John Bambenek Diaries

Back to Handlers

Prophetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today
Writing Yara Rules for Fun and Profit: Notes from the FireEye Breach Countermeasures
Hunting for SigRed Exploitation
VMWare Security Advisory on DoS Vulnerability in ESXi
MSFT July 2019 Patch Tuesday
Solving the WHOIS and Privacy Problem: A Draft of Implementing WHOIS in DNS
Are you Ready for DNS Flag Day?
Sextortion Bitcoin on the Move
Microsoft Publishes Patches for Skype for Business and Team Foundation Server
Life after GDPR: Implications for Cybersecurity
Spectre and Meltdown: What You Need to Know Right Now
Phishing to Rural America Leads to Six-figure Wire Fraud Losses
I'm All Up in Your Blockchain, Pilfering Your Wallets
Great Misadventures of Security Vendors: Absurd Sandboxing Edition
Ransomware Operators Cold Calling UK Schools to Get Malware Through
Was the Brazilian version of Google hijacked two days ago?
New Year's Resolution: Build Your Own Malware Lab?
Mixed Messages : Novel Phishing Attempts Trying to Steal Your E-mail Password Goes Wrong
UPDATED x1: Mirai Scanning for Port 6789 Looking for New Victims / Now hitting tcp/23231
What are your 2017 infosec predictions?
DDoS Extortion - Almost Universally an Empty Threat
Tool Released to Decrypt Petya Ransomware Infected Disks
Tips for Stopping Ransomware
Protecting Users and Enterprises from the Mobile Malware Threat
ICYMI: Widespread Unserialize Vulnerability in Java
CVE-2014-4114 and an Interesting AV Bypass Technique
Will 2015 be the year we finally do something about DDoS?
How I learned to stop worrying and love malware DGAs....
What do you think will be the top cybersecurity story of 2015?
Gameover Zeus and Cryptolocker Takedowns
New, Unpatched IE 0 Day published at ZDI
OpenSSL.org Defaced by Attackers Gaining Access to Hypervisor
Juniper SSL VPN and UAC Host Checker Issue
Cryptolocker Update, Request for Info
Obamacare related domain registration spike, Government shutdown domain registration beginning
*Metaspoit Releases Module to Exploit Unpatched IE Vuln CVE-2013-3893
Microsoft Releases Out-of-Band Advisory for all Versions of Internet Explorer
FYI: Anonymous Planning "OpUSA" Attacks on Banks and US Gov't on May 7th. More Info as Relevant to Come.
A Chargen-based DDoS? Chargen is still a thing?
ISC Handler Lenny Zeltser's REMnux v4 Reviewed on Hak5
UPDATEDx1: Boston-Related Malware Campaigns Have Begun - Now with Waco Plant Explosion Fun
Fake Boston Marathon Scams Update
Where Were You During the Great DDoS Cybergeddon of 2013?
Is This Chinese Registrar Really Trying to XSS Me?
It's 3pm 2 days after Christmas, do you know where your unmanaged SSH keys are?
A Consumer's Guide to Spotting "Fake" Charities
Microsoft December 2012 Black Tuesday Update - Overview
Joomla (and WordPress) Bulk Exploit Going on
John McAfee Exposes His Location in Photo About His Being on Run
Online Shopping for the Holidays? Tips, News and a Fair Warning
New Poll: Top 5 Unresolved Security Problems of 2012
Behind the Random NTP Bizarreness of Incorrect Year Being Set
Request for info: Robocall Phishing Against Local/Regional Banks
Hacking HP Printers for Fun and Profit
Another Defense Contractor Hacked in AntiSec Hacktivism Spree
Is the Insider Threat Really Over?
Wordpress.com Security Breach
LizaMoon Mass SQL-Injection Attack Infected at least 500k Websites
TCP Tricks to Detect Rogue Wireless Access Points
Mozilla Notifies of Relatively Minor Security Breach
IIS 7.5 0-Day DoS (processing FTP requests)
Is Stuxnet the Beginning of the Cyberwar Era?
Adobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory
Mozilla Thunderbird updated to version 3.1.3 also, more here: http://www.mozillamessaging.com/en-US/thunderbird/3.1.3/releasenotes/
Month of Undisclosed 0-day Bugs
Responsible Disclosure or Full Disclosure?
Data Redaction: You're Doing it Wrong
The Top 10 Riskiest US Cities for Cybercrime
March 2010 - Microsoft Patch Tuesday Diary
Vodafone Android Phone: Complete with Mariposa Malware
GSM Cell Phone Encryption is Cracked - Interception of Cell Calls Possible
Merry Festivus: Commence the "Airing of Infosec Grievaces"
There is no such thing as a free lunch .
BIND Security Advisory (DNSSEC only)
Government Approaches to Cybersecurity - What are your tips?
Missouri Passes Breach Notification Law: Gap Still Exists for Banking Account Information
Replacing Phishers with a Small Shell Script: Jakarta Bombing Malware
Cross-Platform, Cross-Browser DoS Vulnerability
Latest Updates on Ongoing DDoS on Governmental/Commercial Websites in USA and S. Korea
URL Shortening Service Cligs Hacked
Iran Internet Blackout: Using Twitter for Operational Intelligence
Embedded Devices: An Avenue for Cyberterrorism?
SANS Internet Storm Center Winner of RSA Social Security Award for Best Technical Blog
Data Leak Prevention: Proactive Security Requirements of Breach Notification Laws
Google Search Engine's Malware Detection Broken
Thoughts on Security Intelligence (McColo Corp alleged spam/malware host knocked offline)
Google Chrome in Beta, Vulnerabilities Discovered
E-Mail from SANS/GIAC
MX Records Disappearing?
