013-05-14/a> | Swa Frantzen | Microsoft Security Advisory 2846338 |
| 2013-04-23/a> | Russ McRee | Microsoft's Security Intelligence Report (SIRv14) released |
| 2013-04-19/a> | Russ McRee | Java 8 release schedule delayed for renewed focus on security |
| 2013-03-18/a> | Kevin Shortt | Cisco IOS Type 4 Password Issue: http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20130318-type4 |
| 2013-03-07/a> | Guy Bruneau | Wireshark Security Updates |
| 2013-02-12/a> | Adam Swanger | Microsoft February 2013 Black Tuesday Update - Overview |
| 2013-02-01/a> | Jim Clausing | Oracle quitely releases Java 7u13 early |
| 2013-01-25/a> | Johannes Ullrich | Vulnerability Scans via Search Engines (Request for Logs) |
| 2013-01-18/a> | Russ McRee | Interesting reads for Friday 18 JAN 2013 |
| 2013-01-15/a> | Russ McRee | Cisco introducing Cisco Security Notices 16 JAN 2013 |
| 2013-01-09/a> | Rob VandenBrink | Security Update - Cisco Prime LMS (cisco-sa-20130109-lms - remote execution as root vulnerability) - advisory at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms |
| 2013-01-09/a> | Rob VandenBrink | Security Update - Cisco 7900 Phones - cisco-sa-20130109-uipphone privilege escallation issue - advisory at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone |
| 2012-12-22/a> | Guy Bruneau | New Poll - Which of the following issues impacted the most your business in 2012? - https://isc.sans.edu/poll.html |
| 2012-12-11/a> | John Bambenek | Microsoft December 2012 Black Tuesday Update - Overview |
| 2012-12-03/a> | John Bambenek | John McAfee Exposes His Location in Photo About His Being on Run |
| 2012-12-01/a> | Guy Bruneau | Firefox 17.0.1 Bug Fixes - http://www.mozilla.org/en-US/firefox/17.0.1/releasenotes/ |
| 2012-11-29/a> | Kevin Shortt | New Apple Security Update: APPLE-SA-2012-11-29-1 Apple TV 5.1.1 |
| 2012-11-28/a> | Mark Hofman | New version of wireshark is available (1.8.4), some security fixes included. |
| 2012-11-28/a> | Mark Hofman | McAfee releases extraDAT for W32/Autorun.worm.aaeb-h |
| 2012-11-27/a> | Chris Mohan | Can users' phish emails be a security admin's catch of the day? |
| 2012-11-26/a> | John Bambenek | Online Shopping for the Holidays? Tips, News and a Fair Warning |
| 2012-11-20/a> | John Bambenek | Behind the Random NTP Bizarreness of Incorrect Year Being Set |
| 2012-11-20/a> | John Bambenek | Firefox v 17.0 just released, more here: http://www.mozilla.org/en-US/firefox/17.0/releasenotes/ |
| 2012-11-19/a> | John Bambenek | MoneyGram fined $100 million for aiding wire fraud - http://krebsonsecurity.com/2012/11/moneygram-fined-100-million-for-wire-fraud/ |
| 2012-11-19/a> | John Bambenek | New Poll: Top 5 Unresolved Security Problems of 2012 |
| 2012-11-17/a> | Manuel Humberto Santander Pelaez | New Sysinternal Updates: AdExplorer v1.44, Contig v1.7, Coreinfo v3.2, Procdump v5.1. See http://blogs.technet.com/b/sysinternals/archive/2012/11/16/updates-adexplorer-v1-44-contig-v1-7-coreinfo-v3-2-procdump-v5-1.aspx?Redirected=true |
| 2012-11-13/a> | Jim Clausing | Microsoft November 2012 Black Tuesday Update - Overview |
| 2012-11-12/a> | John Bambenek | Request for info: Robocall Phishing Against Local/Regional Banks |
| 2012-11-09/a> | Mark Baggett | Remote Diagnostics with PSR |
| 2012-11-09/a> | Mark Baggett | Fresh batch of Microsoft patches next week |
| 2012-11-07/a> | Mark Baggett | Help eliminate unquoted path vulnerabilities |
| 2012-11-07/a> | Mark Baggett | Multiple 0-Days Reported! |
| 2012-11-07/a> | Mark Baggett | Cisco TACACS+ Authentication Bypass |
| 2012-11-05/a> | Johannes Ullrich | Possible Fake-AV Ads from Doubleclick Servers |
| 2012-11-05/a> | Johannes Ullrich | Reminder: Ongoing SMTP Brute Forcing Attacks |
| 2012-11-04/a> | Lorna Hutcheson | What's important on your network? |
| 2012-10-31/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 31 - Business Continuity and Disaster Recovery |
| 2012-10-30/a> | Johannes Ullrich | Hurricane Sandy Update |
| 2012-10-30/a> | Richard Porter | Splunk 5.0 SP-CAAAHB4 http://www.splunk.com/view/SP-CAAAHB4 |
| 2012-10-30/a> | Mark Hofman | Cyber Security Awareness Month - Day 30 - DSD 35 mitigating controls |
| 2012-10-29/a> | Kevin Shortt | Cyber Security Awareness Month - Day 29 - Clear Desk: The Unacquainted Standard |
| 2012-10-28/a> | Tony Carothers | Firefox 16.02 Released |
| 2012-10-26/a> | Russ McRee | Cyber Security Awareness Month - Day 26 - Attackers use trusted domain to propagate Citadel Zeus variant |
| 2012-10-25/a> | Richard Porter | Cyber Security Awareness Month - Day 25 - Pro Audio & Video Packets on the Wire |
| 2012-10-24/a> | Russ McRee | Cyber Security Awareness Month - Day 24 - A Standard for Information Security Incident Management - ISO 27035 |
| 2012-10-24/a> | Russ McRee | Ongoing Windstream outage in the midwest - https://twitter.com/search?q=windstream |
| 2012-10-23/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 23: Character Encoding Standards - ASCII and Successors |
| 2012-10-21/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 22: Connectors |
| 2012-10-21/a> | Lorna Hutcheson | Potential Phish for Regular Webmail Accounts |
| 2012-10-19/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 19: Standard log formats and CEE. |
| 2012-10-18/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 18 - Vendor Standards: The vSphere Hardening Guide |
| 2012-10-17/a> | Mark Hofman | Oracle Critical Patch Update October |
| 2012-10-17/a> | Mark Hofman | New Acrobat release (including reader) available. Version 11. Some security improvements more here -->http://blogs.adobe.com/adobereader/ |
| 2012-10-17/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 17 - A Standard for Risk Management - ISO 27005 |
| 2012-10-16/a> | Richard Porter | CyberAwareness Month - Day 15, Standards Body Soup (pt2), Same Soup Different Cook. |
| 2012-10-16/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 16: W3C and HTML |
| 2012-10-14/a> | Pedro Bueno | Cyber Security Awareness Month - Day 14 - Poor Man's File Analysis System - Part 1 |
| 2012-10-13/a> | Guy Bruneau | New Poll - Cyber Security Awareness Month Activities 2012 - https://isc.sans.edu/poll.html |
| 2012-10-12/a> | Mark Hofman | Cyber Security Awareness Month - Day 12 PCI DSS |
| 2012-10-11/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 11 - Vendor Agnostic Standards (Center for Internet Security) |
| 2012-10-10/a> | Kevin Shortt | Cyber Security Awareness Month - Day 10 - Standard Sudo - Part Two |
| 2012-10-09/a> | Johannes Ullrich | Cyber Security Awreness Month - Day 9 - Request for Comment (RFC) |
| 2012-10-09/a> | Johannes Ullrich | Microsoft October 2012 Black Tuesday Update - Overview |
| 2012-10-08/a> | Mark Hofman | Cyber Security Awareness Month - Day 8 ISO 27001 |
| 2012-10-07/a> | Tony Carothers | Cyber Security Awareness Month - Day 7 - Rollup Review of CSAM Week 1 |
| 2012-10-06/a> | Manuel Humberto Santander Pelaez | Cyber Security Awareness Month - Day 6 - NERC: The standard that enforces security on power SCADA |
| 2012-10-05/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 5: Standards Body Soup, So many Flavors in the bowl. |
| 2012-10-05/a> | Richard Porter | VMWare Security Advisory: VMSA-2012-0014 - http://www.vmware.com/security/advisories/VMSA-2012-0014.html |
| 2012-10-05/a> | Richard Porter | Reports of a Distributed Injection Scan |
| 2012-10-04/a> | Mark Hofman | And the SHA-3 title goes to .....Keccak |
| 2012-10-04/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 4: Crypto Standards |
| 2012-10-03/a> | Kevin Shortt | Cyber Security Awareness Month - Day 3 - Standard Sudo - Part One |
| 2012-10-02/a> | Russ McRee | Cyber Security Awareness Month - Day 2 - PCI Security Standard: Mobile Payment Acceptance Security Guidelines |
