Diaries by Keyword: monthly threat update

DateAuthorTitle

MONTHLY THREAT UPDATE

2013-01-09Johannes UllrichNew Format for Monthly Threat Update

MONTHLY

2013-02-14Adam SwangerISC Monthly Threat Update - February 2013 http://isc.sans.edu/podcastdetail.html?id=3121
2013-02-04Adam SwangerSAN Securing The Human Monthly Awareness Video - Advanced Persistent Threat (APT) http://www.securingthehuman.org/resources/ncsam
2013-01-10Adam SwangerISC Monthly Threat Update New Format
2013-01-09Johannes UllrichNew Format for Monthly Threat Update

THREAT

2014-02-19Russ McReeThreat modeling in the name of security
2013-02-14Adam SwangerISC Monthly Threat Update - February 2013 http://isc.sans.edu/podcastdetail.html?id=3121
2013-02-04Adam SwangerSAN Securing The Human Monthly Awareness Video - Advanced Persistent Threat (APT) http://www.securingthehuman.org/resources/ncsam
2013-01-10Adam SwangerISC Monthly Threat Update New Format
2013-01-09Johannes UllrichNew Format for Monthly Threat Update
2012-12-03John BambenekJohn McAfee Exposes His Location in Photo About His Being on Run
2012-11-29Kevin ShorttNew Apple Security Update: APPLE-SA-2012-11-29-1 Apple TV 5.1.1
2012-11-28Mark HofmanMcAfee releases extraDAT for W32/Autorun.worm.aaeb-h
2012-11-28Mark HofmanNew version of wireshark is available (1.8.4), some security fixes included.
2012-11-27Chris MohanCan users' phish emails be a security admin's catch of the day?
2012-11-26John BambenekOnline Shopping for the Holidays? Tips, News and a Fair Warning
2012-11-20John BambenekBehind the Random NTP Bizarreness of Incorrect Year Being Set
2012-11-20John BambenekFirefox v 17.0 just released, more here: http://www.mozilla.org/en-US/firefox/17.0/releasenotes/
2012-11-19John BambenekMoneyGram fined $100 million for aiding wire fraud - http://krebsonsecurity.com/2012/11/moneygram-fined-100-million-for-wire-fraud/
2012-11-19John BambenekNew Poll: Top 5 Unresolved Security Problems of 2012
2012-11-17Manuel Humberto Santander PelaezNew Sysinternal Updates: AdExplorer v1.44, Contig v1.7, Coreinfo v3.2, Procdump v5.1. See http://blogs.technet.com/b/sysinternals/archive/2012/11/16/updates-adexplorer-v1-44-contig-v1-7-coreinfo-v3-2-procdump-v5-1.aspx?Redirected=true
2012-11-12John BambenekRequest for info: Robocall Phishing Against Local/Regional Banks
2012-11-09Mark BaggettRemote Diagnostics with PSR
2012-11-09Mark BaggettFresh batch of Microsoft patches next week
2012-11-07Mark BaggettHelp eliminate unquoted path vulnerabilities
2012-11-07Mark BaggettMultiple 0-Days Reported!
2012-11-07Mark BaggettCisco TACACS+ Authentication Bypass
2012-11-05Johannes UllrichReminder: Ongoing SMTP Brute Forcing Attacks
2012-11-05Johannes UllrichPossible Fake-AV Ads from Doubleclick Servers
2012-11-04Lorna HutchesonWhat's important on your network?
2012-10-31Johannes UllrichCyber Security Awareness Month - Day 31 - Business Continuity and Disaster Recovery
2012-10-30Johannes UllrichHurricane Sandy Update
2012-10-30Richard PorterSplunk 5.0 SP-CAAAHB4 http://www.splunk.com/view/SP-CAAAHB4
2012-10-28Tony CarothersFirefox 16.02 Released
2012-10-26Russ McReeCyber Security Awareness Month - Day 26 - Attackers use trusted domain to propagate Citadel Zeus variant
2012-10-25Richard PorterCyber Security Awareness Month - Day 25 - Pro Audio & Video Packets on the Wire
2012-10-24Russ McReeOngoing Windstream outage in the midwest - https://twitter.com/search?q=windstream
2012-10-21Johannes UllrichCyber Security Awareness Month - Day 22: Connectors
2012-10-21Lorna HutchesonPotential Phish for Regular Webmail Accounts
2012-10-19Johannes UllrichCyber Security Awareness Month - Day 19: Standard log formats and CEE.
