Honey Pot Entertainment – SSH, (Sat, Dec 27th)

The Christmas period is a nice time to play with some honeypots and share some of the info they have been collecting. Currently I only have two functioning, both of them are located in the US. Each receives 20K or more login attempts per day.… Read the rest


Cowards Attack Sony PlayStation, Microsoft xBox Networks

Cowards Attack Sony PlayStation, Microsoft xBox Networks

facebooktwittergoogle_plusredditpinterestlinkedinmail

A gaggle of young misfits that has long tried to silence this Web site now is taking credit for preventing millions of users from playing Sony Playstation and Microsoft Xbox Live games this holiday season.

The group, which calls itself LizardSquad, started attacking the gaming networks on or around Christmas Day.… Read the rest

Gate to Fiesta exploit kit on 94.242.216.69, (Fri, Dec 26th)

This is a guest diary submitted by Brad Duncan.

For the past year or so, Ive noticed a particular group using a gate that redirects to an exploit kit (EK), usually Fiesta. This gate has evolved over the past year, changing IP addresses, domain names, and URL patterns.… Read the rest

Payday Loan Network Sold Info to Scammers

Payday Loan Network Sold Info to Scammers

facebooktwittergoogle_plusredditpinterestlinkedinmail

The Federal Trade Commission announced this week it is suing a consumer data broker that sold payday loan application data to scammers who used the information to pull money out of consumer bank accounts. The scam brings to mind an underground identity theft service I wrote about in 2012 that was gathering its data from a network of payday loan sites.… Read the rest

Attackers Leverage IT Tools As Cover

The line between attack and defense tools has blurred.

The task of defending enterprises against malicious intruders could become even harder for security managers with attackers beginning to increasingly leverage commonly used IT tools and services to disguise their presence on compromised networks.… Read the rest

Vuln: Linux Kernel CVE-2013-2897 Heap Buffer Overflow Vulnerability

Vulnerable: Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise Server Unsupported Extras 11
Linux kernel 3.3.5
Linux kernel 3.3.4
Linux kernel 3.3.2
Linux kernel 3.2.13
Linux kernel 3.2.9
Linux kernel 3.2.1
Linux kernel 3.1.8
Linux kernel 3.0.5
Linux kernel 3.0.4
Linux kernel 3.0.2
Linux kernel 3.0.1
Linux kernel 2.6.39
Linux kernel 2.6.38
Linux kernel 2.6.37
Linux kernel 2.6.36
Linux kernel 2.6.33
Linux kernel 2.6.32
Linux kernel 2.6.31
Linux kernel 2.6.30
Linux kernel 2.6.29
Linux kernel 2.6.28
Linux kernel 2.6.19
Linux kernel 2.6.17
Linux kernel 2.6.16
Linux kernel 2.6.15
Linux kernel 2.6.14
Linux kernel 2.6.13
Linux kernel 2.6.12
Linux kernel 2.6.11
Linux kernel 2.6.10
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
+ Trustix Secure Linux 3.0
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
Linux kernel 2.6.9 rc4
Linux kernel 2.6.9 rc3
Linux kernel 2.6.9 rc2
Linux kernel 2.6.9 rc1
Linux kernel 2.6.9
Linux kernel 2.6.8 rc4
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.8
+ S.u.S.E.Read the rest

Merry Christmas!, (Thu, Dec 25th)

All handlers at SANS Internet Storm Center wish you a great christmas and may all your wishes come true. We will keep guarding the internet meanwhile.

Manuel Humberto Santander Pelez
SANS Internet Storm Center – Handler
Twitter:@manuelsantander
Web:http://manuel.santander.name
e-mail: msantand at isc dot sans dot org

(c) SANS Internet Storm Center.… Read the rest

Bugtraq: Pimcore v3.0 & v2.3.0 CMS – SQL Injection Vulnerability

Document Title:
===============
Pimcore v3.0 & v2.3.0 CMS – SQL Injection Vulnerability

References (Source):
====================
http://vulnerability-lab.com/get_content.php?id=1363

Release Date:
=============
2014-12-16

Vulnerability Laboratory ID (VL-ID):
====================================
1363

Common Vulnerability Scoring System:
====================================
6.4

Product & Service Introduction:
===============================
Pimcore is a powerful and robust Zend Framework based PHP content management system (CMS) for creating and managing digital
content and assets licensed under the open-source BSD license.… Read the rest

Bugtraq: PHPLIST v3.0.6 & v3.0.10 – SQL Injection Vulnerability

Document Title:
===============
PHPLIST v3.0.6 & v3.0.10 – SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1358

Release Date:
=============
2014-12-18

Vulnerability Laboratory ID (VL-ID):
====================================
1358

Common Vulnerability Scoring System:
====================================
6.1

Product & Service Introduction:
===============================
phpList is an open source software for managing mailing lists.… Read the rest

Bugtraq: Lazarus Guestbook v1.22 – Multiple Web Vulnerabilities

Document Title:
===============
Lazarus Guestbook v1.22 – Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1386

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2239

CVE-ID:
=======
CVE-2014-2239

Release Date:
=============
2014-12-24

Vulnerability Laboratory ID (VL-ID):
====================================
1386

Common Vulnerability Scoring System:
====================================
6.6

Product & Service Introduction:
===============================
Lazarus is a free guestbook script written in PHP that uses your MySQL database for storage and is based
upon the excellent Advanced Guestbook script from Proxy2.… Read the rest