| 2012-10-01/a> | Johannes Ullrich | Cyber Security Awareness Month |
| 2012-09-28/a> | Joel Esler | Adobe certification revocation for October 4th |
| 2012-09-27/a> | Kevin Shortt | Cisco IOS Security Advisory Bundle - http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html |
| 2012-09-26/a> | Johannes Ullrich | Some Android phones can be reset to factory default by clicking on links |
| 2012-09-26/a> | Johannes Ullrich | More Java Woes |
| 2012-09-21/a> | Johannes Ullrich | iOS 6 Security Roundup |
| 2012-09-20/a> | Russ McRee | Flash Player update but no announcement, check your version http://www.adobe.com/software/flash/about/ |
| 2012-09-20/a> | Russ McRee | Apple and Cisco Security Advisories 19 SEP 2012 |
| 2012-09-20/a> | Russ McRee | Financial sector advisory: attacks and threats against financial institutions |
| 2012-09-19/a> | Russ McRee | Script kiddie scavenging with Shellbot.S |
| 2012-09-17/a> | Rob VandenBrink | What's on your iPad? |
| 2012-09-14/a> | Lenny Zeltser | Scam Report - Fake Voice Mail Email Notification Redirects to Malicious Site |
| 2012-09-13/a> | Mark Baggett | TCP Fuzzing with Scapy |
| 2012-09-13/a> | Mark Baggett | Microsoft disrupts traffic associated with the Nitol botnet |
| 2012-09-13/a> | Mark Baggett | More SSL trouble |
| 2012-09-10/a> | Johannes Ullrich | Microsoft Patch Tuesday Pre-Release |
| 2012-09-10/a> | Johannes Ullrich | Godaddy DDoS Attack |
| 2012-09-10/a> | donald smith | Blue Toad publishing co compromise lead to UDID release. http://redtape.nbcnews.com/_news/2012/09/10/13781440-exclusive-the-real-source-of-apple-device-ids-leaked-by-anonymous-last-week?lite |
| 2012-09-07/a> | Chris Mohan | Keeping an eye on those BYODs with DHCP |
| 2012-09-06/a> | Johannes Ullrich | SSL Requests sent to port 80 (request for help/input) |
| 2012-09-04/a> | Johannes Ullrich | Another round of "Spot the Exploit E-Mail" |
| 2012-09-02/a> | Lorna Hutcheson | Demonstrating the value of your Intrusion Detection Program and Analysts |
| 2012-09-01/a> | Russ McRee | Blackhole targeting Java vulnerability via fake Microsoft Services Agreement email phish |
| 2012-08-31/a> | Russ McRee | Not so fast: Java 7 Update 7 critical vulnerability discovered in less than 24 hours |
| 2012-08-30/a> | Johannes Ullrich | Editorial: The Slumlord Approach to Network Security http://isc.sans.edu/j/editorial |
| 2012-08-29/a> | Johannes Ullrich | "Data" URLs used for in-URL phishing |
| 2012-08-27/a> | Johannes Ullrich | The Good, Bad and Ugly about Assigning IPv6 Addresses |
| 2012-08-27/a> | Johannes Ullrich | Malware Spam harvesting Facebook Information |
| 2012-08-26/a> | Lorna Hutcheson | Who ya gonna contact? |
| 2012-08-22/a> | Adrien de Beaupre | Apple Remote Desktop update fixes no encryption issue |
| 2012-08-22/a> | Adrien de Beaupre | Phishing/spam via SMS |
| 2012-08-21/a> | Adrien de Beaupre | YYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update |
| 2012-08-21/a> | Adrien de Beaupre | RuggedCom fails key management 101 on Rugged Operating System (ROS) |
| 2012-08-20/a> | Manuel Humberto Santander Pelaez | Do we need test procedures in our companies before implementing Antivirus signatures? |
| 2012-08-19/a> | Manuel Humberto Santander Pelaez | Authentication Issues between entities during protocol message exchange in SCADA Systems |
| 2012-08-15/a> | Guy Bruneau | Wireshark Security Update |
| 2012-08-12/a> | Tony Carothers | Layers of the Defense-in-Depth Onion |
| 2012-08-12/a> | Tony Carothers | Oracle Security Alert for CVE-2012-3132 |
| 2012-08-09/a> | Mark Hofman | Zeus/Citadel variant causing issues in the Netherlands |
| 2012-08-09/a> | Mark Hofman | SQL Injection Lilupophilupop style, Part 2 |
| 2012-08-07/a> | Adrien de Beaupre | Who protects small business? |
| 2012-08-04/a> | Kevin Liston | Vendors: More Patch-Release Options Please |
| 2012-08-02/a> | Guy Bruneau | Opera Security Update |
| 2012-07-27/a> | Daniel Wesemann | Cuckoo 0.4 is out - cool new features for malware analysis http://www.cuckoosandbox.org/ |
| 2012-07-24/a> | Richard Porter | Wireshark 1.8.1 Released http://www.wireshark.org/ |
| 2012-07-24/a> | Richard Porter | Report of spike in DNS Queries gd21.net |
| 2012-07-20/a> | Mark Baggett | Syria Internet connection cut? |
| 2012-07-19/a> | Mark Baggett | Diagnosing Malware with Resource Monitor |
| 2012-07-19/a> | Mark Baggett | A Heap of Overflows? |
| 2012-07-16/a> | Richard Porter | Sysinternals Update @ http://blogs.technet.com/b/sysinternals/archive/2012/07/16/updates-handle-v3-5-process-explorer-v15-22-process-monitor-v3-03-rammap-v1-21-zoomit-v4-3.aspx |
| 2012-07-13/a> | Richard Porter | Yesterday (not as on the ball as Rob) at SANSFire |
| 2012-07-13/a> | Russ McRee | 2 for 1: SANSFIRE & MSRA presentations |
| 2012-07-13/a> | Russ McRee | VMWare Security Advisory 12 JUL 2012 |
| 2012-07-13/a> | Russ McRee | Yahoo service SQL injection vuln leads to account exposure |
| 2012-07-12/a> | Rick Wanner | Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs |
| 2012-07-12/a> | Rick Wanner | Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts |
| 2012-07-12/a> | Rick Wanner | Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman |
| 2012-07-12/a> | Rick Wanner | Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms |
| 2012-07-10/a> | Swa Frantzen | Microsoft revoking trust in Microsoft certificates - SA 2728973 |
| 2012-07-10/a> | Swa Frantzen | Microsoft fix-it to disable gadgets - SA 2719662 |
| 2012-07-09/a> | Johannes Ullrich | The FBI will turn off the Internet on Monday (or not) |
| 2012-07-09/a> | Manuel Humberto Santander Pelaez | Internet Storm Center panel tonight at SANSFIRE 2012! |
| 2012-07-05/a> | Adrien de Beaupre | New OS X trojan backdoor MaControl variant reported |
| 2012-07-05/a> | Adrien de Beaupre | Microsoft advanced notification for July 2012 patch Tuesday |
| 2012-07-02/a> | Joel Esler | A rough guide to keeping your website up |
| 2012-07-02/a> | Joel Esler | Linux & Java leap second bug |
| 2012-06-29/a> | Jim Clausing | Updated SysInternals tools - Autoruns, Process Explorer, Process Monitor, PSKill -- http://blogs.technet.com/b/sysinternals/archive/2012/06/28/updates-autoruns-v11-32-process-explorer-v15-21-process-monitor-v3-02-pskill-v1-15-rammap-v1-2.aspx |
| 2012-06-28/a> | Chris Mohan | Massive spike in BGP traffic - Possible BGP poisoning? |
| 2012-06-21/a> | Russ McRee | Cisco Security Advisories 20 JUN 2012 |
| 2012-06-21/a> | Russ McRee | Analysis of drive-by attack sample set |
| 2012-06-21/a> | Russ McRee | Wireshark 1.8.0 released 21 JUN 2012 http://www.wireshark.org/download.html |
| 2012-06-20/a> | Raul Siles | Firefox 13.0.1 Update |
| 2012-06-19/a> | Daniel Wesemann | Vulnerabilityqueerprocessbrittleness |
| 2012-06-06/a> | Jim Clausing | Firefox, Thunderbird, and Seamonkey Security Updates |
| 2012-05-22/a> | Johannes Ullrich | nmap 6 released |
| 2012-05-04/a> | Guy Bruneau | Adobe Security Flash Update |
| 2012-03-27/a> | Guy Bruneau | Wireshark 1.6.6 and 1.4.2 Released |
| 2012-03-27/a> | Guy Bruneau | Opera 11.62 for Windows patch several bugs and vulnerabilities - http://www.opera.com/docs/changelogs/windows/1162/ |
| 2012-02-29/a> | Russ McRee | Cisco Security Advisories - 29FEB2011 |
| 2012-02-04/a> | Scott Fendley | Apple Security Advisory 2012-001 v1.1 |
| 2012-02-01/a> | Russ McRee | Oracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html |
| 2012-01-31/a> | Russ McRee | Firefox 10 and VMWare advisories and updates |
| 2012-01-03/a> | Rick Wanner | Analysis of the Stratfor Password List |
| 2011-12-08/a> | Adrien de Beaupre | Microsoft Security Bulletin Advance Notification for December 2011 |
| 2011-11-01/a> | Russ McRee | Secure languages & frameworks |
| 2011-10-29/a> | Richard Porter | The Sub Critical Control? Evidence Collection |
| 2011-10-28/a> | Russ McRee | Critical Control 19: Data Recovery Capability |
| 2011-10-28/a> | Daniel Wesemann | Critical Control 20: Security Skills Assessment and Training to fill Gaps |
| 2011-10-27/a> | Mark Baggett | Critical Control 18: Incident Response Capabilities |
| 2011-10-26/a> | Rick Wanner | Critical Control 17:Penetration Tests and Red Team Exercises |
| 2011-10-17/a> | Rob VandenBrink | Critical Control 11: Account Monitoring and Control |
| 2011-10-13/a> | Guy Bruneau | Critical Control 10: Continuous Vulnerability Assessment and Remediation |
| 2011-10-12/a> | Kevin Shortt | Critical Control 8 - Controlled Use of Administrative Privileges |
| 2011-10-11/a> | Swa Frantzen | Critical Control 7 - Application Software Security |
| 2011-10-10/a> | Jim Clausing | Critical Control 6 - Maintenance, Monitoring, and Analysis of Security Audit Logs |
| 2011-10-07/a> | Mark Hofman | Critical Control 5 - Boundary Defence |
| 2011-10-04/a> | Rob VandenBrink | Critical Control 2 - Inventory of Authorized and Unauthorized Software |
| 2011-10-04/a> | Johannes Ullrich | Critical Control 3 - Secure Configurations for Hardware and Software on Laptops, Workstations and Servers |
| 2011-10-03/a> | Mark Hofman | Critical Control 1 - Inventory of Authorized and Unauthorized Devices |
| 2011-10-03/a> | Mark Baggett | What are the 20 Critical Controls? |
| 2011-10-03/a> | Tom Liston | Security 101 : Security Basics in 140 Characters Or Less |
| 2011-10-02/a> | Mark Hofman | Cyber Security Awareness Month Day 1/2 - Schedule |
| 2011-10-02/a> | Mark Hofman | Cyber Security Awareness Month Day 1/2 - Introduction to the controls |
| 2011-09-21/a> | Mark Hofman | October 2011 Cyber Security Awareness Month |
| 2011-08-05/a> | Johannes Ullrich | Microsoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx |
| 2011-07-10/a> | Raul Siles | Security Testing SSL/TLS (HTTPS) Implementations |
| 2011-07-05/a> | Raul Siles | Helping Developers Understand Security - Spot the Vuln |
| 2011-06-29/a> | Johannes Ullrich | Random SSL Tips and Tricks |
| 2011-06-23/a> | Jim Clausing | Apple Security Updates 2011-004 |
| 2011-06-22/a> | Guy Bruneau | How Good is your Employee Termination Policy? |
| 2011-06-17/a> | Richard Porter | When do you stop owning Technology? |
| 2011-06-09/a> | Richard Porter | Chrome Version 12.0.742.91 Released |
| 2011-06-01/a> | Adrien de Beaupre | Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series - http://www.cisco.com/warp/public/707/cisco-sa-20110601-phone.shtml |
| 2011-06-01/a> | Adrien de Beaupre | Cisco Security Advisory: Default Credentials Vulnerability in Cisco Network Registrar - http://www.cisco.com/warp/public/707/cisco-sa-20110601-cnr.shtml |
| 2011-06-01/a> | Adrien de Beaupre | Cisco Security Advisory: Default Credentials for root Account on the Cisco Media Experience Engine 5600 - http://www.cisco.com/warp/public/707/cisco-sa-20110601-mxe.shtml |
| 2011-06-01/a> | Adrien de Beaupre | Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client - http://www.cisco.com/warp/public/707/cisco-sa-20110601-ac.shtml |
| 2011-05-31/a> | Chris Mohan | Getting the IT security word out there to the rest of the world |
| 2011-05-08/a> | Lorna Hutcheson | Monitoring Virtual Machines |
| 2011-04-10/a> | Raul Siles | Pros and Cons of "Secure" Wi-Fi Access |
| 2011-03-30/a> | Adrien de Beaupre | Two Cisco advisories: cisco-sa-20110330-nac and cisco-sa-20110330-acs |
| 2011-03-21/a> | Kevin Shortt | APPLE-SA-2011-03-21-1 Mac OS X v10.6.7 and Security Update 2011-001 |
| 2011-02-15/a> | Jason Lam | HTTP headers fun |
| 2011-02-10/a> | Chris Mohan | Linksys WAP610N has Unauthenticated Root Console issue |
| 2011-01-19/a> | Johannes Ullrich | Microsoft's Secure Developer Tools |
| 2011-01-13/a> | Rob VandenBrink | Is Infosec seeing "Death by a Thousand Budget Cuts"? |
| 2011-01-05/a> | Johannes Ullrich | Survey: Software Security Awareness Training |
| 2010-12-28/a> | John Bambenek | Mozilla Notifies of Relatively Minor Security Breach |
| 2010-12-08/a> | Rob VandenBrink | How a Tablet Changed My Life |
| 2010-12-02/a> | Kevin Johnson | Robert Hansen and our happiness |
| 2010-11-16/a> | Guy Bruneau | Mac OS X Server v10.6.5 (10H575) Security Update: http://support.apple.com/kb/HT4452 |
| 2010-11-08/a> | Manuel Humberto Santander Pelaez | Network Security Perimeter: How to choose the correct firewall and IPS for your environment? |
| 2010-10-31/a> | Marcus Sachs | Cyber Security Awareness Month - Day 31 - Tying it all together |
| 2010-10-30/a> | Guy Bruneau | Cyber Security Awareness Month - Day 30 - Role of the network team |
| 2010-10-29/a> | Manuel Humberto Santander Pelaez | Cyber Security Awareness Month - Day 29- Role of the office geek |
| 2010-10-28/a> | Rick Wanner | Cyber Security Awareness Month - Day 27 - Social Media use in the office |
| 2010-10-28/a> | Tony Carothers | Cyber Security Awareness Month - Day 28 - Role of the employee |
| 2010-10-26/a> | Pedro Bueno | Cyber Security Awareness Month - Day 26 - Sharing Office Files |
| 2010-10-25/a> | Kevin Shortt | Cyber Security Awareness Month - Day 25 - Using Home Computers for Work |
| 2010-10-24/a> | Swa Frantzen | Cyber Security Awarenes Month - Day 24 - Using work computers at home |
| 2010-10-23/a> | Mark Hofman | Cyber Security Awareness Month - Day 23 - The Importance of compliance |
| 2010-10-22/a> | Daniel Wesemann | Cyber Security Awareness Month - Day 22 - Security of removable media |
| 2010-10-22/a> | Manuel Humberto Santander Pelaez | Intypedia project |
| 2010-10-21/a> | Chris Carboni | Cyber Security Awareness Month - Day 21 - Impossible Requests from the Boss |
| 2010-10-20/a> | Jim Clausing | Cyber Security Awareness Month - Day 20 - Securing Mobile Devices |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote Access Tools |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split? |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - VPN Architectures – SSL or IPSec? |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard? |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools |
| 2010-10-18/a> | Manuel Humberto Santander Pelaez | Cyber Security Awareness Month - Day 18 - What you should tell your boss when there's a crisis |
| 2010-10-17/a> | Stephen Hall | Cyber Security Awareness Month - Day 17 - What a boss should and should not have access to |
| 2010-10-15/a> | Marcus Sachs | Cyber Security Awareness Month - Day 15 - What Teachers Need to Know About Their Students |
| 2010-10-15/a> | Guy Bruneau | Cyber Security Awareness Month - Day 16 - Securing a donated computer |
| 2010-10-14/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 14 - Securing a public computer |
| 2010-10-13/a> | Deborah Hale | Cyber Security Awareness Month - Day 13 - Online Bullying |
| 2010-10-12/a> | Scott Fendley | Cyber Security Awareness Month - Day 12 - Protecting and Managing Your Digital Identity On Social Media Sites |
| 2010-10-11/a> | Rick Wanner | Cyber Security Awareness Month - Day 11 - Safe Browsing for Teens |
| 2010-10-10/a> | Kevin Liston | Cyber Security Awareness Month - Day 10 - Safe browsing for pre-teens |
| 2010-10-09/a> | Kevin Shortt | Cyber Security Awareness Month - Day 9 - Disposal of an Old Computer |
| 2010-10-08/a> | Rick Wanner | Cyber Security Awareness Month - Day 8 - Patch Management and System Updates |
| 2010-10-06/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 7 - Remote Access and Monitoring Tools |
| 2010-10-06/a> | Marcus Sachs | Cyber Security Awareness Month - Day 6 - Computer Monitoring Tools |
| 2010-10-05/a> | Rick Wanner | Cyber Security Awareness Month - Day 5 - Sites you should stay away from |
| 2010-10-04/a> | Daniel Wesemann | Cyber Security Awareness Month - Day 4 - Managing EMail |