2012-10-18Rob VandenBrinkCyber Security Awareness Month - Day 18 - Vendor Standards: The vSphere Hardening Guide
2012-10-17Mark HofmanNew Acrobat release (including reader) available. Version 11. Some security improvements more here -->http://blogs.adobe.com/adobereader/
2012-10-16Richard PorterCyberAwareness Month - Day 15, Standards Body Soup (pt2), Same Soup Different Cook.
2012-10-16Johannes UllrichCyber Security Awareness Month - Day 16: W3C and HTML
2012-10-14Pedro BuenoCyber Security Awareness Month - Day 14 - Poor Man's File Analysis System - Part 1
2012-10-09Johannes UllrichMicrosoft October 2012 Black Tuesday Update - Overview
2012-10-07Tony CarothersCyber Security Awareness Month - Day 7 - Rollup Review of CSAM Week 1
2012-10-05Johannes UllrichCyber Security Awareness Month - Day 5: Standards Body Soup, So many Flavors in the bowl.
2012-10-05Richard PorterVMWare Security Advisory: VMSA-2012-0014 - http://www.vmware.com/security/advisories/VMSA-2012-0014.html
2012-10-05Richard PorterReports of a Distributed Injection Scan
2012-10-04Mark HofmanAnd the SHA-3 title goes to .....Keccak
2012-10-02Russ McReeCyber Security Awareness Month - Day 2 - PCI Security Standard: Mobile Payment Acceptance Security Guidelines
2012-10-01Johannes UllrichCyber Security Awareness Month
2012-09-28Joel EslerAdobe certification revocation for October 4th
2012-09-26Johannes UllrichSome Android phones can be reset to factory default by clicking on links
2012-09-26Johannes UllrichMore Java Woes
2012-09-21Johannes UllrichiOS 6 Security Roundup
2012-09-20Russ McReeApple and Cisco Security Advisories 19 SEP 2012
2012-09-20Russ McReeFinancial sector advisory: attacks and threats against financial institutions
2012-09-20Russ McReeFlash Player update but no announcement, check your version http://www.adobe.com/software/flash/about/
2012-09-19Russ McReeScript kiddie scavenging with Shellbot.S
2012-09-17Rob VandenBrinkWhat's on your iPad?
2012-09-14Lenny ZeltserScam Report - Fake Voice Mail Email Notification Redirects to Malicious Site
2012-09-13Mark BaggettTCP Fuzzing with Scapy
2012-09-13Mark BaggettMicrosoft disrupts traffic associated with the Nitol botnet
2012-09-13Mark BaggettMore SSL trouble
2012-09-10Johannes UllrichMicrosoft Patch Tuesday Pre-Release
2012-09-10Johannes UllrichGodaddy DDoS Attack
2012-09-10donald smithBlue Toad publishing co compromise lead to UDID release. http://redtape.nbcnews.com/_news/2012/09/10/13781440-exclusive-the-real-source-of-apple-device-ids-leaked-by-anonymous-last-week?lite
2012-09-06Johannes UllrichSSL Requests sent to port 80 (request for help/input)
2012-09-04Johannes UllrichAnother round of "Spot the Exploit E-Mail"
2012-09-02Lorna HutchesonDemonstrating the value of your Intrusion Detection Program and Analysts
2012-09-01Russ McReeBlackhole targeting Java vulnerability via fake Microsoft Services Agreement email phish
2012-08-31Russ McReeNot so fast: Java 7 Update 7 critical vulnerability discovered in less than 24 hours
2012-08-30Johannes UllrichEditorial: The Slumlord Approach to Network Security http://isc.sans.edu/j/editorial
2012-08-29Johannes Ullrich"Data" URLs used for in-URL phishing
2012-08-27Johannes UllrichThe Good, Bad and Ugly about Assigning IPv6 Addresses
2012-08-27Johannes UllrichMalware Spam harvesting Facebook Information
2012-08-26Lorna HutchesonWho ya gonna contact?
2012-08-22Adrien de BeaupreApple Remote Desktop update fixes no encryption issue
2012-08-22Adrien de BeauprePhishing/spam via SMS
2012-08-21Adrien de BeaupreYYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
2012-08-21Adrien de BeaupreRuggedCom fails key management 101 on Rugged Operating System (ROS)
2012-08-20Manuel Humberto Santander PelaezDo we need test procedures in our companies before implementing Antivirus signatures?
2012-08-19Manuel Humberto Santander PelaezAuthentication Issues between entities during protocol message exchange in SCADA Systems
2012-08-12Tony CarothersLayers of the Defense-in-Depth Onion
2012-08-12Tony CarothersOracle Security Alert for CVE-2012-3132
2012-08-09Mark HofmanZeus/Citadel variant causing issues in the Netherlands
2012-08-09Mark HofmanSQL Injection Lilupophilupop style, Part 2
2012-08-07Adrien de BeaupreWho protects small business?
2012-08-04Kevin ListonVendors: More Patch-Release Options Please
2012-07-27Daniel WesemannCuckoo 0.4 is out - cool new features for malware analysis http://www.cuckoosandbox.org/
2012-07-24Richard PorterWireshark 1.8.1 Released http://www.wireshark.org/
2012-07-24Richard PorterReport of spike in DNS Queries gd21.net
2012-07-20Mark BaggettSyria Internet connection cut?
2012-07-19Mark BaggettDiagnosing Malware with Resource Monitor
2012-07-19Mark BaggettA Heap of Overflows?
2012-07-16Richard PorterSysinternals Update @ http://blogs.technet.com/b/sysinternals/archive/2012/07/16/updates-handle-v3-5-process-explorer-v15-22-process-monitor-v3-03-rammap-v1-21-zoomit-v4-3.aspx
2012-07-13Richard PorterYesterday (not as on the ball as Rob) at SANSFire
2012-07-13Russ McRee2 for 1: SANSFIRE & MSRA presentations
2012-07-13Russ McReeVMWare Security Advisory 12 JUL 2012
2012-07-13Russ McReeYahoo service SQL injection vuln leads to account exposure
2012-07-12Rick WannerCisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms
2012-07-12Rick WannerCisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs
2012-07-12Rick WannerCisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts
2012-07-12Rick WannerCisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman
2012-07-09Manuel Humberto Santander PelaezInternet Storm Center panel tonight at SANSFIRE 2012!
2012-07-09Johannes UllrichThe FBI will turn off the Internet on Monday (or not)
2012-07-05Adrien de BeaupreNew OS X trojan backdoor MaControl variant reported
2012-07-02Joel EslerA rough guide to keeping your website up
2012-07-02Joel EslerLinux & Java leap second bug
2012-06-29Jim ClausingUpdated SysInternals tools - Autoruns, Process Explorer, Process Monitor, PSKill -- http://blogs.technet.com/b/sysinternals/archive/2012/06/28/updates-autoruns-v11-32-process-explorer-v15-21-process-monitor-v3-02-pskill-v1-15-rammap-v1-2.aspx
2012-06-28Chris MohanMassive spike in BGP traffic - Possible BGP poisoning?
2012-06-21Russ McReeAnalysis of drive-by attack sample set
2012-06-21Russ McReeWireshark 1.8.0 released 21 JUN 2012 http://www.wireshark.org/download.html
2012-06-19Daniel Wesemann Vulnerabilityqueerprocessbrittleness
2011-11-19Pedro BuenoDragon Research Group (DRG) announced the white paper entitled "VNC: Threats and Countermeasures" : https://dragonresearchgroup.org/insight/vnc-tac.html
2011-04-26John BambenekIs the Insider Threat Really Over?
