ISC StormCast for Thursday, July 24th 2014

By Johannes Ullrich Help us monitor #ssh brute forcing; Apple explains mystery daemons; Malware Hiding in Registry; Tor & Tails: Not so anonymous
New ISC Feature: SSH Passwords
Apple Documents “Mystery” Services
Malware Stores Itself in Registry Value
Tor Vulnerabilities
Tails Vulnerabilities More Here    

ISC StormCast for Wednesday, July 23rd 2014

By Johannes Ullrich Host Names with many Labels Used for Magnitude Exploit Kit
FoxIt Mobile Beacons Back to Advertiser
Password Brute Forcing Against WordPress Uses XMLRPC Functions
Firefox 31 Released
Android Voice Commands Can be Used to Escalate Privileges
More Here    

ISC StormCast for Tuesday, July 22nd 2014

By Johannes Ullrich Hidden #iOS daemons log packets and provide access. But for whom? Surprise: #POS Device sold on #eBay comes with SSNs. #Tesla hacked. More browser FP techniques.
iOS Back Doors Identified
POS Devices Sold on EBay Contain Confidential Information
Tesla Car Hacked at Syscan
Browser Canvas Fingerprinting More Here    

ISC StormCast for Monday, July 21st 2014

By Johannes Ullrich Are SOHO Routers SOHOplessly Broken? Google how to use crossdomain.xml files to avoid what happened with BING.

Keeping the RATs out: Part 3
SOHOPlessly Broken Challenge to Find Router Backdoors
Siemens ICS Suffer from Various SSL Bugs
Open CrossDomain.XML file on Bing allows for CSRF More Here    

ISC StormCast for Friday, July 18th 2014

By Johannes Ullrich Cisco Cable Modem Remote Code Execution Vulnerability
IPTables Backdoor
SONY Forgets to Pay for Domain Name
Apache mod_status Remote Code Execution Vulnerability
Google Releases New Version of Chrome and Fixes URL Spoofing Bug More Here    

ISC StormCast for Thursday, July 17th 2014

By Johannes Ullrich #LibreSSL: Free but not Safe? #MSFT: Use less passwords! Having fund with #IOCs and IOCe.
Deriving IOCs Using Mandiant’s IOCe tool
Libre SSL Vulnerabilities on Linux
CNet Breached and User Database as well as Source Code Leaked
Microsoft Asks Us to Rethink Password Policies
More Here    

ISC StormCast for Wednesday, July 16th 2014

By Johannes Ullrich Oracle Critical Patch Update
Where is Your Cloud?
Hotel Business Center Computers Compromised
Dropcam Vulnerabilities
Google Introduces Project Zero
More Here    

ISC StormCast for Tuesday, July 15th 2014

By Johannes Ullrich EZ Pass Malware
Oracle Patch Advance Notice
How to secure the internet of things?
Please submit ideas here:
Vulnerablitiies in Web Based Password Managers More Here    

ISC StormCast for Monday, July 14th 2014

By Johannes Ullrich The Importance of Fine Grained Egress Filtering
Inventory Scanners Infected with Targeted Malware
Secure E-Mail Service Suffers from XSS Flaw
PoC Exploit for LZO Vulnerability
Apple Blacklists Vulnerable Flash Versions More Here    

ISC StormCast for Friday, July 11th 2014

By Johannes Ullrich Office 365 Users Experience Bad SSL Certificates; Analyzing logs quickly and cheaply; Fireeye FEOS Updates
Microsoft Uses Wrong Certificate for Office 365 Login Page
Analyzing Logs quickly and on the cheap
Multiple Flaws in Fireeye Appliance OS
Bot Brute Forces PoS RDP Passwords
More Here