Internet Storm Center has a post today noting the update to Burp Suite an excellent vulnerability analysis of Websites as a proxy server. While checking the update the storm center noted the inclusion of NoSQL injection in the update. At the same time why is this important? because of the prevalence of public databases or “Bigdata” … Read more
MS14-068 has been issued an out-of-band patch, as mentioned at Darkreading This is a Server patch – for Windows 2008, and Windows 2012 patch, this is a critical patch due to Kerberos authentication needing this fix. SANS Dr. Ullrich has a statement: ” Ullrich says privilege escalation rarely gets the critical rating because the step of … Read more
beyondtrust.com has the information MS14-066 was patched in November patch Tuesday (Nov 11). and here is the details: Unfortunately for those machines that do not patch regularly, the Microsoft patch allows the reverse engineer to figure out what was patched and then create a hack/Proof of Concept – POC) We can now see that … Read more
How can you tell if malware is in your network? As the PCRE post at Internet Storm Center says: You can check your logfiles for certain signatures using “Perl Compatible Regular Expressions” (PCRE) Perl is a scripting programming language perl.com gets into some of it’s details. Of course that assumes you have a proxy server and … Read more
The site http://insecam.com/ has set up thousands of links to insecure cameras that are online. 4717 cameras in USA including many that are inside homes. A couple in New Jersey http://www.insecam.cc/cam/bycity/Absecon/ Including Chesterfield, MO http://www.insecam.cc/cam/bycountry/US/?page=120 Please log into your camera and change the default password. Changing default passwords should be done to all devices right when you … Read more