| 2010-10-03/a> | Adrien de Beaupre | Cyber Security Awareness Month - Day 3 - Recognizing phishing and online scams |
| 2010-10-03/a> | Adrien de Beaupre | Canada's Cyber Security Strategy released today |
| 2010-10-02/a> | Mark Hofman | Cyber Security Awareness Month - Day 2 - Securing the Family Network |
| 2010-10-01/a> | Marcus Sachs | Cyber Security Awareness Month - 2010 |
| 2010-10-01/a> | Marcus Sachs | Cyber Security Awareness Month - Day 1 - Securing the Family PC |
| 2010-09-18/a> | Rick Wanner | Microsoft Security Advisory for ASP.NET |
| 2010-08-25/a> | Pedro Bueno | Adobe released security update for Shockwave player that fix several CVEs: APSB1020 |
| 2010-08-15/a> | Manuel Humberto Santander Pelaez | Python to test web application security |
| 2010-08-14/a> | Tony Carothers | Freedom of Information |
| 2010-08-08/a> | Marcus Sachs | Thinking about Cyber Security Awareness Month in October |
| 2010-08-02/a> | Manuel Humberto Santander Pelaez | Securing Windows Internet Kiosk |
| 2010-07-21/a> | Adrien de Beaupre | Update on .LNK vulnerability |
| 2010-06-17/a> | Deborah Hale | Digital Copy Machines - Security Risk? |
| 2010-06-10/a> | Deborah Hale | iPad Owners Exposed |
| 2010-06-10/a> | Deborah Hale | Microsoft Security Advisory 2219475 |
| 2010-06-07/a> | Manuel Humberto Santander Pelaez | Software Restriction Policy to keep malware away |
| 2010-05-12/a> | Rob VandenBrink | Layer 2 Security - Private VLANs (the Story Continues ...) |
| 2010-05-07/a> | Rob VandenBrink | Security Awareness – Many Audiences, Many Messages (Part 2) |
| 2010-05-02/a> | Mari Nichols | Zbot Social Engineering |
| 2010-04-13/a> | Adrien de Beaupre | Web App Testing Tools |
| 2010-04-07/a> | Rob VandenBrink | The Many Paths to Security Awareness |
| 2010-04-06/a> | Daniel Wesemann | Application Logs |
| 2010-04-02/a> | Guy Bruneau | Security Advisory for ESX Service Console |
| 2010-04-02/a> | Guy Bruneau | Apple QuickTime and iTunes Security Update |
| 2010-04-02/a> | Guy Bruneau | Foxit Reader Security Update |
| 2010-03-29/a> | Adrien de Beaupre | APPLE-SA-2010-03-29-1 Security Update 2010-002 / Mac OS X v10.6.3 |
| 2010-03-22/a> | Guy Bruneau | New Opera 10.51 available with security fixes. More information available at: http://www.opera.com/docs/changelogs/windows/1051/ |
| 2010-03-21/a> | Scott Fendley | Skipfish - Web Application Security Tool |
| 2010-03-10/a> | Rob VandenBrink | Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7 |
| 2010-03-08/a> | Raul Siles | Samurai WTF 0.8 |
| 2010-03-07/a> | Mari Nichols | DHS issues Cybersecurity challenge |
| 2010-02-20/a> | Mari Nichols | Is "Green IT" Defeating Security? |
| 2010-02-17/a> | Rob VandenBrink | Cisco ASA5500 Security Updates - cisco-sa-20100217-asa |
| 2010-02-17/a> | Rob VandenBrink | Cisco Security Agent Security Updates: cisco-sa-20100217-csa |
| 2010-01-06/a> | Guy Bruneau | Firefox security and stability update for version 3.5.7 and 3.0.17 available for download |
| 2009-11-29/a> | Patrick Nolan | A Cloudy Weekend |
| 2009-11-09/a> | Guy Bruneau | Apple Security Update 2009-006 for Mac OS X v10.6.2 |
| 2009-10-29/a> | Kyle Haugsness | Cyber Security Awareness Month - Day 29 - dns port 53 |
| 2009-10-28/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 28 - ntp (123/udp) |
| 2009-10-25/a> | Lorna Hutcheson | Cyber Security Awareness Month - Day 25 - Port 80 and 443 |
| 2009-10-22/a> | Adrien de Beaupre | Cyber Security Awareness Month - Day 22 port 502 TCP - Modbus |
| 2009-10-21/a> | Pedro Bueno | Cyber Security Awareness Month - Day 21 - Port 135 |
| 2009-10-20/a> | Raul Siles | WASC 2008 Statistics |
| 2009-10-19/a> | Daniel Wesemann | Cyber Security Awareness Month - Day 19 - ICMP |
| 2009-10-18/a> | Mari Nichols | Computer Security Awareness Month - Day 18 - Telnet an oldie but a goodie |
| 2009-10-16/a> | Adrien de Beaupre | Cyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener |
| 2009-10-11/a> | Mark Hofman | Cyber Security Awareness Month - Day 12 Ports 161/162 Simple Network Management Protocol (SNMP) |
| 2009-10-09/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 9 - Port 3389/tcp (RDP) |
| 2009-10-06/a> | Adrien de Beaupre | Cyber Security Awareness Month - Day 6 ports 67&68 udp - bootp and dhcp |
| 2009-10-05/a> | Adrien de Beaupre | Cyber Security Awareness Month - Day 5 port 31337 |
| 2009-10-02/a> | Stephen Hall | Cyber Security Awareness Month - Day 2 - Port 0 |
| 2009-09-20/a> | Mari Nichols | Insider Threat and Security Awareness |
| 2009-09-16/a> | Raul Siles | Review the security controls of your Web Applications... all them! |
| 2009-09-10/a> | Guy Bruneau | Firefox 3.5.3 and 3.0.14 has been released |
| 2009-08-04/a> | donald smith | Java Security Update |
| 2009-07-18/a> | Patrick Nolan | Chrome update contains Security fixes |
| 2009-07-16/a> | Guy Bruneau | Changes in Windows Security Center |
| 2009-06-15/a> | Daniel Wesemann | Drive-by Blackouting ? |
| 2009-05-29/a> | Lorna Hutcheson | Blackberry Server Vulnerability |
| 2009-05-26/a> | Jason Lam | A new Web application security blog |
| 2009-05-18/a> | Rick Wanner | Cisco SAFE Security Reference Guide Updated |
| 2009-04-06/a> | Adrien de Beaupre | Abuse addresses |
| 2009-03-27/a> | David Goldsmith | Firefox 3.0.8 Released |
| 2009-02-17/a> | Jason Lam | DShield Web Honeypot - Alpha Preview Release |
| 2009-01-31/a> | John Bambenek | Google Search Engine's Malware Detection Broken |
| 2009-01-12/a> | William Salusky | Web Application Firewalls (WAF) - Have you deployed WAF technology? |
| 2008-12-31/a> | David Goldsmith | Thunderbird 2.0.0.19 Released |
| 2008-12-17/a> | donald smith | Opera 9.6.3 released with security fixes |
| 2008-12-16/a> | donald smith | Cisco's Annual Security report has been released. |
| 2008-12-12/a> | Swa Frantzen | Browser Security Handbook |
| 2008-11-29/a> | Pedro Bueno | Ubuntu users: Time to update! |
| 2008-11-12/a> | John Bambenek | Thoughts on Security Intelligence (McColo Corp alleged spam/malware host knocked offline) |
| 2008-09-24/a> | Deborah Hale | Flurry of Security Advisories from CISCO |
| 2008-09-22/a> | Jim Clausing | Lessons learned from the Palin (and other) account hijacks |
| 2008-09-21/a> | Mari Nichols | You still have time! |
| 2008-09-08/a> | Raul Siles | CitectSCADA ODBC service exploit published |
| 2008-08-09/a> | Deborah Hale | A Few Tips to Help You Protect Your Home Computer |
| 2008-08-03/a> | Deborah Hale | Securing A Network - Lessons Learned |
| 2008-07-30/a> | David Goldsmith | Serious 0-Day Flaw in Oracle -- Patch Released |
| 2008-06-11/a> | John Bambenek | CitectSCADA Buffer Overflow Vulnerability |
| 2008-05-05/a> | John Bambenek | Defenses Against Automated Patch-Based Exploit Generation |
| 2008-04-07/a> | John Bambenek | HP USB Keys Shipped with Malware for your Proliant Server |
| 2008-03-20/a> | Joel Esler | APPLE-SA-2008-03-19 AirPort Extreme Base Station Firmware 7.3.1 |
| 2008-03-20/a> | Joel Esler | Potential Vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8? |
| 2008-03-12/a> | Joel Esler | Adobe security updates |
| 2006-10-05/a> | John Bambenek | There are no more Passive Exploits |
PATCH |
| 2025-03-11/a> | Johannes Ullrich | Microsoft Patch Tuesday: March 2025 |
| 2024-12-11/a> | Johannes Ullrich | Apple Updates Everything (iOS, iPadOS, macOS, watchOS, tvOS, visionOS) |
| 2024-12-10/a> | Johannes Ullrich | Microsoft Patch Tuesday: December 2024 |
| 2024-08-29/a> | Xavier Mertens | Live Patching DLLs with Python |
| 2024-07-09/a> | Johannes Ullrich | Microsoft Patch Tuesday July 2024 |
| 2024-06-11/a> | Johannes Ullrich | Microsoft Patch Tuesday June 2024 |
| 2024-03-12/a> | Johannes Ullrich | Microsoft Patch Tuesday - March 2024 |
| 2024-03-05/a> | Johannes Ullrich | Apple Releases iOS/iPadOS Updates with Zero Day Fixes. |
