Fortinet SSH Backdoor Shenanigans

Good morning campers, if you have a Fortinet device running an elderly version of FortiOS you will really want to read to the end of this post. In Short There is an interactive SSH backdoor built into a large spread … Continue reading

Posted in Uncategorized | Comments Off on Fortinet SSH Backdoor Shenanigans

GHOST in the Shell – CVE2015-0235

Continuing the trend set by Heartbleed, Shellshock and POODLE comes another named vulnerability, welcoming us into the new year with the promise of remote code execution and buffer overflows against all the servers we’ve locked in cupboards and forgotten about. … Continue reading

Posted in Uncategorized | 2 Comments

TRANSITS II Workshop, Utrecht

At the end of September I attended the TRANSITS II workshop organised by The GÉANT Association (previously TERENA), kindly hosted by SURFnet at their offices in Utrecht, NL. This course follows on from the TRANSITS I workshop that I blogged about at … Continue reading

Posted in Uncategorized | Comments Off on TRANSITS II Workshop, Utrecht

Scam Calls Claiming to be from OxCERT

This blog appears to have attracted a new kind of reader, the telephone scammer. Back in September, we reported that scammers had begun impersonating IT Services staff; in a recent twist, it appears that the miscreants are now claiming to … Continue reading

Posted in Uncategorized | Comments Off on Scam Calls Claiming to be from OxCERT

Shellshock Intensive Care – Part 2 (Clients)

Update: Apple have now released patches for Bash on the following versions of OS X: Lion v10.7.5, Lion Server v10.7.5, Mountain Lion v10.8.5 and Mavericks v10.9.5. These patches are understood to address vulnerabilities CVE-2014-6271 and CVE-2014-7169, but not CVE-2014-7186 and CVE-2014-7187. These patches are not … Continue reading

Posted in Uncategorized | Comments Off on Shellshock Intensive Care – Part 2 (Clients)

Shellshock Intensive Care – Part I (Servers)

Update: For Oxford University IT Staff, a briefing has been organised for Tuesday at 12.45pm 30/9/2014, book your place here. As the sun has risen on another day of broken bash, we’ve decided to put together a couple of blog … Continue reading

Posted in Uncategorized | Comments Off on Shellshock Intensive Care – Part I (Servers)

FIRST Technical Colloquium 2014, Amsterdam

In April two members of OxCERT were fortunate enough to attend the FIRST Technical Colloquium in Amsterdam, kindly hosted by Cisco at their Campus offices. The event was well attended by representatives from national CERTs and SOC teams, including a … Continue reading

Posted in Uncategorized | Comments Off on FIRST Technical Colloquium 2014, Amsterdam

TRANSITS I Workshop, Prague

At the end of November I attended the TERENA TRANSITS I workshop in Prague. TRANSITS I is aimed at those who have recently joined a CERT or who have been tasked with creating a new CERT. Attendees at the workshop … Continue reading

Posted in Uncategorized | Comments Off on TRANSITS I Workshop, Prague

OxCERT probes, and firewalling

Note for external users: This post relates to a service that OxCERT offers to units within the University in the form of occasional port scans for ports related to particular known threats that we are tracking. This post looks at … Continue reading

Posted in Uncategorized | Comments Off on OxCERT probes, and firewalling