White Hat Computer Consulting

Solutions are only the beginning

Internet Storm Center

Subscribe to Internet Storm Center feed Internet Storm Center
Updated: 2 hours 15 min ago

Apache Struts Zero Day and Mitigation, (Thu, Apr 24th)

Thu, 04/24/2014 - 12:28

Thanks to Gebhard for letting us know about a new vulnerability in Apache Struts.

If yo ...(more)...

Fun with Passphrases!, (Thu, Apr 24th)

Wed, 04/23/2014 - 20:41

As systems administrators and security folks, we've all had our fill of our users and customers u ...(more)...

Be Careful what you Scan for!, (Thu, Apr 24th)

Wed, 04/23/2014 - 18:31

After some fun and games at one customer site in particular, I found that the SSL services on the ...(more)...

DHCPv6 and DUID Confusion, (Wed, Apr 23rd)

Wed, 04/23/2014 - 17:50

In IPv6, DHCP is taking somewhat a back seat to router advertisements. Many smaller networks are ...(more)...

Port 32764 Router Backdoor is Back (or was it ever gone?), (Tue, Apr 22nd)

Tue, 04/22/2014 - 17:34

Unlike announced a few month ago, the infamous "Port 32764" backdoor was not fully patched in new ...(more)...

Apple Patches for OS X, iOS and Apple TV., (Tue, Apr 22nd)

Tue, 04/22/2014 - 17:27

Apple today released patches for OS X, iOS and Apple TV. The OS X patches apply for versions of O ...(more)...

Allow us to leave!, (Mon, Apr 21st)

Mon, 04/21/2014 - 17:19

Here's one yardstick that I use before signing up for any new online service: I first search the ...(more)...

Finding the bleeders, (Mon, Apr 21st)

Mon, 04/21/2014 - 12:49

Now that the frantic frenzy around "Heartbleed" has calmed, and most sites are patched, it is tim ...(more)...

OpenSSL Rampage, (Mon, Apr 21st)

Mon, 04/21/2014 - 07:19

OpenSSL, in spite of its name, isn't really a part of the OpenBSD project. But as one of the more ...(more)...

Heartbleed hunting, (Mon, Apr 21st)

Sun, 04/20/2014 - 19:19

Yes, I know that by now you are really tired of hear and read about Heartbleed. You probably alre ...(more)...

Testing your website for the heartbleed vulnerability with nmap, (Fri, Apr 18th)

Fri, 04/18/2014 - 11:08

We have received reports by many readers about buggy tools to test for the heartbleed vulnerabili ...(more)...

Looking for malicious traffic in electrical SCADA networks - part 2 - solving problems with DNP3 Secure Authentication Version 5, (Thu, Apr 17th)

Thu, 04/17/2014 - 14:25

I received this week a very valuable e-mail from the DNP Technical Committee Chair, Mr. Adrew Wes ...(more)...