While investigating an unrelated issue and digging through firewall logs I noticed a decent amount of traffic destined for tcp/2550 on one of my work servers.
The traffic mostly (82 of the 84 events today) originates from sequential IPs out of China. This immediately raises alarms with me.
I know, its sad. I too am a die hard mac user. Today alone I have received 4 copies of an email with the subject line “2 Populaar Myths About Female Orgasms – How to Become an Irresistible Lover” containing an attachment named “Preview.app Document”. I haven’t had a chance to analyse the .app yet, […]
I recently wrote a script that runs croned and port scans all of our servers daily. It saves the output and diffs it compared to the previous days and emails me as new ports open up. I think this will be a good way to detect new services and potential malware infection, but what about […]
I have recently been updating my Windows Forensics First Responder script and have noticed a number of servers reporting the following when using Sysinternals/Microsoft’s listdlls.exe. *** Loaded C:\WINNT\system32\KERNEL32.dll differs from file image: *** File timestamp: Wed Apr 18 12:25:36 2007 *** Loaded image timestamp: Wed Apr 18 12:25:37 2007 *** 0x77e40000 0x102000 5.02.3790.4062 C:\WINNT\system32\KERNEL32.dll Now […]
For some reason people keep buying Dells. I remember a couple of years ago all the small form factor optiplex’s I had suffered from a bad cap on the motherboard. Eventually all of them just die. My whole team at work have the same model workstation and the PSU went on each of them, one […]
A roadside traffic sign in Austin, Texas was hacked into so that it displayed a message warning passing motorists of zombies ahead. Police are investigating the incident, and if they are caught, the perpetrators could face misdemeanor road sign tampering charges. The vandals broke a lock on the sign and then managed to gain access […]
Bruce Schneier just posted an interesting article on his blog entitled “Interview with an Adware Developer”.
This article reinforces many of the things I have been telling people for a very long time, but for whatever reason never sinks in.
Many experts continue to speculate on why it took so long for Heartland to identify and disclose the breach. According to the Storefront Backtalk report, the payment processor revealed the breach was first discovered in late October or early November, whereas previous statements indicated that it was only in the fall. The company has had two outside forensics teams and the Secret Service working on the problem for more than two months, and yet the “sniffer” software used to collect the data was located only last week.
Heartland Payment Systems acts as a payment gateway for credit card transactions for over 250,000 businesses. At some point a sniffer was installed in their data center intercepting all transactions. Some media outlets are calling this the “largest data breach ever”. They process “100 million credit card payments a month and more than 4 billion transactions per year” but currently have no idea when the malicious software was installed.
I have made a number of stout recipes since I started home brewing. I beleive I have finaly refined my recipe down to perfectly suite my tastes. This one falls under the BJCP category of 13b. Sweet Stout. This is sometimes called a milk stout, cream stout or breakfast stout. My base recipe I beleive […]