Cisco Talos Blog

April 30, 2009 18:19

Some days you just can't walk away.....

I apologize ahead of time for the marketing fluff in this post, I promise the next several posts after this will be much heavier on the tech and the cool. However, I just couldn't let this one go and neither could any of the Sourcefire VRT. Today we got an anonymous email wi

March 27, 2009 14:53

BEA WebLogic plug-in for Apache JSESSION Cookie overflow

Sometimes you forget you reported a vulnerability. Especially when the vendor keeps sending you lots of messages that contain the following: ____________________________________________________ Reporter: Matt Watchinski ("Matt Watchinski" <mwatchinski@sourcefire.co

March 25, 2009 11:33

Conficker.C Purchase tickets now for the April 1st event

Recap. Conficker.C also known as W32/Conficker.C.worm, WORM_DOWNAD.AD,W32.Downadup,Net-Worm.Win32.Kido.cn Still uses MS08-067 to spread itself just like the A and B variants, therefore the detection released on 2008-10-23 still generates events based on this spreading mechanism

March 19, 2009 16:26

Creating new detection coverage : Using SCADA OMRON-FINS as an example

The What In 2008 a lot of reports and press centered around SCADA Networks and their protection, additionally Core Security and several other researchers released vulnerabilities in software related to SCADA networks. The most notorious was the vulnerability in CitectSCADA (http: