Skip to content
/dev/random

/dev/random

"If the enemy leaves a door open, you must rush in." – Sun Tzu

  • About Me
    • About Me
    • Online Presentations
    • PGP Public Key
  • Disclaimer
  • Tools
    • alerts2afterglow
    • hoover
    • inotes.py
    • known_hosts_bruteforcer
    • pastemon
    • oplb
    • ossec_dashboard
    • ossec2dshield
    • twittermon
    • rrhunter
    • syslog2loggly

Weather forecasts

January 15, 2003 Uncategorized Comments Off on Weather forecasts

There is now weather forecasts (and current) available for Brussels, Belgium.
Still deploying the future interface. Be patient! 🙂

Post navigation

« Pic upload test!
Happy Birthday to my job! »

Stay in Touch

RSS Twitter LinkedIn

Upcoming Events

Here is a list of events that I will attend and cover via Twitter and wrap-ups. Ping me if you want to meet! The list is regularly updated.

SANS London 2020
TF-CSIRT meeting & FIRST Regional Symposium Europe

Recent Articles

  • [SANS ISC] Code & Data Reuse in the Malware Ecosystem
  • BotConf 2019 Wrap-Up Day #3
  • BotConf 2019 Wrap-Up Day #2
  • BotConf 2019 Wrap-Up Day #1
  • DeepSec 2019 Wrap-Up Day #2

Popular Articles

  • Show me your SSID's, I'll Tell Who You Are! 37,838 views
  • Keep an Eye on SSH Forwarding! 36,212 views
  • Sending Windows Event Logs to Logstash 29,543 views
  • Socat, Another Network Swiss Army Knife 26,068 views
  • Check Point Firewall Logs and Logstash (ELK) Integration 25,819 views
  • Forensics: Reconstructing Data from Pcap Files 21,874 views
  • dns2tcp: How to bypass firewalls or captive portals? 20,957 views
  • Vulnerability Scanner within Nmap 18,697 views
  • Post-BruCON Experience - Running a Wall of Sheep in the Wild 17,427 views
  • Bash: History to Syslog 15,476 views

Recent Tweets

  • I'm wondering about the purpose of adding the #EICAR string in a malicious code!? pic.twitter.com/Mx5damTq4o

    Yesterday at 22:42

  • #REM - Reverse Engineering Malware - is everywhere! #FOR610 #THIREurope pic.twitter.com/pe6t01NFXp

    January 17, 2020 08:52

  • Interesting read: "Malicious code in a WAV file" ... Why not? :) www.guardicore.com/2020/01/thr…

    January 15, 2020 22:57

  • Hey @Logitech, I think that your spotlight app has a memory leak problem on Catalina... Just be moving the spot on… twitter.com/i/web/status/12175…

    January 15, 2020 20:32

  • I think we will more and more face #Infosec tabloïds! #Infosecloser ;) twitter.com/eilah_tan/status/1…

    January 14, 2020 19:43

Time Machine

RSS NVD Vulnerabilities Feed

  • CVE-2019-17573 (cxf) January 16, 2020
    By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present […]
  • CVE-2019-19855 (serpico) January 15, 2020
    An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/list_user allows stored XSS via the auth_type parameter.
  • CVE-2019-19854 (serpico) January 15, 2020
    An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. It does not use CSRF Tokens to mitigate against CSRF; it uses the Origin header (which must match the request origin). This is problematic in conjunction with XSS: one can escalate privileges from User level to Administrator.
  • CVE-2019-19858 (serpico) January 15, 2020
    An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/add_user/UID allows stored XSS via the author parameter.
  • CVE-2019-19856 (serpico) January 15, 2020
    An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The User Type on the admin/list_user page allows stored XSS via the type parameter.
  • CVE-2019-15012 (bitbucket) January 15, 2020
    Bitbucket Server and Bitbucket Data Center from version 4.13. before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before […]
  • CVE-2019-15010 (bitbucket) January 15, 2020
    Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from […]
  • CVE-2019-20097 (bitbucket) January 15, 2020
    Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 […]
Copyright Xavier Mertens © 2003-2019 | Powered by Xavier Mertens Consulting.
This website uses cookies to improve your experience. By using our services, you agree to our use of cookies. Accept Learn more
Privacy & Cookies Policy

Necessary Always Enabled