Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2014-03-02 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Sunday Reading

Published: 2014-03-02
Last Updated: 2014-03-02 15:21:16 UTC
by Stephen Hall (Version: 1)
2 comment(s)

Time to catch up with that security reading now that your favourite team is second in the league, so lets see what we can do to bring us all up to speed ready for what Monday will bring, so in no particular order:

Data breach, after data breach it would appear as 2014 is turning into the year of the use of "sophisticated techniques" to breach online security.

Securing online applications via a mechanism which is susceptible to a brute force is not a good idea! 

Digging through our mail brings a gem. Nigeria Scams are still coming in, I do love todays which is from:

ACCESS BANK PLC
122 Adenirun Ogunsanya Street,
Off Bode Thomas Road,
Surulere Lagos - Nigeria
24/7 Banking
(24/7 Customer Care HotLine)
 
The colour coding is not mine, but is true to the original e-mail, nice touch! What makes this one truly special is that the e-mail was spoofed (shock!) to appear to come from "ACCESS BANK PLC - info@microsoft.com".
 
Ping over any other weekend news, and I'll add to the list to give ISC readers some additional reading material.

Steve Hall

ISC Handler

www.tarkie.net

Keywords: Weekend Reading
2 comment(s)

Symantec goes yellow

Published: 2014-03-02
Last Updated: 2014-03-02 14:52:24 UTC
by Stephen Hall (Version: 1)
0 comment(s)

Big Yell'eh has raised its ThreatCon to Yellow - "Medium : Increased alertness" due to increased activity exploiting CVE-2014-0322 which is referenced in Microsoft KB reference 2934088

If you cannot apply the FixIt, best look at the mitigating factors, or wait (and monitor, react, and fix) until the patch comes out to mitigate this vulnerability.

Steve Hall

ISC Handler

www.tarkie.net

0 comment(s)
Diary Archives