-
Recent Posts
Recent Comments
- Robin Stevens on Major Dridex Banking Malware Outbreak
- Michael Tombs on Major Dridex Banking Malware Outbreak
- Security News #0x88 | CyberOperations on CVE-2015-3456 ‘VENOM’ – And it was all going so well…
- Seema Knerr on Phishing Advice
- Horst Jung on GHOST in the Shell – CVE2015-0235
Archives
- November 2016
- June 2016
- January 2016
- November 2015
- September 2015
- June 2015
- May 2015
- February 2015
- January 2015
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- January 2014
- November 2013
- October 2013
- September 2013
- July 2013
- April 2013
- February 2013
- January 2013
- December 2012
- July 2012
- April 2012
- March 2012
- October 2011
- August 2011
- June 2011
Categories
Meta
Shellshock Intensive Care – Part 2 (Clients)
Update: Apple have now released patches for Bash on the following versions of OS X: Lion v10.7.5, Lion Server v10.7.5, Mountain Lion v10.8.5 and Mavericks v10.9.5. These patches are understood to address vulnerabilities CVE-2014-6271 and CVE-2014-7169, but not CVE-2014-7186 and CVE-2014-7187. These patches are not … Continue reading
Posted in Uncategorized
Comments Off on Shellshock Intensive Care – Part 2 (Clients)
Shellshock Intensive Care – Part I (Servers)
Update: For Oxford University IT Staff, a briefing has been organised for Tuesday at 12.45pm 30/9/2014, book your place here. As the sun has risen on another day of broken bash, we’ve decided to put together a couple of blog … Continue reading
Posted in Uncategorized
Comments Off on Shellshock Intensive Care – Part I (Servers)
Bash ‘Shellshock’ Bug – Now You Can Panic
UPDATE: The initial round of patches to fix CVE-2014-6271 have proven ineffective at fully resolving the issue; a new CVE code has been issued, “CVE-2014-7169“, use this to track news and updates regarding this bug and patch status. Remember Heartbleed? Get ready to … Continue reading
Posted in Apple, Current Threats, General Security, Web Security
Comments Off on Bash ‘Shellshock’ Bug – Now You Can Panic
Google Hacking – Making Use of the All Seeing Eye
You don’t need me to tell you, that the Google search engine is a vast and powerful tool. Or that, Tor aside, it pretty much holds the whole of the Internet in the palm of its hand. What you may not … Continue reading
Posted in General Security
1 Comment
5 Million Google Accounts Leaked
Details are emerging of a very recent large-scale leak of Google’s account database, centring around their flagship email service Gmail. Google’s official word on the subject can be read here. The credentials were posted to a Russian BitCoin mining forum earlier … Continue reading
Posted in Current Threats, General Security, Google
Comments Off on 5 Million Google Accounts Leaked
Kyle and Stan Malicious Advertising Network
OxCERT have been made aware of malicious adverts, placed on legitimate websites, which redirect to a network of sites that download malware. The malware served is bundled with legitimate applications, it varies based on the user agent and is known to … Continue reading
Posted in Current Threats
Comments Off on Kyle and Stan Malicious Advertising Network
Scam Calls Claiming to be from IT Services
OxCERT have been made aware of scammers, calling from international numbers, claiming to be from “IT Services at 146 Banbury Road”. These calls seem to be in a similar vein to the “Microsoft” scam calls described here: http://www.actionfraud.police.uk/microsoft-reveals-extent-of-phone-scam-june11 Please note, the IT … Continue reading
Posted in Current Threats
Comments Off on Scam Calls Claiming to be from IT Services