SANS Internet Storm Center

RSS Feed SANS Internet Storm Center
Updated: 11 hours 4 min ago

DerbyCon highlights, (Tue, Sep 30th)

Tue, 09/30/2014 - 4:41pm

I had the pleasure of attending DerbyCon 4.0 (Family Rootz) this past Friday and Saturday and ca ...(more)...

Shellshock: Updated Webcast (Now 6 bash related CVEs!), (Mon, Sep 29th)

Mon, 09/29/2014 - 1:41pm

I just published an updated YouTube presentation (about 15 min in length) with some of the shell ...(more)...

Shellshock: A Collection of Exploits seen in the wild, (Mon, Sep 29th)

Mon, 09/29/2014 - 9:05am

Ever since the shellshock vulnerability has been announced, we have seen a large number of scans ...(more)...

Shellshock: We are not done yet CVE-2014-6277, CVE-2014-6278, (Mon, Sep 29th)

Mon, 09/29/2014 - 8:14am

With everybody's eyes on bash vulnerabilities, two new problems have been found [1]. These proble ...(more)...

Shellshock: Vulnerable Systems you may have missed and how to move forward, (Mon, Sep 29th)

Mon, 09/29/2014 - 8:14am

By now, I hope you are well on your way to patch your Linux systems for the bash code injection v ...(more)...

Infocon: yellow

Sun, 09/28/2014 - 6:27pm
Update on CVE-2014-6271: Vulnerability in bash (shellshock)

Update on CVE-2014-6271: Vulnerability in bash (shellshock), (Thu, Sep 25th)

Sun, 09/28/2014 - 5:13pm

On Wednesday (Sept. 24th), a vulnerability in bash was announced, that was originally found by S ...(more)...

What has Bash and Heartbleed Taught Us?, (Sat, Sep 27th)

Sat, 09/27/2014 - 7:58pm

Two significant vulnerabilities affecting a wide range of systems that couldn't be patch fast eno ...(more)...

Why We Have Moved to InfoCon:Yellow, (Fri, Sep 26th)

Fri, 09/26/2014 - 9:13pm


At the Storm Center, we are strict and judicious on moving the InfoCon status. We fe ...(more)...

Webcast Briefing: Bash Code Injection Vulnerability, (Thu, Sep 25th)

Thu, 09/25/2014 - 4:13pm

I created a quick Youtube video to summarize the impact of the vulnerability. The tricky part is ...(more)...

Attention *NIX admins, time to patch!, (Wed, Sep 24th)

Wed, 09/24/2014 - 10:05am

Over the past years, we became used to Microsoft Patches, the important, critical ones that would ...(more)... Compromise: The Dangers of Third Party Hosted Content, (Tue, Sep 23rd)

Tue, 09/23/2014 - 5:29pm

jQuery is a popular Javascript framework, used by many websites (including isc.sans ...(more)...