February 2010 Vulnerability Report
February 2010 Vulnerability Report This month's report covers the Microsoft Tuesday advisories for February 2010 and a whole bunch of Snow at Sourcefire HQ.
Microsoft Tuesday Coverage for February 2010
Well, Microsoft really made up for a light patch in January with a hefty dose of vulnerabilities this month. We had our hands full dealing with this avalanche, we have coverage for the non-local vulnerabilities, only a couple of issues were covered in previously released rules, t
Coming Soon To A Snort User's Group Near You
I was in Chicago last Friday for a meeting of the local Snort Users' Group (Powerpoint presentation available here). While the weather was as crummy as you'd expect out of Chicago in January, overall it was an excellent visit, thanks to the group of people who turned out
Rule release for today - January 26th 2010
A few additions, some modifications. Mostly a maintenance release. Check it out: http://www.snort.org/vrt/advisories/2010/01/26/vrt-rules-2010-01-26.html
Using byte_jump as a Detection Mechanism
This is just a quick tidbit about writing effective snort rules that I thought I would share. I was writing a Snort shared object (SO) rule for demonstration purposes. I was going to use a "vulnerability" where the DATA section, which is the last part of the packet, spe
The Acrobat JavaScript Blocklist Framework
Adobe recently announced and released the Adobe Reader and Acrobat JavaScript Blocklist Framework. I've had a little bit of time to play with it and would just like to share my thoughts. First of all, I am very pleased with this new blocklisting feature. Until now, when we kn
Rule release for today - January 15th 2010
It seems that a couple of large companies were targeted with a vulnerability in Internet Explorer. Today's release contains a rule to detect attacks targeting this vulnerability. Check out the details at http://www.snort.org/vrt/advisories/2010/01/15/vrt-rules-2010-01-15.htm
January 2010 Vulnerability Report
Sourcefire VRT Vulnerability Report January 2010 from Sourcefire VRT on Vimeo. January 2010 Vulnerability Report This month Alain Zidouemba talks about Microsoft Tuesday, Adobe patches, Snort and ClamAV releases. From the beach. Where it's warm. While the rest of us freeze.
Microsoft Tuesday Coverage for January 2010
One advisory from Microsoft to start the year, one rule from us to cover it. Check it out here: http://www.snort.org/vrt/advisories/2010/01/12/vrt-rules-2010-01-12.html