Microsoft Tuesday Coverage for August 2009
Well, first Microsoft Tuesday after DefCon and as punishment, there are 9 advisories to note with 8 of them being suitable for detection by an IPS/IDS. Microsoft Security Advisory (MS09-036): Microsoft Internet Information Server (IIS) contains a programming error that may allow
Syntax Checking your Snort Rules
Our friend over in blighty has been at it again. This time, Leon has come up with dumbpig, a tool written in Perl that will check your Snort rules and tell you what, if anything, is wrong with them and what you should do about it. Here's a sample of dumbpig output: torchwoo
DoJoSec meeting - August 6th
This month's DoJoSec meeting features three speakers: Sean Morrissey - "Apple’s File Vault – How Secure is it?" Dale Beauchamp - "The First 120" Matt Fisher - "The Big Picture: Web Risks and Assessments Beyond Scanning" Details are available he
Freakshow Sumo
Patrick Mullen (phoo) and Ryan Pentney (kappa) take each other on in a Sumo match at the IOActive Freakshow party at Defcon 17. Watch closely, the loser of each bout gets tea bagged.
Freakshow
We'll be attending the Freakshow on Saturday, come along and say hello. You can also find us at the Microsoft Security Appreciation Reception tonight at Treasure Island. You can't get in without an invite though, so if you have one and you're going, come find us and
Microsoft Out of Band Patch - 28th July 2009
So, today, Microsoft released an out of band patch, two issue, one for Internet Explorer... Microsoft Security Advisory (MS09-034): Microsoft Internet Explorer contains programming errors that may allow a remote attacker to execute code on a vulnerable system. Rules to detect a
Rule release for today - July 22nd 2009
Adobe Acrobat and Reader Buffer Overflow: Adobe Acrobat and Adobe Reader suffer from a programming error that may allow a remote attacker to execute code on an affected system. The problem occurs during the processing of a flash file embedded in a pdf document. Rules to detect
Rule release for today - July 21st 2009
A few new rules and some modifications to improve rule performance in today's release. Apple iTunes Buffer Overflow (CVE-2009-0950): Apple iTunes contains a programming error that may allow a remote attacker to execute code on a vulnerable system. Rules to detect attacks ta
Vulnerability Report July 2009
This is a Beta version of our Vulnerability Report. We haven't done this, or anything like it before and we got it together pretty quickly. We're learning as we go. We would really appreciate some thoughts, tips and suggestions on it.