Threat Level: green Handler on Duty: Russ McRee

SANS ISC Internet Storm Center


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

Digest: 23 OCT 2014

Published: 2014-10-23
Last Updated: 2014-10-23 19:36:18 UTC
by Russ McRee (Version: 1)
0 comment(s)

A number of items for your consideration today, readers. Thanks as always to our own Rob VandenBrink for pointing out a number of these.

In case you missed it, What's New in Window's PowerShell.

A new Snort release is available: Snort 2.97.

VMWare has released a security advisory: VMSA-2014-0011 - VMware vSphere Data Protection product update addresses a critical information disclosure vulnerability.

There's a Whitehouse petition to unlock public access to research on software safety through DMCA and CFAA reform. Needs 98,000 signatures, currently has just over 1000. The synopsis for your consideration:

Software now runs consumer products and critical systems that we trust with our safety and security. For example, cars, medical devices, voting machines, power grids, weapons systems, and stock markets all rely on code. While responsible companies cooperate with the technical community and the public to improve the safety of code, others do not. They instead try to prevent researchers and others from sharing safety research, threatening criminal and civil actions under the Digital Millennium Copyright Act and the Computer Fraud and Abuse Act. Chilling research puts us all at risk. Protect the public from unsafe code and help us to protect ourselves. Reform the DMCA and CFAA to unlock and encourage research about potentially dangerous safety and security weaknesses in software.

If you agree, sign the petition here.

NIST just released a draft of NIST Special Publication 800-125-A Security Recommendations for Hypervisor Deployment. You denizens of the cloud should give this one a good read through.

0 comment(s)
ISC StormCast for Thursday, October 23rd 2014 http://isc.sans.edu/podcastdetail.html?id=4205

If you have more information or corrections regarding our diary, please share.

Recent Diaries

telnetd rulez: Cisco Ironport WSA Telnetd Remote Code Execution Vulnerability
published 20 hours ago by Russ McRee (1 comment)

CSAM Month of False Positives: Ghosts in the Pentest Report
published 2 days ago by Rob VandenBrink (1 comment)

Apple Multiple Security Updates
published 2 days ago by Guy (0 comments)

Microsoft MSRT October Update
published 4 days ago by Guy (0 comments)

Logging SSL
published 1 week ago by Dr. J. (4 comments)

Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
published 4 decades ago by Basil (0 comments)

Apple Updates (not just Yosemite)
published 4 decades ago by Dr. J. (2 comments)

View All Diaries →

Latest Discussions

SSH Bruteforce Uptick Anyone?
created 3 weeks ago by Philip (0 replies)

XSS vulnerability in opencms v9.0.1 workplace
created 1 month ago by Murali (0 replies)

RSS feeds broken in Sage
created 1 month ago by Madmanguruman (0 replies)

Brown Breach.. . UPS
created 1 month ago by ICI2Eye (0 replies)

So, how dead is antivirus exactly?
created 2 months ago by Safensoft (4 replies)

View All Forums →

Latest News

View All News →