2010-07-07Kevin ShorttFacebook, Facebook, What Do YOU See?
2010-05-22Rick WannerSANS 2010 Digital Forensics Summit - APT Based Forensic Challenge
2009-11-05Swa FrantzenInsider threat: The snapnames case
2009-09-27Stephen HallUse Emerging Threats signatures? READ THIS!
2009-09-20Mari NicholsInsider Threat and Security Awareness
2009-01-25Rick WannerTwam?? Twammers?
2008-12-25Maarten Van HorenbeeckChristmas Ecard Malware
2008-11-25Andre LudwigThe beginnings of a collaborative approach to IDS
2008-06-02Jim ClausingEmergingthreats.net and ThePlanet

UPDATE

2014-04-24Rob VandenBrinkApple IOS updates to 7.1.1, OSX Security update 2014-002, Airport Updates - http://support.apple.com/kb/HT1222, http://support.apple.com/kb/HT6208, http://support.apple.com/kb/HT6207, http://support.apple.com/kb/HT6203
2014-04-12Guy BruneauCritical Security Update for JetPack WordPress Plugin. Bug has existed since Jetpack 1.9, released in October 2012. - http://jetpack.me/2014/04/10/jetpack-security-update/
2014-04-02Kevin ShorttApple Security Update for Safari 6.1.3/7.0.3: http://support.apple.com/kb/HT6181
2014-03-06Mark BaggettPort 5000 traffic and snort signature
2014-02-14Chris MohanSYM14-004 Symantec Endpoint Protection Management Vulnerabilities - http://www.symantec.com/business/support/index?page=content&id=TECH214866
2013-12-18Adrien de BeaupreWireshark 1.10.4 and 1.8.12 are available
2013-12-17Adrien de BeaupreApple security updates Mac OS X and Safari
2013-10-17Adrien de BeaupreChrome updated http://googlechromereleases.blogspot.ca/2013/10/stable-channel-update_15.html
2013-10-15Rob VandenBrinkJava Quarterly Updates
2013-07-28Guy BruneauWireshark 1.8.9 and 1.10.1 Security Update
2013-07-03Kevin ShorttApple Security Update 2013-003
2013-06-05Richard PorterWindows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx
2013-05-22Adrien de BeaupreApple QuickTime 7.7.4 for Windows updated, MANY security vulnerabilities: http://support.apple.com/kb/HT1222
2013-05-22Adrien de BeaupreChrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame
2013-04-19Russ McReeJava 8 release schedule delayed for renewed focus on security
2013-04-03Mark HofmanFirefox 20 and Thunderbird 17.0.5 updates
2013-03-07Guy BruneauWireshark Security Updates
2013-02-27Adam SwangerAdobe Flash Player Security Update - http://www.adobe.com/support/security/bulletins/apsb13-08.html
2013-02-22Chris MohanPHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php
2013-02-22Chris MohanChrome 25.0.1364.87 addresses multiple vulnerabilities http://googlechromereleases.blogspot.com.au/2013/02/stable-channel-update_21.html
2013-02-12Adam SwangerMicrosoft February 2013 Black Tuesday Update - Overview
2013-02-01Jim ClausingOracle quitely releases Java 7u13 early
2013-01-17Russ McReePHP 5.4.11 and PHP 5.3.21 released
2013-01-09Rob VandenBrinkSQL Injection Flaw in Ruby on Rails
2013-01-09Rob VandenBrinkFirefox and Thunderbird Updates
2013-01-09Rob VandenBrinkSecurity Updates for Adobe Flash - http://www.adobe.com/support/security/bulletins/apsb13-01.html
2013-01-09Johannes UllrichNew Format for Monthly Threat Update
2013-01-08Richard PorterFirefox 18 Released, Security Fixes http://www.mozilla.org/security/known-vulnerabilities/firefox.html
2012-12-11John BambenekMicrosoft December 2012 Black Tuesday Update - Overview
