Skip to content
/dev/random

/dev/random

"If the enemy leaves a door open, you must rush in." – Sun Tzu

  • About Me
    • About Me
    • Online Presentations
    • PGP Public Key
  • Disclaimer
  • Tools
    • alerts2afterglow
    • hoover
    • inotes.py
    • known_hosts_bruteforcer
    • pastemon
    • oplb
    • ossec_dashboard
    • ossec2dshield
    • twittermon
    • rrhunter
    • syslog2loggly

Weather forecasts

January 15, 2003 Uncategorized Comments Off on Weather forecasts

There is now weather forecasts (and current) available for Brussels, Belgium.
Still deploying the future interface. Be patient! 🙂

Post navigation

« Pic upload test!
Happy Birthday to my job! »

Stay in Touch

RSS Twitter LinkedIn

Upcoming Events

Here is a list of events that I will attend and cover via Twitter and wrap-ups. Ping me if you want to meet! The list is regularly updated.

SANS Brussels February 2019
OSSEC Conference 2019
BruCON Spring Training

Recent Articles

  • [SANS ISC] Keep an Eye on Disposable Email Addresses
  • [SANS ISC] Simple Powershell Keyloggers are Back
  • Detecting Mobile Phones Close to Your Location
  • [SANS ISC] Old H-Worm Delivered Through GitHub
  • [SANS ISC] Suspicious PDF Connecting to a Remote SMB Share

Popular Articles

  • Show me your SSID’s, I’ll Tell Who You Are! 33,124 views
  • Keep an Eye on SSH Forwarding! 29,710 views
  • Sending Windows Event Logs to Logstash 26,435 views
  • Check Point Firewall Logs and Logstash (ELK) Integration 21,869 views
  • Socat, Another Network Swiss Army Knife 19,946 views
  • Forensics: Reconstructing Data from Pcap Files 18,089 views
  • Vulnerability Scanner within Nmap 17,694 views
  • dns2tcp: How to bypass firewalls or captive portals? 17,382 views
  • Post-BruCON Experience – Running a Wall of Sheep in the Wild 15,527 views
  • Bash: History to Syslog 12,058 views

Recent Tweets

  • The only way to get notifications about a flight is via #Facebook Messenger? You kidding @BrusselsAirport? pic.twitter.com/aYtdYGAf41

    Yesterday at 12:49

  • If you consider spams & port scans as « attacks », you’re doing it wrong... #ktxbye twitter.com/dcuthbert/status/1…

    March 16, 2019 09:36

  • Dear @intel, could you fix your downloadcenter.intel.com site? Tx! pic.twitter.com/Asz0UTldTt

    March 14, 2019 20:07

  • Funny attacker trick to prevent detection by a simple pattern like “/c powershell.exe” pic.twitter.com/GJ0HIIltNa

    March 13, 2019 14:08

  • “Recently, 360 Total Security team intercepted a new worm #PsMiner written in Go, which uses CVE-2018-1273, CVE-201… twitter.com/i/web/status/11057…

    March 13, 2019 08:09

Time Machine

RSS NVD Vulnerabilities Feed

  • CVE-2018-15509 (agent_desktop_plus) March 18, 2019
    Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
  • CVE-2018-20806 (phamm) March 17, 2019
    Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
  • CVE-2019-5616 (scion-8_firmware) March 15, 2019
    CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
  • CVE-2018-17882 (battletoken) March 15, 2019
    An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.
  • CVE-2018-17955 (yast2-multipath) March 15, 2019
    In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection
  • CVE-2018-17956 (yast2-samba-provision) March 15, 2019
    In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list
  • CVE-2018-18205 (cc8800ce_firmware) March 15, 2019
    Topvision CC8800 CMTS C-E devices allow remote attackers to obtain sensitive information via a direct request for /WebContent/startup.tar.gz with userName=admin in a cookie.
  • CVE-2018-20106 (yast2-printer) March 15, 2019
    In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast.
Copyright Xavier Mertens © 2003-2018 | Powered by Xavier Mertens Consulting.
This website uses cookies to improve your experience. By using our services, you agree to our use of cookies. Accept Learn more