ISC StormCast for Thursday, May 21st 2015

By Johannes Ullrich Exploit Kit Delivers Necurs
https://isc.sans.edu/forums/diary/Exploit+kits+delivering+Necurs/19719/
Latest eFax Malspam
https://isc.sans.edu/forums/diary/UpatreDyre+malspam+Subject+eFax+message+from+unknown/19713/
Trojaned Version of PuTTY SSH Client
http://www.symantec.com/connect/blogs/check-your-sources-trojanized-open-source-ssh-software-used-steal-information
Electronic Billboard Hacking
http://www.wsbtv.com/news/news/local/fbi-investigating-after-pornographic-image-appears/nmGJr/ More Here      

ISC StormCast for Wednesday, May 20th 2015

By Johannes Ullrich False Positive: DNS Queries for settings-win.data.microsoft.com
https://isc.sans.edu/forums/diary/False+Positive+settingswindatamicrosoftcom+resolving+to+Microsoft+Blackhole+IP/19711/
IoT Roundup: Apple Watch Patches and Honeypot Summary
https://isc.sans.edu/forums/diary/IoT+roundup+Apple+Watch+Patches+Router+Vulnerabilities/19709/
iOS 8.3 Security Guide
https://www.apple.com/business/docs/iOS_Security_Guide.pdf
Logjam SSL Vulnerability
https://weakdh.org More Here      

ISC StormCast for Tuesday, May 19th 2015

By Johannes Ullrich Safari URL Bar Spoofing Vulnerability
https://isc.sans.edu/forums/diary/Address+spoofing+vulnerability+in+Safari+Web+Browser/19705/
Social Engineering Used to Compromise Oil Companies
http://www.pandasecurity.com/mediacenter/src/uploads/2015/05/oil-tanker-en.pdf
ProFTP Vulnerability Exploited
http://bugs.proftpd.org/show_bug.cgi?id=4169
USIS Breached via SAP Vulnerability
http://seclists.org/fulldisclosure/2015/May/64
IEEE Releases Guidelines to Build Security Code for Medical Devices
http://cybersecurity.ieee.org/images/files/images/pdf/building-code-for-medica-device-software-security.pdf
SANS Web Application Security Checklist
https://www.sans.org/security-resources/posters/securing-web-application-technologies-swat-2014-60 More Here