| 2023-12-12/a> | Johannes Ullrich | Microsoft Patch Tuesday December 2023 |
| 2023-10-10/a> | Johannes Ullrich | October 2023 Microsoft Patch Tuesday Summary |
| 2023-09-26/a> | Johannes Ullrich | Apple Releases MacOS Sonoma Including Numerous Security Patches |
| 2023-09-11/a> | Johannes Ullrich | Apple fixes 0-Day Vulnerability in Older Operating Systems |
| 2023-03-27/a> | Johannes Ullrich | Apple Updates Everything (including Studio Display) |
| 2023-02-14/a> | Johannes Ullrich | Microsoft February 2023 Patch Tuesday |
| 2023-01-24/a> | Johannes Ullrich | Apple Updates (almost) Everything: Patch Overview |
| 2022-10-11/a> | Johannes Ullrich | October 2022 Microsoft Patch Tuesday |
| 2022-10-07/a> | Xavier Mertens | Critical Fortinet Vulnerability Ahead |
| 2022-07-20/a> | Johannes Ullrich | Apple Patches Everything Day |
| 2022-05-16/a> | Johannes Ullrich | Apple Patches Everything |
| 2022-05-10/a> | Renato Marinho | Microsoft May 2022 Patch Tuesday |
| 2022-05-03/a> | Rob VandenBrink | Finding the Real "Last Patched" Day (Interim Version) |
| 2022-03-31/a> | Johannes Ullrich | Apple Patches Actively Exploited Vulnerability in macOS, iOS and iPadOS, |
| 2022-02-10/a> | Johannes Ullrich | iOS/iPadOS and MacOS Update: Single WebKit 0-Day Vulnerability Patched |
| 2022-01-11/a> | Johannes Ullrich | Microsoft Patch Tuesday - January 2022 |
| 2021-09-14/a> | Renato Marinho | Microsoft September 2021 Patch Tuesday |
| 2021-08-20/a> | Xavier Mertens | Waiting for the C2 to Show Up |
| 2021-04-13/a> | Richard Porter | Microsoft April 2021 Patch Tuesday |
| 2020-12-08/a> | Johannes Ullrich | December 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics and DNS Spoofing |
| 2020-11-25/a> | Xavier Mertens | Live Patching Windows API Calls Using PowerShell |
| 2020-05-14/a> | Rob VandenBrink | Patch Tuesday Revisited - CVE-2020-1048 isn't as "Medium" as MS Would Have You Believe |
| 2020-03-10/a> | Johannes Ullrich | Microsoft Patch Tuesday March 2020 |
| 2020-02-29/a> | Guy Bruneau | Hazelcast IMDG Discover Scan |
| 2019-07-09/a> | John Bambenek | MSFT July 2019 Patch Tuesday |
| 2018-12-19/a> | Xavier Mertens | Microsoft OOB Patch for Internet Explorer: Scripting Engine Memory Corruption Vulnerability |
| 2018-12-11/a> | Richard Porter | Microsoft December 2018 Patch Tuesday |
| 2018-11-13/a> | Johannes Ullrich | November 2018 Microsoft Patch Tuesday |
| 2018-10-09/a> | Johannes Ullrich | October 2018 Microsoft Patch Tuesday |
| 2018-09-11/a> | Johannes Ullrich | Microsoft September Patch Tuesday Summary |
| 2018-07-17/a> | Scott Fendley | Oracle Critical Patch Update Release |
| 2018-06-12/a> | Johannes Ullrich | Microsoft June 2018 Patch Tuesday |
| 2018-04-25/a> | Johannes Ullrich | Yet Another Drupal RCE Vulnerability |
| 2017-12-20/a> | Richard Porter | VMWare Security Advisory: VMSA-2017-0021: https://www.vmware.com/security/advisories/VMSA-2017-0021.html |
| 2017-12-12/a> | Johannes Ullrich | December Microsoft Patch Tuesday Summary |
| 2017-09-08/a> | Adrien de Beaupre | YASRV (Yet Another Struts RCE Vulnerability) yes a different one from yesterday |
| 2017-09-05/a> | Adrien de Beaupre | Struts vulnerability patch released by apache, patch now |
| 2017-07-11/a> | Renato Marinho | July's Microsoft Patch Tuesday |
| 2017-03-14/a> | Johannes Ullrich | February and March Microsoft Patch Tuesday |
| 2017-02-14/a> | Johannes Ullrich | Microsoft Patch Tuesday Delayed |
| 2017-02-04/a> | Xavier Mertens | Detecting Undisclosed Vulnerabilities with Security Tools & Features |
| 2017-01-10/a> | Johannes Ullrich | January 2017 Microsoft Patch Tuesday |
| 2016-09-13/a> | Rob VandenBrink | Microsoft Patch Tuesday Analysis |
| 2016-09-02/a> | Johannes Ullrich | Apple Patches "Trident" Vulnerabilities in OS X / Safari |
| 2016-07-12/a> | Johannes Ullrich | Microsoft Patch Tuesday Summary for July 2016 |
| 2016-02-09/a> | Johannes Ullrich | Microsoft February 2016 Patch Tuesday |
| 2016-01-12/a> | Alex Stanford | January 2016 Microsoft Patch Tuesday |
| 2015-12-08/a> | Johannes Ullrich | December 2015 Microsoft Patch Tuesday |
| 2015-11-10/a> | Johannes Ullrich | November 2015 Microsoft Patch Tuesday |
| 2015-10-13/a> | Alex Stanford | October 2015 Microsoft Patch Tuesday |
| 2015-09-08/a> | Johannes Ullrich | September 2015 Microsoft Patch Tuesday |
| 2015-08-11/a> | Manuel Humberto Santander Pelaez | August 2015 Microsoft Patch Tuesday |
| 2015-07-23/a> | Mark Hofman | Some more 0-days from ZDI |
| 2015-07-14/a> | Johannes Ullrich | July 2015 Microsoft Patch Tuesday |
| 2015-07-14/a> | Johannes Ullrich | Adobe Updates Flash Player, Shockwave and PDF Reader |
| 2015-06-09/a> | Johannes Ullrich | Microsoft Patch Tuesday Summary for June 2015 |
| 2015-05-12/a> | Johannes Ullrich | May 2015 Microsoft Patch Tuesday Summary |
| 2015-04-14/a> | Alex Stanford | Microsoft Patch Tuesday - April 2015 |
| 2015-03-10/a> | Johannes Ullrich | Microsoft March Patch Tuesday |
| 2015-02-13/a> | Johannes Ullrich | Microsoft February Patch Failures Continue: KB3023607 vs. Cisco AnyConnect Client |
| 2015-02-11/a> | Johannes Ullrich | Microsoft Hardens GPO by Fixing Two Serious Vulnerabilities. |
| 2015-02-10/a> | Mark Baggett | Microsoft Update Advisory for February 2015 |
| 2015-01-23/a> | Adrien de Beaupre | Infocon change to yellow for Adobe Flash issues |
| 2015-01-13/a> | Johannes Ullrich | Microsoft Patch Tuesday - January 2015 (Really? Telnet?) |
| 2014-12-09/a> | Alex Stanford | Microsoft Patch Tuesday - December 2014 |
| 2014-11-18/a> | Jim Clausing | Microsoft November out-of-cycle patch MS14-068 |
| 2014-11-11/a> | Johannes Ullrich | Microsoft November 2014 Patch Tuesday |
| 2014-11-11/a> | Johannes Ullrich | Adobe Flash Update |
| 2014-10-17/a> | Johannes Ullrich | Apple Updates (not just Yosemite) |
| 2014-10-14/a> | Johannes Ullrich | Adobe October 2014 Bulletins for Flash Player and Coldfusion |
| 2014-10-14/a> | Johannes Ullrich | Microsoft October 2014 Patch Tuesday |
| 2014-09-29/a> | Johannes Ullrich | Apple Released Update to Fix Shellshock Vulnerability http://support.apple.com/kb/DL1769 |
| 2014-09-09/a> | Alex Stanford | Microsoft Patch Tuesday - September 2014 |
| 2014-08-12/a> | Alex Stanford | Microsoft Patch Tuesday - August 2014 |
| 2014-07-15/a> | Daniel Wesemann | Oracle July 2014 CPU (patch bundle) |
| 2014-07-08/a> | Alex Stanford | Microsoft Patch Tuesday - July |
| 2014-07-01/a> | Johannes Ullrich | Apple Releases Patches for All Products |
| 2014-06-10/a> | Alex Stanford | Microsoft Patch Tuesday June 2014 |
| 2014-06-06/a> | Johannes Ullrich | Microsoft June Patch Tuesday Advance Notification |
| 2014-05-13/a> | Johannes Ullrich | Microsoft May 2014 Patch Tuesday |
| 2014-05-01/a> | Johannes Ullrich | Microsoft Announces Special Patch for IE 0-day (Win XP included!) |
| 2014-04-22/a> | Johannes Ullrich | Apple Patches for OS X, iOS and Apple TV. |
| 2014-04-16/a> | Johannes Ullrich | Oracle Critical Patch Update for April 2014 |
| 2014-04-08/a> | Richard Porter | April 2014 Microsoft Patches |
| 2014-03-21/a> | Johannes Ullrich | Cisco AsyncOS Patch |
| 2014-03-11/a> | Johannes Ullrich | Microsoft Patch Tuesday March 2014 |
| 2014-03-11/a> | Johannes Ullrich | Adobe Updates: Flash Player |
| 2014-03-08/a> | Guy Bruneau | Microsoft March Patch Pre-Announcement |
| 2014-02-25/a> | Alex Stanford | Apple releases OS X 10.9.2 patching SSL vulnerability and updates Safari |
| 2014-02-11/a> | Johannes Ullrich | February 2014 Microsoft Patch Tuesday |
| 2014-02-11/a> | Johannes Ullrich | Adobe February 2014 Patch Tuesday |
| 2014-02-07/a> | Johannes Ullrich | Microsoft Advance Notification for February 2014 |
| 2014-02-04/a> | Johannes Ullrich | Adobe Flash Player Emergency Patch |
| 2014-01-30/a> | Johannes Ullrich | Oracle Reports Vulnerability |