The Number of Machines Controlled by Botnets Has Jumped 4x in Last 3 Months
IE8 Beta 2 Released: InPrivate Browsing
Active attacks using stolen SSH keys (UPDATED)
The Latest in Crimeware
Thoughts on the Best Western Compromise
Is Anti-Virus Dead?
OpenOffice 2.4.1 Out - Fixes One Vuln
CitectSCADA Buffer Overflow Vulnerability
5 News Cisco Vulnerabilities for PIX and ASA
SQL Injection Worm on the Loose (UPDATED x2)
Windows XP Service Pack 3 Released
PHP 5.2.6 out w/ security updates
Defenses Against Automated Patch-Based Exploit Generation
Intel Centrino Wireless Driver Buffer Overlow - from @RISK digest
The Patch Window is Gone: Automated Patch-Based Exploit Generation
EV SSL Certificates - Just once, why can't one of our poorly considered quick fixes work?
IIS Vulnerability Documented by Microsoft - Includes Workarounds
A Federal Subpoena or Just Some More Spam & Malware?
ADSL Router / Cable Modem / Home Wireless AP Hardening in 5 Steps
Kraken Technical Details: UPDATED x3
Network Solutions Technical Difficulties? Enom too
Got Kraken?
HP USB Keys Shipped with Malware for your Proliant Server
'Tis the Season for Tax Return Scams
Happy Data Privacy Day
Facebook, pr0n and privacy
Cyber Security Awareness Tip #25: E-mail (PGP, Attachments, etc), IM, IRC
Is Pump-and-Dump more lucrative than Identity Theft?
Skype Back Online / Patch Tuesday to Blame? - UPDATED x4
Job Search Sites Compromised, Spear Phishing Hillarity Ensues
Principle of Most Privilege and the Snort/ClamAV Purchase
Black Hat / DEFCON
Security Update for Firefox: 2.0.0.5
Symantec False-Positive on Filezilla, NASA World Wind
Cross-Platform OpenOffice Virus Proof of Concept
Estonia, Botnets, and Economic Warfare
Full-Width/Half-Width Unicode Bypasses HTTP Scanning
Gozi Trojan Steals SSL Encrypted Data for Fun and Profit
The rise of the botnets
New SCADA Vulnerabilities in OPC Servers
Security Guard Script e-mail scam
A Case of Identity Theft
MS06-077: Remote Installation Service (RIS) remote exploit
Honeypot Mirroring .edu domains under .eu / Active Threat
IE unspecified remote code execution vulnerability
Visual Studio 2005 Remote Code Exploit, Actively Being Exploited
Remote DoS in Firefox 1.5.0.7 and Firefox 2
Delays on Windows Update & the Death of SUS
MS06-065: Remote Code Excution in Windows Object Packager
MS06-064: Vulnerabilities in IPv6
Microsoft patch tuesday - October 2006 STATUS
There are no more Passive Exploits
Microsoft Advance Notice Out - 11 Patches
Tip of the Day: Protect the Single Points of Compromise
Printer Hacking for Fun and Profit
Net Neutrality and Information Security
The ISC is not Trying to Trojan Your Machines
Black Tuesday Advance Notice
Hacking Wireless Drivers for Fun and Profit
MS06-028: PowerPoint malformed record / Remote Code Execution
MS06-027: MS Word object pointer / Remote Code Execution
MS06-026: Graphics Rendering Engine / Remote Code Execution
New Version of PHP, Cisco Advisory, BurstNET DoS'd
People - Greatest Asset and Biggest Vulnerability
QWest Problems
NetworkSolutions Down Again - Not a DoS Attack
RealPlayer (et al) vulnerabilities & Joomla/Mambo Worm
New IE 0-Day Exploit in Wild
Identity Theft: Accounts Stolen vs Accounts Used - Reader Input
Guide to Finding Safe Online Merchants
Request for Data
Spam ahoy!
Safer Online Shopping Guide
Microsoft Patch Tuesday Advance Notice
Blackworm/Nyxem Animation of Infections
Microsoft Security Advance Bulletin (7 updates, at least 2 Critical)
First Vulnerability for Firefox 1.5 (released version) Announced - PoC available
Malware, eBay, and You.
Misc. Items
Snort 2.4.2 Released
Over $24 billion Dollars at Risk of Theft from Spyware in US Alone
Major Cisco IOS Vulnerability Announced
Katrina Malware; Katrina Donation Scams (now with domain name list); Dameware
MS05-036 Color Management Exploit Code in Wild; mod_jrun exploit scanning from Europe; Insecure by Design
Microsoft Releases 3 Critical Patches - Hilarity Does Not Ensue; MS Patches Reset Settings in Program Defaults?
Corporate Espionage Made Easy with Spyware; Honeynet KYE: Phishing paper Published; Some New Vulnerabilities
With Every Patch Tuesday there is a Black Wednesday, Juniper Update, COAST (adware-spyware) is toast, Virus Spreading through MSN?, Comcast downtime
ISPs and Egress Filtering, Bad News for Reverse Engineers, Broken Spam Message
Another Virus, ISC Poll Results, Port 1433 scans
ISC Reader's Diary, PHP Include Worm, Trojan in wild that exploits new IE bug , Pacific Earthquake & Tsunami
*Santy Worm Update, Snort 2.2 DoS, IRC over SMTP, SSH Scanning, An InfoSec Christmas Story
Bot Nets - Moving to Prime Time, AV Vendors Taking Out Valuable Resource,
IE IFRAME Exploit, Sun Java Web Proxy Buffer Overflow, SSH Scanning Continues, Yesterday's Diary
Backbone issues?
Doubleclick DDoS'd, W32.Zindos.A Microsoft DoS, FXMYDOOM Feedback
BHO scanning tool and New Scam Targets Bank Customers