Vulnerabilities and Exploits
- Linux Kernel Local Privilege Escalation Vulnerability (CVE-2016-5195)
- Multiple OpenSSL vulnerabilities (CVE-2016-2107 and CVE-2016-2108)
- Critical OpenSSL vulnerabilities - DROWN CVE-2016-0800
- Critical Linux vulnerability CVE-2015-7547 in GNU C Library (glibc)
- Cisco Firewall vulnerabilities (cisco-sa-20160210-asa-ike)
- Botnet Troubleshooting and Guidelines
- Guide to Tinba
- Guide to Zeus Infections
- Secure your MongoDB Server
- Security vulnerability - VENOM - CVE-2015-3456 - QEMU/XEN/KVM
- Vulnerability in Windows HTTP.sys Could Allow Remote Code Execution (CVE-2015-1635 / MS15-034)
- Security vulnerabilities in OpenSSL - [19 March 2015]
- Security vulnerabilities in OpenSSL - FREAK (CVE-2015-0204) and more
- Securing your Memcached Server
- Guide to Microsoft SQL Server Browser Service Access Amplification Issues
- GHOST: glibc gethostbyname buffer overflow (CVE-2015-0235)
- Securing your REmote DIctionary Server (Redis)
- Multiple NTP vulnerabilities (CVE-2014-9293 to CVE-2014-9296 )
- Elasticsearch - CVE-2014-3120 Arbitrary Java Code Execution Vulnerability
- SSL - The POODLE Attack and the End of SSL 3.0 (CVE-2014-3566) + OpenSSL Security Advisory (CVE-2014-3513)
- Multiple Xen vulnerabilities (XSA-*)
- Shellshock bug and other BASH vulnerabilities - (CVE-2014-6271, CVE-2014-7169, ...)
- Protecting Intelligent Platform Management Interface (IPMI) devices
- Guide to Mayhem Infection
- Installing a plug in for Wordpress XML-RPC ping back
- Regular Non-Intrusive Vulnerability Scans Performed by iWeb
- Sinkhole HTTP Referers and what to do about them
- Guide to QOTD Amplification Issues
- Security vulnerabilities in OpenSSL (CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470)
- OpenSSL vulnerability - The Heartbleed Bug