Virus Detected?
If you’re running antivirus software and you see the dreaded virus detection notice, take heed and be paranoid. Many drive-by infections will throw a host of exploits at a possible victim in their...
View ArticleYou, Your Company, and Some Asshats in Eastern Europe
We in security see slivers of this just about everyday. The Washington Post has an article titled Eastern European Cyber Criminals Target US Businesses. It’s the same old (spear) phishing scheme…with a...
View ArticleWelcome to the Bulls-Eye: Fast Net Service and the Power of Bandwidth
Fastest Net Service in U.S. Coming to Chattanooga. The title says it all. I have to give mad props to EPB for finally getting this rolling, despite Comcast’s (may you rest in peace) attempts to derail...
View ArticleIE Zero Day Coming Your Way
Symantec, and subsequently Microsoft, released information about a new zero day vulnerability in Internet Explorer being exploited in the wild. This first salvo was targeted and appears to have been...
View ArticleTough Love, End Users
Next time you get infected, take a few minutes and learn from the experience. You get infected and luckily your antivirus detects it and tells you as much in a nifty little pop up window. (In a...
View ArticleClik here to view.
WTF FB?
I happened to catch a @TheHackerNews tweet that linked to an article at theintelclub.com titled “Facebook Now Helping Governments Spy On And Arrest Peaceful Activists.” An interesting read and probably...
View ArticleMouse Traps?
Wired reported on a blog entry by Netragard detailing a wonderfully clever social engineering attack that should open some eyes. I’m not sure it will, but it should. For the unaware, social engineering...
View ArticleReflections on MIRcon
If you missed MIRcon 2011, you should tune in to Mandiant’s State of the Hack: What really happened at MIRcon webcast on October 28th. (Archived version should be available here.) There were some great...
View ArticleClik here to view.
Security Onion 1.1 for Splunk
README notes w/ bonus comments for Version 1.1 I’ve added an input for Bro’s capture_loss.log which now displays on the SOstat Security Onion monitor in a time chart paired with Snort packet loss. To...
View ArticleClik here to view.
IDS Rule Reference for Splunk 1.0
I created a standalone version of IDS Rule Reference for Splunk for Snort/PulledPork users who are not running Security Onion. I’ve added a few dashboard views to provide a little more flexibility for...
View ArticleVirus Detected?
If you’re running antivirus software and you see the dreaded virus detection notice, take heed and be paranoid. Many drive-by infections will throw a host of exploits at a possible victim in their...
View ArticleYou, Your Company, and Some Asshats in Eastern Europe
We in security see slivers of this just about everyday. The Washington Post has an article titled Eastern European Cyber Criminals Target US Businesses. It’s the same old (spear) phishing scheme…with a...
View ArticleWelcome to the Bulls-Eye: Fast Net Service and the Power of Bandwidth
Fastest Net Service in U.S. Coming to Chattanooga. The title says it all. I have to give mad props to EPB for finally getting this rolling, despite Comcast’s (may you rest in peace) attempts to derail...
View ArticleIE Zero Day Coming Your Way
Symantec, and subsequently Microsoft, released information about a new zero day vulnerability in Internet Explorer being exploited in the wild. This first salvo was targeted and appears to have been...
View ArticleTough Love, End Users
Next time you get infected, take a few minutes and learn from the experience. You get infected and luckily your antivirus detects it and tells you as much in a nifty little pop up window. (In a...
View ArticleClik here to view.
WTF FB?
I happened to catch a @TheHackerNews tweet that linked to an article at theintelclub.com titled “Facebook Now Helping Governments Spy On And Arrest Peaceful Activists.” An interesting read and probably...
View ArticleMouse Traps?
Wired reported on a blog entry by Netragard detailing a wonderfully clever social engineering attack that should open some eyes. I’m not sure it will, but it should. For the unaware, social engineering...
View ArticleReflections on MIRcon
If you missed MIRcon 2011, you should tune in to Mandiant’s State of the Hack: What really happened at MIRcon webcast on October 28th. (Archived version should be available here.) There were some great...
View ArticleClik here to view.
Security Onion 1.1 for Splunk
README notes w/ bonus comments for Version 1.1 I’ve added an input for Bro’s capture_loss.log which now displays on the SOstat Security Onion monitor in a time chart paired with Snort packet loss. To...
View ArticleClik here to view.
IDS Rule Reference for Splunk 1.0
I created a standalone version of IDS Rule Reference for Splunk for Snort/PulledPork users who are not running Security Onion. I’ve added a few dashboard views to provide a little more flexibility for...
View Article
