ISC StormCast for Monday, October 27th 2014

By Johannes Ullrich #Shellshock botnet via SMTP; Find Vulnerabilities with #masscan and #nmap; #tor exit node modifies binaries; Vulnerable Home Automation; #samsung #knox response
Shellshock Exploit used against mail servers
https://isc.sans.edu/forums/diary/Shellshock+via+SMTP/18879
Scanning For Specific Vulnerabilities
https://isc.sans.edu/forums/diary/Scanning+for+Single+Critical+Vulnerabilities/18881
Tor Exitnode “patches” Binary Downloads
http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/
Micasa Verda / Vera Home Automation Gateway Security Review (and fail)
http://www.xipiter.com/musings/the-insecurity-of-things-part-two
Samsung Responds to claims about Knox Insecurity
http://www.theregister.co.uk/2014/10/26/samsung_denies_knox_security_vuln_allegations/ More Here