ISC StormCast for Wednesday, November 26th 2014

By Johannes Ullrich Adobe OOB Patch; Using OSSEC to Assess New Hosts; Detekt: More harm then good? Site Security Seels Worth it?
Using OSSEC to Automatically Scan New Hosts
https://isc.sans.edu/forums/diary/Guest+diary+Detecting+Suspicious+Devices+On-The-Fly/18993
Out of Band Update for Flash
http://helpx.adobe.com/security/products/flash-player/apsb14-26.html
How USeless are “Security Seals” ?
http://securitee.org/files/seals_ccs2014.pdf
Why you should not run Detekt
http://itsecurityguru.org/gurus/probably-shouldnt-use-detekt/#.VHM-fTSsUbs
https://blog.gdatasoftware.com/blog/article/update-the-tool-detekt-what-you-should-know-about-it.html
Basic Web Application Vulnerabilty in AT&T U-Verse VAP2500
http://goto.fail/blog/2014/11/25/at-and-t-u-verse-vap2500-the-passwords-they-do-nothing/ More Here      

ISC StormCast for Tuesday, November 25th 2014

By Johannes Ullrich Craigslist Outage due to DNS Registrar Compromise
http://blog.craigslist.org/2014/11/24/craigslist-dns-outage/
Vulnerablity in less
http://seclists.org/fulldisclosure/2014/Nov/74
Regin state sponsored malware disection
http://securelist.com/blog/research/67741/regin-nation-state-ownage-of-gsm-networks/
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf More Here      

ISC StormCast for Monday, November 24th 2014

By Johannes Ullrich Sprear Phishing Works Well! Hikvision: Broken and Dangerous DVRs don’t keep you safe; MSFT and Sandwort: Missed Chances; Paypal patches slowly
1 out of 5 spear phishing emails successful
https://deepsec.net/speaker.html#PSLOT157
Multiple remote vulnerabilities in Hikvision DVRs
https://community.rapid7.com/community/metasploit/blog/2014/11/19/r7-2014-18-hikvision-dvr-devices–multiple-vulnerabilities
MSFT Overlooked “Sandworm” vulnerability in earlier patches
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/SandWorm-s-target-A-patch-history-of-Object-Packager/ba-p/6675618#.VHJ8QIsXkzB
PayPal Takes 18 Months to Fix Arbitrary Code Execution Flaw
http://vulnerability-lab.com/get_content.php?id=936
ICMP Redirect Attacks Documented in the Wild
http://blog.zimperium.com/doubledirect-zimperium-discovers-full-duplex-icmp-redirect-attacks-in-the-wild/
More Here      

ISC StormCast for Friday, November 21st 2014

By Johannes Ullrich Critical WordPress Update fixes XSS
https://isc.sans.edu/forums/diary/Critical+WordPress+XSS+Update/18977
Google Releases Web Application Scanner “Firing Range”
https://isc.sans.edu/forums/diary/Google+Web+Firing+Range+Available/18975
Detekt Scanner Focusing on State Surveillance Malware
https://www.eff.org/deeplinks/2014/11/detekt-new-malware-detection-tool-can-expose-illegitimate-state-surveillance
PHP Backdoor Included in Templates/Themese for various Content Management Systems
https://foxitsecurity.files.wordpress.com/2014/11/cryptophp-whitepaper-foxsrt-v4.pdf
jQuery CAPTCHA XSS Flaw PAtched
http://sijmen.ruwhof.net/weblog/256-cross-site-scripting-in-millions-of-web-sites#more-256 More Here      

ISC StormCast for Thursday, November 20th 2014

By Johannes Ullrich NoSQL and Big Data Needs Security Too; Phone Typo Squatting; “NotCompatible” Botnet learning new proxy tricks
NoSQL Big Data Security
https://isc.sans.edu/forums/diary/+Big+Data+Needs+a+Trip+to+the+Security+Chiropracter+/18971
Phone Typo Squatting
http://www.theregister.co.uk/2014/11/19/lamer_scammers_mimick_phone_numbers_to_fleece_the_fat_fingered/
“NotCompatible” Botnet new and improved
https://blog.lookout.com/blog/2014/11/19/notcompatible/ More Here