ISC StormCast for Monday, August 18th 2014

By Johannes Ullrich Beware of the Patch – UDP behind NAT may not be firewalled – yet another PHP cgi exploit – talk quiet, your smart phone is vibrating
MSFT MS14-045 Patch Causes Blue Screen of Death
https://technet.microsoft.com/library/security/MS14-045
The dangers of UDP services behind NAT
http://isc.sans.edu/forums/diary/Web+Server+Attack+Investigation+-+Installing+a+Bot+and+Reverse+Shell+via+a+PHP+Vulnerability/18543
PHP CGI exploit with interesting reverse shell
http://isc.sans.edu/forums/diary/Web+Server+Attack+Investigation+-+Installing+a+Bot+and+Reverse+Shell+via+a+PHP+Vulnerability/18543
Smart Phone Gyroscope Sensitive Enough to Detect Speech
http://crypto.stanford.edu/gyrophone/files/gyromic.pdf
Internet Wide Scan Finds Many Exposed VNC Servers
http://www.forbes.com/sites/kashmirhill/2014/08/13/so-many-pwns/
More Here