Today, Virginia based cyber-security firm MANDIANT released a 60+ page intelligence report describing an Advanced Persistent Threat (APT) actor named APT-1 (others familiar with the group may know them as WebC2).
These last few weeks have been rough on Rails developers. Over the past few weeks there have been several vulnerabilities involving the parsing of Rails parameters, with one leading to arbitrary code execution (CVE-2013-0155, and CVE-2013-0156). Our friend Postmodern, the creator of Ronin (an excellent ruby platform for vulnerability and exploit development), wrote a great blog post explaining vulnerabilities with working PoC code.
Packet Stash, Inc is proud to announce that Snorby Cloud is now available to the public. For those of you just joining us, Snorby Cloud is an instantly deployable, analyst-friendly, and hassle free Network and Host Security monitoring solution by the creators of Snorby.
When Dustin developed and launched Snorby in 2009, he had a vision of creating an application that made the process of analyzing and classifying events accessible as simple as possible for analysts. While this helped make NSM accessible to more people, the process of actually deploying the sensor infrastructure remains cumbersome.
Snorby Mobile 1.0.0 is now available in the app store. The mobile application will work with any Snorby install >= 2.5.3. Snorby Cloud (https://cloud.snorby.org) integration will be added in the next release making the process of adding multiple collection servers painless. Let us know what you think and if you have any suggestions.
It’s 2012. Why is Network Security Monitoring still so hard?