Internet Storm Center
Training
Certification
Cyber Security Graduate School
Security Awareness Training
Computer Forensics
Penetration Testing
IT Audit
Software Security
These web pages are used by our handlers to offer matrial beyond our daily diaries. You will find personal pages, additional scripts or papers, or whatever the respective handler is interested in offering. All content is owned by the respective handler.
Internet Storm Center Handlers
Baggett, Mark
SANS Internet Storm Center Handler
Recent Diaries:
It is time to update your Web Browser
Software Update Potpourri
Critical Control 18: Incident Response Capabilities
What are the 20 Critical Controls?
Twitter: | @markbaggett |
Bambenek, John
SANS Internet Storm Center Handler
Recent Diaries:
Cuckoo sandbox v0.3 released for automated malware analysis http://www.cuckoobox.org/
VMWare Issues Updated advisory on VMSA-2011-0009.3 with new ESXi 5.0 patches http://www.vmware.com/security/advisories/VMSA-2011-0009.html
Hacking HP Printers for Fun and Profit
Another Defense Contractor Hacked in AntiSec Hacktivism Spree
Is the Insider Threat Really Over?
Twitter: | ILCyberSecurity |
Bruneau, Guy
SANS Internet Storm Center Handler
Recent Diaries:
Sophos 2012 Security Threat Report
New Poll - What security issue concerns you the most this year?
PHP 5.3.10 Released, Fixes CVE-2012-0830 available for download http://www.php.net/archive/2012.php#id2012-02-02-1
DNS Sinkhole Scripts Fixes/Update
Sysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx
Twitter: | guybruneau |
Bueno, Pedro
SANS Internet Storm Center Handler
Click to View Handler Page
Recent Diaries:
Simple Malware Research Tools
The RedRet connection...
Updates on ZeroAccess and BlackHole front...
RealPlayer update addresses 19 CVEs. Patch it! Remember that Exploit kits can exploit vulnerable client apps. http://service.real.com/realplayer/security/11182011_player/en/
Dragon Research Group (DRG) announced the white paper entitled "VNC: Threats and Countermeasures" : https://dragonresearchgroup.org/insight/vnc-tac.html
Twitter: | besecure |
Carothers, Tony
SANS Internet Storm Center Handler
Recent Diaries:
Java Update for February
Cybersecurity Legislation Components
Microsoft Security Essentials Mis-identifes Chrome
Firefox v. 7.0.1 Is Live
Copyright Alert System - What say you?
Clausing, Jim
SANS Internet Storm Center Handler
Click to View Handler Page
Recent Diaries:
Chrome to stop checking Certificate Revocation List (CRL)?
Book Review: Practical Packet Analysis, 2nd ed
Critical Control 6 - Maintenance, Monitoring, and Analysis of Security Audit Logs
VMware Advisory - UDF file system handling
Cisco Advisories - FWSM, ASA, and NAC
Twitter: | jclausing |
Danford, Robert
SANS Internet Storm Center Handler
Recent Diaries:
Microsoft Security Advisory for MHTML via Internet Explorer (MS2501696/CVE-2011-0096)
Adobe updates: http://www.adobe.com/support/security/bulletins/apsb10-21.html
Circa 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301)
Adobe Updates: http://www.adobe.com/support/security/bulletins/apsb10-07.html http://www.adobe.com/support/security/bulletins/apsb10-06.html
ProFTPd SQL Authentication Vulnerability exploit activity
de Beaupre, Adrien
SANS Internet Storm Center Handler
Recent Diaries:
January 2012 Microsoft Black Tuesday Summary
New wireshark released - 1.6.5 and 1.4.11 - www.wireshark.org/download.html
Adobe January 2012 Black Tuesday overview
Newest Adobe Flash 11.1.102.55 and Previous 0 Day Exploit
Opera 11.60 web browser released: security and stability enhancements
Esler, Joel
SANS Internet Storm Center Handler
Click to View Handler Page
Recent Diaries:
Security Advisory for Adobe Reader and Acrobat
Google Chrome has been updated. Please make sure you restart your browser completely.
Flash Player Updated to 11.0.1.152
Oracle Emergency Patch for CVE-2011-3192 has been released!
