There have been some reports to us about an issue with Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability [1]. It might be a good idea to review Intels security bulletin INTEL-SA-00075, which outlines a Privilege Escallation vulnerability. The document also states very clearly that This vulnerability does not exist on …
According to the Carnegie Mellon University (CMU) Software engineering Institute (SEI), there are 11 characteristics for effective security governance: Enterprise-wide issue: Security is managed as an enterprise issue, horizontally, vertically, and cross-functionally throughout the organization in every level. Leaders are accountable: Executive leaders understand their accountability and responsibility with respect to security for the organization, …
A good friend told me that anengagedinformation security professional is one wholeads with the KNOW instead of the NO. This comment struck me and has resonated wellfor the lastseveral years. It hasencouraged me to better understand thedesires of the business areas in an attempt to avoid theperception of being the no police. We are eachable …
We got many samples from our readers and wethank them for this. It helps us to find how attackers are improving their techniques to bypass security controls and to fool the victims. Often the provided samples are coming from common waves of spam but, sometimes, they are interesting. I padding:5px 10px”> viper Order-complete.docx info +———-+———————————————————————————————————————————-+ …
Read more “Another Day, Another Obfuscation Technique, (Fri, Apr 28th)”
The Internet is a network of networks. Each Autonomous system (AS) connects to the internet using a router that speaks the Border Gateway Protocol (BGP) to disseminate and receive routing information. The problem is that there is no authoritative way to figure out who is supposed to receive which IP address space (no, whois information …
Read more “BGP Hijacking: The Internet is Still/Again Broken, (Thu, Apr 27th)”
Setting up a Microsoft SQL server with a stupid simple password like sa for the sa user is hard. First of all, Microsoft implemented a default password policy that you need to disable. And then, when you finally Googled your way through how to disable it width:300px” /> A little bit odd is the distribution …
[This is a guest diary submitted by J. Edward Durrett, GCUX] While going over an SSL report from SSL Labs [1], I noticed something that I had not seen before: a check for CAA records. Certification Authority Authorization (CAA) is a DNS record which restricts which Certificate Authority can issue a certificate for a given …
Read more “CAA Records and Certificate Issuance, (Tue, Apr 25th)”
[This is a guest post submitted by Remco Verhoef. Got something interesting to share? Please use our contact form to suggest your topic] Today I got lucky walking around within a phishing site and found some left-over deployment files, containing the complete source code of the site. This gives a unique insight into the inner …
Read more “Analysis of the Shadow Z118 PayPal phishing site, (Mon, Apr 24th)”
This week I saw again a PDF containing a malicious Word document with macros (a downloader). The PDF contains JavaScript to extract the malicious Word document and launch Word. The user is prompted before this action takes place, but if you want to mitigate this, you can disable JavaScript. If you use Adobe Reader version …
Read more “Malicious Documents: A Bit Of News, (Sun, Apr 23rd)”
I don width:1000px” /> ————— Jim Clausing, GIAC GSE #26 jclausing –at– isc [dot] sans (dot) edu Ill be teaching FOR610 in June, Sept, and Oct. See my schedule here:https://www.sans.org/instructors/jim-clausing (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.