| 2014-01-14/a> | Johannes Ullrich | Microsoft Patch Tuesday January 2014 |
| 2014-01-14/a> | Johannes Ullrich | Adobe Patch Tuesday January 2014 |
| 2014-01-14/a> | Johannes Ullrich | Oracle Critical Patch Update January 2014 |
| 2014-01-10/a> | Basil Alawi S.Taher | Cisco Small Business Devices backdoor fix |
| 2014-01-09/a> | Johannes Ullrich | Microsoft Security Bulletin Advance Notification for January 2014 http://technet.microsoft.com/en-us/security/bulletin/ms14-jan |
| 2013-12-10/a> | Johannes Ullrich | Microsoft December Patch Tuesday |
| 2013-12-07/a> | Guy Bruneau | Microsoft December Patch Pre-Announcement |
| 2013-12-04/a> | Adrien de Beaupre | VMware Security Advisory VMSA-2013-0014 |
| 2013-11-12/a> | Johannes Ullrich | November 2013 Microsoft Patch Tuesday |
| 2013-11-08/a> | Johannes Ullrich | Microsoft Patch Tuesday Preview |
| 2013-11-01/a> | Russ McRee | Secunia's PSI Country Report - Q3 2013 |
| 2013-10-08/a> | Johannes Ullrich | Microsoft October 2013 Patch Tuesday |
| 2013-10-03/a> | Johannes Ullrich | October Patch Tuesday Preview (CVE-2013-3893 patch coming!) |
| 2013-09-11/a> | Johannes Ullrich | Reboot Wednesday: Yesterday's Patch Tuesday Aftermath |
| 2013-09-10/a> | Swa Frantzen | Adobe September 2013 Black Tuesday Overview |
| 2013-09-10/a> | Swa Frantzen | Microsoft September 2013 Black Tuesday Overview |
| 2013-09-10/a> | Swa Frantzen | Macs need to patch too! |
| 2013-09-07/a> | Guy Bruneau | Microsoft September Patch Pre-Announcement |
| 2013-08-19/a> | Johannes Ullrich | Microsoft re-releases MS13-066: https://technet.microsoft.com/security/bulletin/MS13-066 |
| 2013-08-15/a> | Johannes Ullrich | Microsoft Pulls MS013-061 due to problems with Exchange Server 2013 http://blogs.technet.com/b/exchange/archive/2013/08/14/exchange-2013-security-update-ms13-061-status-update.aspx |
| 2013-08-13/a> | Swa Frantzen | Microsoft August 2013 Black Tuesday Overview |
| 2013-08-13/a> | Swa Frantzen | Microsoft security advisories: RDP and MD5 deprecation in Microsoft root certificates |
| 2013-07-09/a> | Swa Frantzen | Microsoft July 2013 Black Tuesday Overview |
| 2013-07-09/a> | Swa Frantzen | Adobe July 2013 Black Tuesday Overview |
| 2013-07-06/a> | Guy Bruneau | Microsoft July Patch Pre-Announcement |
| 2013-06-26/a> | Adrien de Beaupre | Multiple Cisco security advisories |
| 2013-06-11/a> | Swa Frantzen | Microsoft June 2013 Black Tuesday Overview |
| 2013-06-11/a> | Swa Frantzen | Adobe June 2013 Black Tuesday Overview |
| 2013-06-11/a> | Swa Frantzen | vmware security advisory VMSA-2013-0008 |
| 2013-06-05/a> | Richard Porter | BIND 9 Update fixing CVE-2013-3919 |
| 2013-05-22/a> | Adrien de Beaupre | Privilege escalation, why should I care? |
| 2013-05-14/a> | Swa Frantzen | Microsoft May 2013 Black Tuesday Overview |
| 2013-05-14/a> | Swa Frantzen | Firefox & Thunderbird released |
| 2013-05-14/a> | Swa Frantzen | Adobe May 2013 Black Tuesday Overview |
| 2013-05-14/a> | Swa Frantzen | Microsoft Security Advisory 2846338 |
| 2013-04-09/a> | Swa Frantzen | Microsoft April 2013 Black Tuesday Overview |
| 2013-04-09/a> | Swa Frantzen | Adobe April 2013 Black Tuesday Overview |
| 2013-04-04/a> | Johannes Ullrich | Microsoft April Patch Tuesday Advance Notification |
| 2013-03-12/a> | Swa Frantzen | Microsoft March 2013 Black Tuesday Overview |
| 2013-03-12/a> | Swa Frantzen | Adobe March 2013 Black Tueday |
| 2013-02-27/a> | Adam Swanger | Adobe Flash Player Security Update - http://www.adobe.com/support/security/bulletins/apsb13-08.html |
| 2013-02-22/a> | Chris Mohan | VMware releases new and updated security advisories |
| 2013-02-14/a> | Adam Swanger | ISC Monthly Threat Update - February 2013 http://isc.sans.edu/podcastdetail.html?id=3121 |
| 2013-02-12/a> | Adam Swanger | Microsoft February 2013 Black Tuesday Update - Overview |
| 2013-02-12/a> | Swa Frantzen | Adobe Feb 2013 Black Tuesday patches |
| 2013-02-08/a> | Johannes Ullrich | Microsoft February Patch Tuesday Advance Notification |
| 2013-01-22/a> | Richard Porter | Using Metasploit for Patch Sanity Checks |
| 2013-01-14/a> | Richard Porter | January 2013 Microsoft Out of Cycle Patch |
| 2013-01-10/a> | Adam Swanger | ISC Monthly Threat Update New Format |
| 2013-01-09/a> | Rob VandenBrink | SQL Injection Flaw in Ruby on Rails |
| 2013-01-09/a> | Rob VandenBrink | Firefox and Thunderbird Updates |
| 2013-01-09/a> | Rob VandenBrink | Security Updates for Adobe Reader / Acrobat - http://www.adobe.com/support/security/bulletins/apsb13-02.html |
| 2013-01-08/a> | Richard Porter | Microsoft January 2013 Black Tuesday Update - Overview |
| 2013-01-08/a> | Richard Porter | Firefox 18 Released, Security Fixes http://www.mozilla.org/security/known-vulnerabilities/firefox.html |
| 2013-01-04/a> | Daniel Wesemann | Patch pre-notification from Adobe and Microsoft |
| 2012-12-11/a> | John Bambenek | Microsoft December 2012 Black Tuesday Update - Overview |
| 2012-11-13/a> | Jim Clausing | Microsoft November 2012 Black Tuesday Update - Overview |
| 2012-10-17/a> | Mark Hofman | Oracle Critical Patch Update October |
| 2012-10-09/a> | Johannes Ullrich | Adobe Flash Player update http://www.adobe.com/support/security/bulletins/apsb12-22.html |
| 2012-10-09/a> | Johannes Ullrich | Microsoft October 2012 Black Tuesday Update - Overview |
| 2012-10-04/a> | Johannes Ullrich | Microsoft October Patch Pre-Announcement |
| 2012-09-11/a> | Adam Swanger | Microsoft September 2012 Black Tuesday Update - Overview |
| 2012-08-14/a> | Rick Wanner | Microsoft August 2012 Black Tuesday Update - Overview |
| 2012-08-14/a> | Rick Wanner | Adobe Security Bulletins - http://blogs.adobe.com/psirt/2012/08/adobe-security-bulletins-posted-2.html |
| 2012-08-04/a> | Kevin Liston | Vendors: More Patch-Release Options Please |
| 2012-07-15/a> | Guy Bruneau | Oracle July 2012 Critical Patch Pre-Release Announcement |
| 2012-07-10/a> | Swa Frantzen | Microsoft July 2012 Black Tuesday Update - Overview |
| 2012-07-10/a> | Swa Frantzen | Microsoft revoking trust in Microsoft certificates - SA 2728973 |
| 2012-07-10/a> | Swa Frantzen | Microsoft fix-it to disable gadgets - SA 2719662 |
| 2012-07-05/a> | Adrien de Beaupre | Microsoft advanced notification for July 2012 patch Tuesday |
| 2012-06-22/a> | Kevin Liston | Updated Poll: Which Patch Delivery Schedule Works the Best for You? |
| 2012-06-12/a> | Swa Frantzen | Java 7u5 and 6u33 released |
| 2012-06-12/a> | Swa Frantzen | Adobe June 2012 Black Tuesday patches |
| 2012-06-12/a> | Swa Frantzen | Microsoft June 2012 Black Tuesday Update - Overview |
| 2012-06-11/a> | Johannes Ullrich | Microsoft Update Security |
| 2012-06-07/a> | Johannes Ullrich | Microsoft June Security Bulletin Advance Notification |
| 2012-05-23/a> | Mark Baggett | Problems with MS12-035 affecting XP, SBS and Windows 2003? |
| 2012-05-08/a> | Adam Swanger | Microsoft May 2012 Black Tuesday Update - Overview |
| 2012-04-15/a> | Rick Wanner | .Net update affects printing from some applications |
| 2012-04-13/a> | Daniel Wesemann | Oracle CPU Patches announced for Apr 17 |
| 2012-04-10/a> | Swa Frantzen | Microsoft April 2012 Black Tuesday Update - Overview |
| 2012-04-10/a> | Swa Frantzen | Adobe April 2012 Black Tuesday Update |
| 2012-04-06/a> | Johannes Ullrich | Another OS X Java Patch |
| 2012-04-06/a> | Johannes Ullrich | Microsoft April Patch Tuesday Pre-Announcement (6 Patches): http://technet.microsoft.com/en-us/security/bulletin/ms12-apr |
| 2012-04-06/a> | Johannes Ullrich | Adobe Patch Tuesday Prerelease (Reader/Acrobat) http://www.adobe.com/support/security/bulletins/apsb12-08.html |
| 2012-03-13/a> | Lenny Zeltser | March 2012 Microsoft Black Tuesday |
| 2012-03-12/a> | Johannes Ullrich | Apple Released Safari 5.1.4 |