2012-11-13Jim ClausingMicrosoft November 2012 Black Tuesday Update - Overview
2012-10-28Tony CarothersFirefox 16.02 Released
2012-09-21Guy BruneauUpdate for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)
2012-09-20Russ McReeApple and Cisco Security Advisories 19 SEP 2012
2012-08-22Adrien de BeaupreApple Remote Desktop update fixes no encryption issue
2012-08-21Adrien de BeaupreYYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
2012-08-15Guy BruneauWireshark Security Update
2012-08-02Guy BruneauOpera Security Update
2012-07-18Rob VandenBrinkSnort Updated today
2012-06-25Guy BruneauIssues with Windows Update Agent
2012-06-20Raul SilesFirefox 13.0.1 Update
2012-06-06Jim ClausingFirefox, Thunderbird, and Seamonkey Security Updates
2012-05-04Guy BruneauAdobe Security Flash Update
2012-03-06Mark HofmanWebsense posted a small article relating to mass injection into wordpress sites (thanks Chris) More info Here --> http://community.websense.com/blogs/securitylabs/archive/2012/03/05/mass-injection-of-wordpress-sites.aspx
2012-02-04Scott FendleyApple Security Advisory 2012-001 v1.1
2011-11-02Russ McReeWireshark updates: 1.6.3 and 1.4.10 released
2011-10-22Guy BruneauOracle Java SE Critical Patch Update
2011-10-01Mark HofmanHot on the heels fo FF, Thunderbird v 7.0.1 and SeaMonkey v 2.4.1 have been updated.
2011-09-18Guy BruneauGoogle Chrome Security Updates
2011-09-06Guy BruneauFirefox 6.0.2 released to removed trust to DigiNotar certificate authority http://www.mozilla.org/en-US/firefox/6.0.2/releasenotes/
2011-09-05Raul SilesJava 7 Officially Released
2011-07-15Deborah HaleApple Software Updates
2011-06-28Johannes UllrichUpdate: Thunderbird 5.0 released. https://www.mozilla.org/en-US/thunderbird/
2011-06-23Jim ClausingApple Security Updates 2011-004
2011-06-09Richard PorterChrome Version 12.0.742.91 Released
2011-06-01Adrien de BeaupreWireshark 1.4.7 and 1.2.17 Released - http://www.wireshark.org/news/20110531.html
2011-05-20Guy BruneauSysinternals Updates, Analyzing Stuxnet Infection with Sysinternals Tools Part 3
2011-05-16Jason LamFirefox 3.5 forced upgrade coming soon
2011-05-04Richard PorterMicrosoft Sysinterals Update
2011-05-01Deborah HaleJava 6.25 Is Now Available
2011-04-14Adrien de BeaupreSysinternals updates, a new blog post, and webcast
2011-03-21Kevin ShorttAPPLE-SA-2011-03-21-1 Mac OS X v10.6.7 and Security Update 2011-001
2011-03-09Chris MohanPossible Issue with Forefront Update KB2508823
2011-03-02Chris Mohan
2011-02-21Adrien de BeaupreKaspersky update servers unreachable
2011-01-27Chris CarboniOpera Updates
2010-12-03Mark HofmanAVG Update Bricking windows 7 64 bit
2010-11-30Joel EslerVMWare Security Advisory
2010-11-16Guy BruneauMac OS X Server v10.6.5 (10H575) Security Update: http://support.apple.com/kb/HT4452
2010-08-25Pedro BuenoAdobe released security update for Shockwave player that fix several CVEs: APSB1020
2010-08-19Rob VandenBrinkDon points us to multiple Adobe updates (Reader and Acrobat 9.3.4 among them) ==> http://www.adobe.com/support/downloads/new.jsp
2010-08-10Jason LamAdobe critical security updates
2010-08-10Daniel WesemannNew Apple security updates for iPad/Pod/Phone. See http://support.apple.com/kb/ht1222
2010-07-21Adrien de BeaupreUpdate on .LNK vulnerability
2010-06-29donald smithAdobe Reader 9.3.3/8.2.3 addressing CVE-2010-1297
