DojoSec Adobe bug fixed
Well I've been busy, AFA 2009 CyberSpace Symposium, tracking down cool crashes, booking DefCon travel, and my job (herding cats at Sourcefire World Domination HQ). But better late than never right? June 9th, Adobe released http://www.adobe.com/support/security/bulletins/aps
DoJoSec meeting - July 2nd
Not happening. Some Federal holiday getting in the way of this month's meeting. Firework day or similar apparently. Next one will be the first Thursday in August, right after DefCon. We'll see you there, assuming we make it back from Vegas in time. Check http://dojosec.c
Fun with Shell Scripts and OS X
Recently, more malware targeting OS X has been released. This is exciting stuff, and one such sample is RSPlug. The overall premise of RSPlug's operation isn't very sexy, as in the end it's just a malicious script that an unsuspecting user is tricked into running on t
Rule release for today - June 22nd 2009
We've been busy making things faster. This release has some modifications to rules to improve performance. Details are available here: http://www.snort.org/vrt/advisories/2009/06/22/vrt-rules-2009-06-22.html
Rule release for today - June 16th 2009
A maintenance release this one, few new rules, performance improvements, etc.. Details are available here: http://www.snort.org/vrt/advisories/2009/06/16/vrt-rules-2009-06-16.html/
Rule release for today - June 12th 2009
Adobe Acrobat and Reader Remote Vulnerability (CVE-2009-1859): Adobe Acrobat and Acrobat Reader contain programming errors that may allow a remote attacker to execute code on a vulnerable system. The errors occur in the processing of embedded image files in a PDF document. A rul
Microsoft Tuesday Coverage for June
Wow, lots of stuff in today's release from Microsoft. Here are the highlights: Microsoft Security Advisory MS09-018: The Microsoft Windows LDAP implementation contains programming errors that may allow a remote attacker to execute code on an affected system. Rules to detect
ClamAV DoJoSec Talk Addendum
Just a quick note to clarify something I said yesterday at DoJoSec. During my talk, I mentioned that ClamAV is supports a variety of operating systems, including Linux, Solaris, BSD, OS X, etc. Packages are made available by third-parties for some of those. However, you can build
DoJoSec roundup
Last nights DoJoSec meeting was most excellent. We were treated to talks from: * Alain Zidouemba - What to do with the Unknown * Richard Goldberg- How not to get pwnd by your clients * Joe Klein - IPv6 security issues * Eoghan Casey - Getting Physical with Mobi