| 2012-03-08/a> | Johannes Ullrich | Microsoft March Patch Tuesday Pre-Anouncement out. 6 patches, 1 critical: http://technet.microsoft.com/en-us/security/bulletin/ms12-mar |
| 2012-03-08/a> | Johannes Ullrich | Apple Patches |
| 2012-03-05/a> | Johannes Ullrich | Adobe Flash Player Security Update |
| 2012-02-16/a> | Tony Carothers | Java Update for February |
| 2012-02-14/a> | Johannes Ullrich | Adobe Shockwave Player and RoboHelp for Word Patches |
| 2012-02-14/a> | Johannes Ullrich | February 2012 Microsoft Black Tuesday |
| 2012-02-01/a> | Russ McRee | Oracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html |
| 2012-01-31/a> | Russ McRee | Firefox 10 and VMWare advisories and updates |
| 2012-01-18/a> | Richard Porter | Oracle Quarterly Released, http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html |
| 2012-01-10/a> | Adrien de Beaupre | January 2012 Microsoft Black Tuesday Summary |
| 2012-01-10/a> | Adrien de Beaupre | Adobe January 2012 Black Tuesday overview |
| 2012-01-06/a> | Guy Bruneau | January 2012 Patch Tuesday Pre-release |
| 2011-12-13/a> | Johannes Ullrich | December 2011 Microsoft Black Tuesday Summary |
| 2011-12-08/a> | Adrien de Beaupre | Microsoft Security Bulletin Advance Notification for December 2011 |
| 2011-11-08/a> | Swa Frantzen | Microsoft November 2011 Black Tuesday Overview |
| 2011-11-08/a> | Swa Frantzen | Abobe November 2011 Black Tuesday Overview |
| 2011-11-08/a> | Swa Frantzen | Apple Black Tuesday |
| 2011-11-03/a> | Guy Bruneau | November 2011 Patch Tuesday Pre-release |
| 2011-10-19/a> | Mark Hofman | Oracle Critical Patch Update |
| 2011-10-11/a> | Swa Frantzen | Microsoft Black Tuesday Overview October 2011 |
| 2011-10-11/a> | Swa Frantzen | Apple iTunes 10.5 |
| 2011-09-21/a> | Swa Frantzen | Emergency patch expected for Flash Player |
| 2011-09-13/a> | Swa Frantzen | Microsoft September 2011 Black Tuesday |
| 2011-09-13/a> | Swa Frantzen | Adobe September 2011 Black Tuesday overview |
| 2011-09-09/a> | Johannes Ullrich | Early Patch Tuesday Today: Microsoft September 2011 Patches |
| 2011-09-08/a> | Rob VandenBrink | Should We Still Test Patches? |
| 2011-09-08/a> | Mark Hofman | Microsoft has released their advanced notification for patch Tuesday. 15 Vulnerabilities to be addressed. more here --> http://blogs.technet.com/b/msrc/archive/2011/09/08/advanced-notification-for-the-september-2011-bulletin-release.aspx |
| 2011-08-31/a> | Johannes Ullrich | Firefox/Thunderbird 6.0.1 released to blocklist bad DigiNotar SSL certificates |
| 2011-08-30/a> | Johannes Ullrich | Apache patch out for "byte range" DoS vulnerability http://www.apache.org/dist/httpd/Announcement2.2.html |
| 2011-08-09/a> | Swa Frantzen | Microsoft August 2011 Black Tuesday Overview |
| 2011-08-09/a> | Swa Frantzen | Adobe August 2011 Black Tuesday Overview |
| 2011-08-05/a> | Johannes Ullrich | Microsoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx |
| 2011-07-12/a> | Swa Frantzen | Microsoft July 2011 Black Tuesday Overview |
| 2011-07-07/a> | Rob VandenBrink | "There's a Patch for that" (or maybe not) |
| 2011-07-06/a> | Rob VandenBrink | "Too Important to Patch" - Wait? What? |
| 2011-06-28/a> | Johannes Ullrich | Update: Google Chrome 12.0.742.112 released http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html |
| 2011-06-14/a> | Swa Frantzen | Adobe releases patches |
| 2011-06-14/a> | Swa Frantzen | Microsoft June 2011 Black Tuesday Overview |
| 2011-06-09/a> | Richard Porter | Chrome Version 12.0.742.91 Released |
| 2011-05-10/a> | Swa Frantzen | May 2011 Microsoft Black Tuesday Overview |
| 2011-05-06/a> | Richard Porter | Updated Exploit Index for Microsoft |
| 2011-04-11/a> | Jim Clausing | April 2011 Microsoft Black Tuesday Summary |
| 2011-04-08/a> | Johannes Ullrich | Dark Black Tuesday Coming Up: 17 Microsoft Bulletins |
| 2011-03-08/a> | Jim Clausing | March 2011 Microsoft Black Tuesday Summary |
| 2011-02-09/a> | Mark Hofman | Adobe Patches (shockwave, Flash, Reader & Coldfusion) |
| 2011-02-08/a> | Joel Esler | Feburary 2011 Microsoft Black Tuesday Summary |
| 2011-02-04/a> | Daniel Wesemann | Busy patch tuesday ahead |
| 2011-01-18/a> | Daniel Wesemann | Oracle Patches (Jan2011 CPU) |
| 2011-01-13/a> | Rob VandenBrink | Blackberry BES Server Updates for PDF Vulnerabilities |
| 2011-01-11/a> | Kevin Shortt | January 2011 Microsoft Black Tuesday Summary |
| 2011-01-08/a> | Guy Bruneau | January 2011 Patch Tuesday Pre-release |
| 2010-12-20/a> | Guy Bruneau | Patch Issues with Outlook 2007 |
| 2010-12-14/a> | Manuel Humberto Santander Pelaez | December 2010 Microsoft Black Tuesday Summary |
| 2010-12-10/a> | Mark Hofman | Microsoft patches |
| 2010-12-02/a> | Kevin Johnson | SQL Injection: Wordpress 3.0.2 released |
| 2010-12-02/a> | Kevin Johnson | ProFTPD distribution servers compromised |
| 2010-11-29/a> | Stephen Hall | Sun security updates |
| 2010-11-09/a> | Johannes Ullrich | November 2010 Microsoft Black Tuesday Summary |
| 2010-11-04/a> | Johannes Ullrich | Microsoft Patches Pre-Announcement |
| 2010-10-12/a> | Adrien de Beaupre | October 2010 Microsoft Black Tuesday Summary |
| 2010-10-08/a> | Rick Wanner | Patch Tuesday Pre-release -- 16 updates |
| 2010-09-30/a> | Pedro Bueno | MS OOB .NET patch is now also available via Windows Update. |
| 2010-09-28/a> | Daniel Wesemann | MS10-070 OOB Patch for ASP.NET vulnerability |
| 2010-09-27/a> | Adrien de Beaupre | MS OOB patch tomorrow for Security Advisory 2416728 |
| 2010-09-14/a> | Adrien de Beaupre | September 2010 Microsoft Black Tuesday Summary |
| 2010-08-29/a> | Swa Frantzen | DLL hijacking - what are you doing ? |
| 2010-08-10/a> | Jason Lam | Adobe critical security updates |
| 2010-08-10/a> | Jim Clausing | August 2010 Micrsoft Black Tuesday Summary |
| 2010-08-07/a> | Stephen Hall | Countdown to Tuesday... |
| 2010-08-02/a> | Johannes Ullrich | Microsoft Out-of-Band bulletin addresses LNK/Shortcut vulnerability |
| 2010-07-13/a> | Jim Clausing | July 2010 Microsoft Black Tuesday Summary |
| 2010-06-08/a> | Manuel Humberto Santander Pelaez | June 2010 Microsoft Black Tuesday Summary |
| 2010-06-03/a> | Guy Bruneau | Microsoft Patch Tuesday June 2010 Pre-Release |
| 2010-05-11/a> | Scott Fendley | May 2010 Microsoft Patches |
| 2010-05-08/a> | Guy Bruneau | Microsoft Patch Tuesday May 2010 Pre-Release |
| 2010-04-14/a> | Mark Hofman | Oracle has released 47 critical patches (Includes SUN patches) |
| 2010-04-14/a> | Mark Hofman | And let the patching games continue |
| 2010-04-13/a> | Johannes Ullrich | Microsoft April 2010 Patch Tuesday |
| 2010-04-08/a> | Guy Bruneau | Microsoft Patch Tuesday April 2010 Pre-Release |
| 2010-04-02/a> | Guy Bruneau | Oracle Java SE and Java for Business Critical Patch Update Advisory |
| 2010-03-29/a> | Adrien de Beaupre | OOB Update for Internet Explorer MS10-018 |
| 2010-03-29/a> | Pedro Bueno | Microsoft to release out-of-band security bulletin tomorrow for IE6/IE7 with cumulative fix. |
| 2010-03-09/a> | John Bambenek | March 2010 - Microsoft Patch Tuesday Diary |
| 2010-03-03/a> | Mark Hofman | MS10-015 re-released |
| 2010-02-17/a> | Rob VandenBrink | Multiple Security Updates for ESX 3.x and ESXi 3.x |
| 2010-02-11/a> | Johannes Ullrich | MS10-015 may cause Windows XP to blue screen |
| 2010-02-09/a> | Mark Hofman | Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html |
| 2010-02-09/a> | Johannes Ullrich | February 2010 Black Tuesday Overview |
| 2010-02-04/a> | Johannes Ullrich | Microsoft Patch Tuesday Pre-Release |
| 2010-01-21/a> | Chris Carboni | Security Update Available for Shockwave Player |
| 2010-01-21/a> | Chris Carboni | * Microsoft Out Of Band Patch Release |
| 2010-01-21/a> | Johannes Ullrich | Microsoft January Out of Band Patch |
| 2010-01-12/a> | Johannes Ullrich | Microsoft Security Bulletin: January 2010 |