2010-05-12Rob VandenBrinkAdobe Shockwave Update
2010-04-13Adrien de BeaupreSecurity update available for Adobe Reader and Acrobat
2010-04-02Guy BruneauFoxit Reader Security Update
2010-03-29Adrien de BeaupreOOB Update for Internet Explorer MS10-018
2010-03-29Adrien de BeaupreAPPLE-SA-2010-03-29-1 Security Update 2010-002 / Mac OS X v10.6.3
2010-03-22Guy BruneauNew Opera 10.51 available with security fixes. More information available at: http://www.opera.com/docs/changelogs/windows/1051/
2010-03-12Mark HofmanFirefox 3.6 is being pushed out to users. http://www.mozilla.com/en-US/firefox/3.6/releasenotes/
2010-03-11Mark HofmanA new version of Safari is out. Looks like for Mac and Windows. Plenty of security fixes (mostly for Windows Safari users http://support.apple.com/kb/HT4070 )
2010-03-10Rob VandenBrinkMicrosoft re-release of KB973811 - attacks on Extended Protection for Authentication
2010-03-08Raul SilesMicrosoft announced two important bulletins (fixing multiple vulns. affecting Windows and Office) for tomorrow: http://www.microsoft.com/technet/security/Bulletin/MS10-mar.mspx
2010-03-01Mark HofmanMicrosoft will drop support for Vista (without any Service Packs) on April 13 and support for XP SP2 ends July 13. (i.e. no more security updates). If you are still running these, it it time to update.
2010-02-27Guy BruneauPHP 5.2.13 Security Update
2010-02-11Deborah HaleThe Mysterious Blue Screen
2010-01-06Guy BruneauFirefox security and stability update for version 3.5.7 and 3.0.17 available for download
2009-12-16Rob VandenBrinkSeamonkey Update to 2.0.1, find the release notes here ==> http://www.seamonkey-project.org/releases/seamonkey2.0.1
2009-12-03Mark HofmanApple released some Java updates today APPLE-SA-2009-12-03-1 & 2 (for 10.5 and 10.6). Fixes a number of security issues so updating is a good idea.
2009-12-02Rob VandenBrinkMicrosoft Black Screen of Death - Fact of Fiction?
2009-11-25Jim ClausingTool updates
2009-11-25Jim ClausingMicrosoft Updates requiring reboot
2009-11-11Rob VandenBrinkApple Safari 4.0.4 Released
2009-11-09Guy BruneauApple Security Update 2009-006 for Mac OS X v10.6.2
2009-11-06Mark HofmanA new version of Firefox (3.5.5) just became available. According to the release notes they are stability improvements.
2009-10-22Adrien de BeaupreSysinternals updates: Disk2vhd v1.1, ZoomIt v4.1, Coreinfo v2.0, VMMap v2.4
2009-09-24Jim ClausingA couple more tools
2009-09-04Adrien de BeaupreSeaMonkey Security Update
2009-08-05donald smithSecurity Update 2009-003 / Mac OS X v10.5.8
2009-08-04donald smithJava Security Update
2009-07-18Patrick NolanChrome update contains Security fixes
2009-06-10Swa FrantzenJava 6 update 14 released
2009-06-02Deborah HaleAnother Quicktime Update
2009-05-26Jason LamVista & Win2K8 SP2 available
2009-02-10Swa FrantzenJava up to date ?
2008-11-29Pedro BuenoUbuntu users: Time to update!
2008-11-13Jim ClausingSome recently updated tools
2008-10-10Marcus SachsFake Microsoft Update Email
2008-09-10Adrien de BeaupreApple updates iPod Touch + Bonjour for Windows
2008-07-11Jim ClausingUpdates to some of our favorite tools
2008-04-20Joel EslerSoftware Update -- Did Apple Do Enough?
2008-03-20Joel EslerAPPLE-SA-2008-03-19 AirPort Extreme Base Station Firmware 7.3.1
2008-03-20Joel EslerPotential Vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8?