Cisco Talos Blog

November 5, 2009 12:59

DoJoSec meeting - November 5th

Tonight's DoJoSec has a change in lineup, since Lurene is on the PUP list for today, Matt Olney is stepping in to take her place and give a talk on "Custom Intrusion Detection Techniques for Monitoring Web Applications". This is something similar to the presentation

November 4, 2009 16:14

DoJoSec and DoJoCon

Tomorrow evening, starting at 6:00 pm, Capitol College, Laurel MD. Lurene Grenier will be giving a presentation on Byakugan. Following this event, on Friday morning, our Senior Director of the Vulnerability Research Team, Matt Watchinski, will be speaking at DoJoCon. Check here

November 3, 2009 15:33

Rule release for today - November 3rd, 2009

Adobe Adobe Adobe Adobe, we thought you only did patch releases once per quarter, guess we were wrong. Anyway, a few vulnerabilities with Shockwave. Get your rules on here: http://www.snort.org/vrt/advisories/2009/11/03/vrt-rules-2009-11-03.html

October 22, 2009 16:49

Rule release for today - October 22nd, 2009

A few modifications in this release, most notably a fix for a false positive issue that raised it's ugly head from the Microsoft Tuesday release. Microsoft Security Advisory (MS09-059): A vulnerability in the Microsoft Local Security Authority Subsystem Service (LSASS) may a

October 22, 2009 11:59

Snort 2.8.5.1 Release

Hot on the heels of the Snort 2.8.5 release, a new Snort tarball is now available that fixes a few issues: * Fixed syslog output when running on Windows. * Fixed potential segfault when printing IPv6 packets using the -v option. Thanks to Laurent Gaffie for reporting this

October 20, 2009 15:47

Vulnerability Report now available via iTunes

Yes, that's right, our monthly vulnerability report is now available for your convenience, via iTunes. To subscribe, hit up this link: http://itunes.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=336370330 Note that the video is large due to it being in high definition,

October 20, 2009 15:40

Rule release for today - October 20th, 2009

A maintenance release this week, with several new rules in web-client, specific-threats, web-misc, oracle, smtp and dos rule sets. As always, the changelogs are available here: http://www.snort.org/vrt/advisories/2009/10/20/vrt-rules-2009-10-20.html

October 15, 2009 16:08

October 2009 Vulnerability Report

Sourcefire VRT Vulnerability Report October 2009 from Sourcefire VRT on Vimeo. Sourcefire VRT Vulnerability Report This month's report covers the Microsoft Tuesday advisories, including IIS FTP vuln, SMBv2 remote code execution and Adobe patch Tuesday.

October 13, 2009 15:55

Microsoft Tuesday Coverage for October 2009

Bumper crop of vulnerabilities patched this month by Microsoft and Adobe. Microsoft Security Advisory (MS09-050): A vulnerability in the way that Microsoft Windows systems process SMBv2.0 transactions may allow a remote attacker to execute code on a vulnerable system. A rule to