More Diginotar news
Twitter: | JoelEsler |
Fendley, Scott
SANS Internet Storm Center Handler
Recent Diaries:
Apple Security Advisory 2012-001 v1.1
Updated OpenDLP
Google Chrome Updated
Port 8909 Spike
Cisco Security Advisory - Apache HTTPd DoS
Twitter: | itsecuritygeek |
Frantzen, Swa
SANS Internet Storm Center Handler
Recent Diaries:
Apple Black Tuesday
Microsoft November 2011 Black Tuesday Overview
Firefox 8 & Thunderbird 8 released
Abobe November 2011 Black Tuesday Overview
Firefox 8.0 released
Hale, Deborah
SANS Internet Storm Center Handler
Recent Diaries:
Another Company Falls Victim
Badware 2011
Merry Christmas, Happy Holidays
Links on your Facebook Wall
Data Encryption Ban? Really?
Hall, Stephen
SANS Internet Storm Center Handler
Recent Diaries:
ISC describe DNS crash bug analysis
Apple update summary
Critical Control 12 : Malware Defense
Show the boss on Wednesday
Sun security updates
Twitter: | tarkie101 |
Hofman, Mark
SANS Internet Storm Center Handler
Recent Diaries:
Intersting Facebook SPAM
KPN (Dutch Telecommunications company) Hack
Yet another version of Firefox has been released. One security fix. More info can be found here: https://www.mozilla.org/en-US/firefox/10.0.1/releasenotes/
SSH Password attacks using domain name elements as userid
CISCO Ironport C & M Series telnet vulnerability
Hutcheson, Lorna
SANS Internet Storm Center Handler
Recent Diaries:
Mailbag - "Attacks"
Several Sites Defaced
Logs - The Foundation of Good Security Monitoring
Monitoring Virtual Machines
The Sad Reality of Spam/Phishing Attempts
Johnson, Kevin
SANS Internet Storm Center Handler
Recent Diaries:
Two-Factor Auth: Can we just Google the response?
SQL Injection: Wordpress 3.0.2 released
ProFTPD distribution servers compromised
Robert Hansen and our happiness
Twitter: | secureideas |
Lam, Jason
SANS Internet Storm Center Handler
Recent Diaries:
Potential 0-day on Bind 9
Microsoft killed Kelihos botnet
Firefox 3.6.23 security update is out and so is version 7 (time to break some add-on)
MySQL.com compromised spreading malware
Firefox 3.5 forced upgrade coming soon
Twitter: | jasonlam_sec |
Liston, Kevin
SANS Internet Storm Center Handler
Recent Diaries:
Incident-response Management-tip: Standby time
Monitoring your Log Monitoring Process
FBI Seeking Victims in Operation Ghost Click/DNS Malware Investigation
Fujacks Variant Using ACH Lure (more accurately Blackhole spreading Zeus via ACH Lure)
Fujacks Variant Using ACH Lure
Liston, Tom
SANS Internet Storm Center Handler
Click to View Handler Page
Recent Diaries:
A Puzzlement...
New, odd SSH brute force behavior
What's In A Name?
Security 101 : Security Basics in 140 Characters Or Less
The Strange Case of Doctor Jekyll and Mr. ED
McRee, Russ
SANS Internet Storm Center Handler
Recent Diaries:
Apple and Apache security fixes and releases
Oracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html
Firefox 10 and VMWare advisories and updates
See SpiderLabs blog post regarding HOIC DDoS Analysis and Detection http://blog.spiderlabs.com/2012/01/hoic-ddos-analysis-and-detection.html
OSINT tactics: parsing from FOCA for Maltego
Twitter: | @holisticinfosec |
Mohan, Chris
SANS Internet Storm Center Handler
Recent Diaries:
WHOIS contacts are your friends
The off switch
Firefox 9 has been released patching known vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox9
Recurring reporting made easy?
Cisco Security Advisory for Identity Services Engine Database Default Credentials http://www.cisco.com/warp/public/707/cisco-sa-20110920-ise.shtml
Twitter: | Chris_Mohan |
Porter, Richard
SANS Internet Storm Center Handler
Recent Diaries:
DNS Ghost Domains, How I loath you so!
Oracle Quarterly Patch Advisory Released, January 17th 2012: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
Oracle Quarterly Released, http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
ASP.Net Vulnerability
An Apple, Inc. Sandbox to play in.
Twitter: | packetalien |
Sachs, Marcus
SANS Internet Storm Center Handler
Recent Diaries:
New Internet Storm Center Director
A Day In The Life Of A DShield Sensor
Stuxnet Analysis
Cyber Security Awareness Month - Day 31 - Tying it all together
Cyber Security Awareness Month - Day 15 - What Teachers Need to Know About Their Students
Twitter: | MarcusSachs |
Santander Pelaez, Manuel Humberto
SANS Internet Storm Center Handler
Recent Diaries:
Problem with Microsoft Antivirus regarding malware from google website
Snort 2.9.2 now supporting SCADA protocol checks
MS11-100 DoS PoC exploit published
Critical Control 15: Data Loss Prevention
Critical Control 14: Wireless Device Control
Twitter: | manuelsantander |
Shortt, Kevin
SANS Internet Storm Center Handler
Recent Diaries:
php 5.3.9 released -Jan-10-2011
Zappos Breached
Cain & Abel v4.9.43 Released - http://www.oxid.it/
C|Net download.com serving malware with nmap software
Dennis M. Ritchie (1941 - 2011)
Siles, Raul
SANS Internet Storm Center Handler
Recent Diaries:
Wi-Fi Protected Setup (WPS) PIN Brute Force Vulnerability
Java 7 Officially Released
Jailbreakme Takes Advantage of 0-day PDF Vuln in Apple iOS Devices
Security Testing SSL/TLS (HTTPS) Implementations
Two DoS remotely exploitable vulnerabilities affect BIND 9: http://www.isc.org/advisories/bind Updgrade to 9.8.0-P4.
smith, donald
SANS Internet Storm Center Handler
Recent Diaries:
GlobalSign releases security incident report.
New feature in JUNOS to drop or ignore path attributes.
New Mac Trojan: BASH/QHost.WB
Health or Performance monitoring to detect security events.
Install NOW Oracle patches released today, details at http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html
Ullrich, Johannes
SANS Internet Storm Center Handler
Click to View Handler Page
Recent Diaries:
ISC StormCast for Thursday, February 23rd 2012 http://isc.sans.edu/podcastdetail.html?id=2347
Apache 2.4 Features
ISC StormCast for Wednesday, February 22nd 2012 http://isc.sans.edu/podcastdetail.html?id=2344
How to test OS X Mountain Lion's Gatekeeper in Lion
ISC StormCast for Tuesday, February 21st 2012 http://isc.sans.edu/podcastdetail.html?id=2341
Twitter: | johullrich |
VandenBrink, Rob
SANS Internet Storm Center Handler
Recent Diaries:
PHP 5.39 was release on the 10th, amongst other things, it addresses CVE-2011-4885 (prevents attacks based on hash collisions) and CVE-2011-4566 (integer overflow when parsing invalid exif header)
Stuff I Learned Scripting - Fun with STDERR
It's Cyber Monday - Click Here!
Pentesters LOVE VOIP Gateways !
Patrick dropped us a line on Microsoft SA2641690, which describes 22 weak cipher certs in the wild ( http://technet.microsoft.com/en-us/security/advisory/2641690 ). Fix is in KB2641690, coming via autoupdate or via http://support.microsoft.com/kb/2641690
Wanner, Rick
SANS Internet Storm Center Handler
Recent Diaries:
DNSChanger resolver shutdown deadline is March 8th
Analysis of the Stratfor Password List
nmap 5.61TEST4 released
Yay! More Sysinternals updates! http://technet.microsoft.com/en-us/sysinternals
Adobe Air updated to 3.1.0.4880
Twitter: | namedeplume |
Wesemann, Daniel
SANS Internet Storm Center Handler
Recent Diaries:
Hello, Antony!
Hash collisions vulnerability in web servers
.nl.ai ?
Printer Pranks
Java 6u30 released
Zdrnja, Bojan
SANS Internet Storm Center Handler
Recent Diaries:
pcAnywhere users – patch now!
Is it time to get rid of NetBIOS?
The tale of obfuscated JavaScript continues
Beauty and the BEAST
Bitcoin – crypto currency of future or heaven for criminals?
Twitter: | bojanz |
Zeltser, Lenny
SANS Internet Storm Center Handler
Recent Diaries:
V8 as an Alternative to SpiderMonkey for JavaScript Deobfuscation
Adobe Acrobat Latest Zero-Day Vulnerability Fix Coming to All Platforms by January 10
How Makers of Web Browsers Include CAs in Their Products
Analyzing Mobile Device Malware - Honeynet Forensic Challenge 9 and Some Tools
GlobalSign Temporarily Stops Issuing Certificates to Investigate a Potential Breach
Twitter: | lennyzeltser |
