Skip navigation.
Home

Feed aggregator

Infocon: green

SANS - Tue, 04/21/2015 - 22:13
Dridex Redirecting to Malicious Dropbox Hosted File Via Google

Dridex Redirecting to Malicious Dropbox Hosted File Via Google, (Tue, Apr 21st)

SANS - Tue, 04/21/2015 - 11:57

Thanks to Wayne for sending us in the latest Dridex sample. He observed them arriving this mornin ...(more)...

Logging Complete Requests in Apache 2.2 and 2.4, (Tue, Apr 21st)

SANS - Tue, 04/21/2015 - 11:15

Apache has an interesting option to log complete requests, including the body of POST requests. T ...(more)...

Reminder: Secure Your Tomcat Admin Interface, (Mon, Apr 20th)

SANS - Mon, 04/20/2015 - 08:58

In our web application honeypots, we do see continuing scans for /manager/html. While our honeypo ...(more)...

Handling Special PDF Compression Methods, (Sun, Apr 19th)

SANS - Sun, 04/19/2015 - 08:18

Maarten Van Horenbeeck posted a

MS15-034: HTTP.sys (IIS) DoS And Possible Remote Code Execution. PATCH NOW, (Wed, Apr 15th)

SANS - Fri, 04/17/2015 - 09:57

Denial of Service (DoS) exploits are widely available to exploit CVE-2015-1635, a vulnerability i ...(more)...

Memory Forensics Of Network Devices, (Fri, Apr 17th)

SANS - Fri, 04/17/2015 - 06:13

Memory forensics of PCs has become a popular forensic method, and has made great progress the las ...(more)...

Wireshark TCP Flags, (Sun, Apr 5th)

SANS - Sun, 04/05/2015 - 07:22

When I took SEC503 last year in Brussels, taught by Jess Garcia, he remarked that he missed Snort ...(more)...

SSH Fingerprints Are Important, (Fri, Apr 3rd)

SANS - Fri, 04/03/2015 - 10:06

Some years ago, I was preparing Cisco certification exams. I connected via SSH to a new Cisco rou ...(more)...

Angler Exploit Kit - Recent Traffic Patterns, (Thu, Apr 2nd)

SANS - Wed, 04/01/2015 - 21:40

Angler exploit kit (EK) has changed URL patterns (again) during the past month. I infected a Wind ...(more)...

Rig Exploit Kit Changes Traffic Patterns, (Wed, Apr 1st)

SANS - Tue, 03/31/2015 - 20:34

Sometime within the past month, Rig exploit kit (EK) changed URL structure." />

Not ...(more)...

Syndicate content