ISC StormCast for Friday, October 24th 2014

By Johannes Ullrich VMWare Patches; NIST Hypervisor Deployment Advice; Adobe eReader Now Spying over SSL; Samsung KNOX not that secure; Cryptowall
VMware Updates
NIST Publication 800-125A : Deploying Hypervisors
Adobe eReader now using SSL to phone home
Analysis of Samsung KNOX
Cryptowall coming back via paid-for ads More Here      

ISC StormCast for Thursday, October 23rd 2014

By Johannes Ullrich 2001 vulnerability found in 2013 Cisco product; Dangers of NAT-PMP; iOS 8.1 Jailbreak; Ruxcon; 911 outage lessons;
Telnetd Vulnerability in Cisco Ironport WSA
Miconsconfigured Routers Allow Config Changes via NAT-PMP
Jailbreak for iOS 8.1
Ruxcon Slides / Intercepting Pager Data
April 911 Outages Affected 3.5 % of US Population More Here      

ISC StormCast for Wednesday, October 22nd 2014

By Johannes Ullrich #MSFT releases special security advisory; #NCSAM false positives in pentest reports; Palo Alto Leaks Credentials; UEFI Vulnerabilities
Microsoft Releases Special Security Advisory for new OLE Vulnerability
False Positives in Pentest Reports
Misconfigured Palo Alto Firewalls Leak Credentials
UEFI Vulnerability exploitable for Windows 8 More Here      

ISC StormCast for Tuesday, October 21st 2014

By Johannes Ullrich #Apple iOS Security Updates; #MSFT pulls SHA-2 patch from October Updates; China intercepts iCloud; US Gov Pushes Chip&Pin; PHP Patch
Apple iOS 8.1 and Apple TV 7.0.1
Microsoft Pulls Windows 7 SHA-2 Update
iCloud SSL Traffic Intercepted in China using self signed certificates
US Government to Require Chip-and-Pin for Federal Payments
PHP Update Released More Here      

ISC StormCast for Friday, October 17th 2014

By Johannes Ullrich Mobbing up bad SSL Configs and Attacks with Logging; Ebola: Infecting More PCs then Humans? Oracle Forms 10g Remote Exec & Java Patches.
Logging SSL Parameters
US-Cert warns of Ebola Malware
Oracle Forms 10g Arbitrary Remote Code Execution More Here      

ISC StormCast for Thursday, October 16th 2014

By Johannes Ullrich POODLE Update (wrap up?) (webcast archive)
Weak Random Number Generators in Bitcoin Wallets Used to Steal Bitcoins
OS X Leaves Indexes With Private Data on USB Drives
Drupal Fixes SQL Injection Vulnerability More Here      

ISC StormCast for Wednesday, October 15th 2014

By Johannes Ullrich SSLv3 POODLE Vulnerability
Test your client:
Google Announcement:
MSFT Announcement:
Microsoft Patch Tuesday:
Today’s podcast is somewhat rushed due to the plethora of topics. We will have a special webcast tomorrow, likely around noon / early afternoon ET to discuss POODLE. More Here      

ISC StormCast for Tuesday, October 14th 2014

By Johannes Ullrich Some Beacons are False Beacons; Cyanogenmod open to MitM SSL Attack; Snapchat: Still not as ephemeral as you may think;
CSAM: Be Wary of False Beacons
Cyanogenmod vulnerable to SSL MitM Attack
Decrypting Snapchat Images
More Here      

ISC StormCast for Monday, October 13th 2014

By Johannes Ullrich Is it a phish or just a badly done breach notification? Dairy Queen/KMart: Next in line for PoS compromises; HP signs malware; Snapchat image archive leaked;
NCSAM: When Breach Notifications Look Worse then some Phishing Emails.
Dairy Queen Breached
(and KMart..)
HP Signs Malware with Valid Certificate
Snpchat Image Archive Surfces More Here