| 2010-01-12/a> | Johannes Ullrich | Oracle Patches Relased |
| 2010-01-12/a> | Johannes Ullrich | Pre-Announced Adobe Reader and Acrobat Patch Found! |
| 2009-12-09/a> | Swa Frantzen | Adobe flash player and air patched |
| 2009-12-08/a> | Deborah Hale | December 2009 Black Tuesday Overview |
| 2009-12-03/a> | Mark Hofman | Apple released some Java updates today APPLE-SA-2009-12-03-1 & 2 (for 10.5 and 10.6). Fixes a number of security issues so updating is a good idea. |
| 2009-12-03/a> | Mark Hofman | Next week will be a big patch week - Adobe is also releasing patches "Adobe is planning to release an update for Adobe Flash Player 10.0.32.18 and earlier versions, and an update to Adobe AIR 1.5.2 and earlier versions, to resolve critical security issues |
| 2009-11-21/a> | Mark Hofman | VMware vCenter and ESX updates available http://lists.vmware.com/pipermail/security-announce/2009/000070.html |
| 2009-11-13/a> | Adrien de Beaupre | Conficker patch via email? |
| 2009-11-10/a> | Swa Frantzen | Microsoft November Black Tuesday Overview |
| 2009-10-28/a> | Johannes Ullrich | Firefox 3.5.4 released. Lots of security bug fixes. (thanks Gilbert!) |
| 2009-10-16/a> | Adrien de Beaupre | Disable MS09-054 patch, or Firefox Plugin? |
| 2009-10-13/a> | Johannes Ullrich | Microsoft October 2009 Black Tuesday Overview |
| 2009-10-13/a> | Daniel Wesemann | Adobe Reader and Acrobat - Black Tuesday continues |
| 2009-09-08/a> | Guy Bruneau | Microsoft September 2009 Black Tuesday Overview |
| 2009-08-19/a> | Daniel Wesemann | Checking your protection |
| 2009-08-11/a> | Swa Frantzen | Microsoft August 2009 Black Tuesday Overview |
| 2009-07-31/a> | Deborah Hale | The iPhone patch is out |
| 2009-07-30/a> | Mark Hofman | Happy patching day |
| 2009-07-28/a> | Adrien de Beaupre | MS released two OOB bulletins and an advisory |
| 2009-07-24/a> | Rick Wanner | Microsoft Out of Band Patch |
| 2009-07-14/a> | Swa Frantzen | Microsoft July Black Tuesday Overview |
| 2009-07-14/a> | Swa Frantzen | ISC DHCP client updated |
| 2009-07-14/a> | Swa Frantzen | Oracle Black Tuesday |
| 2009-07-02/a> | Daniel Wesemann | Time to update updating on PCs for 3rd party apps |
| 2009-07-02/a> | Daniel Wesemann | Unpatched Bloatware on new PCs |
| 2009-06-23/a> | Bojan Zdrnja | New Thunderbird out, patches couple of vulnerabilities |
| 2009-06-09/a> | Swa Frantzen | Microsoft June Black Tuesday Overview |
| 2009-06-09/a> | Swa Frantzen | Adobe June Black Tuesday upgrades |
| 2009-05-29/a> | Lorna Hutcheson | Blackberry Server Vulnerability |
| 2009-05-29/a> | Lorna Hutcheson | VMWare Patches Released |
| 2009-05-22/a> | Mark Hofman | Patching and Adobe |
| 2009-05-22/a> | Mark Hofman | Patching and Apple - Java issue |
| 2009-05-12/a> | Swa Frantzen | MSFT's version of responsible disclosure |
| 2009-05-12/a> | Swa Frantzen | May Black Tuesday Overview |
| 2009-05-12/a> | Swa Frantzen | Apple patches and updates |
| 2009-05-12/a> | Swa Frantzen | Adobe Acrobat (reader) patches released |
| 2009-04-14/a> | Swa Frantzen | April Black Tuesday Overview |
| 2009-04-14/a> | Swa Frantzen | Oracle quarterly patches |
| 2009-03-18/a> | Adrien de Beaupre | Adobe Security Bulletin Adobe Reader and Acrobat |
| 2009-03-10/a> | Swa Frantzen | March black Tuesday overview |
| 2009-03-10/a> | Swa Frantzen | Adobe Acrobat 9.1 released |
| 2009-02-25/a> | Andre Ludwig | Adobe flash player patch |
| 2009-02-25/a> | donald smith | AutoRun disabling patch released |
| 2009-02-10/a> | Swa Frantzen | February Black Tuesday Overview |
| 2009-02-06/a> | Adrien de Beaupre | Time to patch your HP printers |
| 2009-02-06/a> | Adrien de Beaupre | Other patches and updates du jour... |
| 2009-02-04/a> | Daniel Wesemann | Firefox 3.0.6 |
| 2009-02-03/a> | Swa Frantzen | On the importance of patching fast |
| 2009-01-31/a> | Swa Frantzen | VMware updates |
| 2009-01-13/a> | Johannes Ullrich | January Black Tuesday Overview |
| 2008-12-17/a> | donald smith | Opera 9.6.3 released with security fixes |
| 2008-12-17/a> | donald smith | Internet Explorer 960714 is released |
| 2008-12-16/a> | donald smith | Microsoft announces an out of band patch for IE zero day |
| 2008-12-09/a> | Swa Frantzen | December Black Tuesday Overview |
| 2008-11-11/a> | Swa Frantzen | November Black Tuesday Overview |
| 2008-10-23/a> | Mark Hofman | Microsoft out-of-band patch - Severity Critical |
| 2008-10-21/a> | Johannes Ullrich | Wireshark 1.0.4 released |
| 2008-10-14/a> | Swa Frantzen | October Black Tuesday Overview |
| 2008-10-14/a> | Swa Frantzen | Oracle quarterly patches on black tuesday |
| 2008-09-29/a> | Daniel Wesemann | Patchbag: WinZip / MPlayer / RealWin SCADA vuln |
| 2008-09-09/a> | Swa Frantzen | Google Chrome being polished |
| 2008-09-09/a> | Swa Frantzen | September 2008 Black Tuesday Overview |
| 2008-09-09/a> | Swa Frantzen | Apple updates iTunes+QuickTime |
| 2008-08-20/a> | Adrien de Beaupre | From the mailbag, Opera 9.52... |
| 2008-08-12/a> | Stephen Hall | August 2008 Black Tuesday Overview |
| 2008-08-01/a> | Swa Frantzen | Apple's Security Update 2008-005: DNS workaround finally included |
| 2008-07-30/a> | David Goldsmith | Serious 0-Day Flaw in Oracle -- Patch Released |
| 2008-07-16/a> | Maarten Van Horenbeeck | Firefox 2.0.0.16 fixes two security vulnerabilities |
| 2008-07-15/a> | Maarten Van Horenbeeck | Oracle (and BEA, Hyperion and TimesTen) critical patch update July 15th, 2008 |
| 2008-07-08/a> | Swa Frantzen | July 2008 black tuesday overview |
| 2008-06-10/a> | Swa Frantzen | June 2008 Black Tuesday Overview |
| 2008-05-13/a> | Swa Frantzen | May 2008 black tuesday overview |
| 2008-05-05/a> | John Bambenek | Defenses Against Automated Patch-Based Exploit Generation |
| 2008-04-18/a> | John Bambenek | The Patch Window is Gone: Automated Patch-Based Exploit Generation |
| 2008-04-09/a> | Joel Esler | ISC Podcast Episode Number 2 |
| 2008-04-08/a> | Swa Frantzen | April 2008 - Black Tuesday Overview |
| 2008-04-08/a> | Swa Frantzen | Notes file viewer vulnerabilities |
| 2008-03-11/a> | Swa Frantzen | March Black Tuesday Overview |
| 2008-02-12/a> | Swa Frantzen | February Black Tuesday Overview |
| 2008-01-08/a> | Swa Frantzen | January Black Tuesday overview |
| 2007-12-11/a> | Swa Frantzen | December black tuesday overview |
| 2007-11-13/a> | Swa Frantzen | november black tuesday overview |
| 2007-10-09/a> | Swa Frantzen | October Black Tuesday overview |
| 2007-09-11/a> | Swa Frantzen | September microsoft patch overview |
| 2007-08-14/a> | Swa Frantzen | August 'Black Tuesday' overview |
| 2007-07-10/a> | Swa Frantzen | July 'Black Tuesday' overview |
| 2007-06-12/a> | Johannes Ullrich | June 2007, Microsoft Patch Tuesday Overview. |
| 2007-05-08/a> | Swa Frantzen | May 2007, Black Tuesday patch overview |
| 2007-04-10/a> | Swa Frantzen | Microsoft black Tuesday patches - April 2007 |
| 2007-04-03/a> | Swa Frantzen | * Microsoft out of cycle patch |
| 2007-02-13/a> | Swa Frantzen | Microsoft Black Tuesday patches - February 2007 |
| 2007-01-09/a> | Swa Frantzen | Microsoft Patches - January 2007 - overview |
| 2006-12-12/a> | Swa Frantzen | Microsoft Black Tuesday - December 2006 overview |
| 2006-12-12/a> | Robert Danford | MS06-078: 2 Windows Media Format Vulnerabilities (CVE-2006-4702, CVE-2006-6134) |
| 2006-12-12/a> | Swa Frantzen | Offline Microsoft Patching |
| 2006-12-12/a> | Swa Frantzen | The missing Microsoft patches |
| 2006-11-14/a> | Swa Frantzen | Microsoft Black Tuesday Overview |
| 2006-10-09/a> | Swa Frantzen | Microsoft black tuesday - October 2006 STATUS |
| 2006-09-26/a> | Jim Clausing | MS06-049 re-release |
| 2006-09-12/a> | Swa Frantzen | Microsoft security patches for September 2006 |
| 2006-08-17/a> | Swa Frantzen | Microsoft August 2006 Patches: STATUS |
