Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 1,752

Feed: SANS Internet Storm Center, InfoCON: green

Articles recieved 28/06/2021
Article: CFBF Files Strings Analysis, (Mon, Jun 28th) - published over 2 years ago.
Content: The Office file format that predates the OOXML format, is a binary format based on the CFBF format. I informally call this the ole file format.
https://isc.sans.edu/diary/rss/27576 
🔥🔥
 
Published: 2021 06 28 17:10:33
Received: 2021 06 28 19:00:51
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Monday, June 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7560, (Mon, Jun 28th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27574 
🔥🔥
 
Published: 2021 06 28 02:05:02
Received: 2021 06 28 03:00:52
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
19:00 CFBF Files Strings Analysis, (Mon, Jun 28th)
🔥🔥
03:00 ISC Stormcast For Monday, June 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7560, (Mon, Jun 28th)
🔥🔥
Articles recieved 27/06/2021
Article: DIY CD/DVD Destruction, (Sun, Jun 27th) - published almost 3 years ago.
Content: I have some personal CDs & DVDs to dispose of. And I don't want them to reamain (easily) readable.
https://isc.sans.edu/diary/rss/27572 
🔥🔥
 
Published: 2021 06 27 19:14:18
Received: 2021 06 27 21:00:43
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
21:00 DIY CD/DVD Destruction, (Sun, Jun 27th)
🔥🔥
Articles recieved 26/06/2021
Article: CVE-2019-9670: Zimbra Collaboration Suite XXE vulnerability, (Sat, Jun 26th) - published almost 3 years ago.
Content: This XML External Entity injection (XXE) vulnerability disclosed in March 2019 is still actively scanned for a vulnerable mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10. This exploit attempts to read the Zimbra configuration file that contains an LDAP password for the zimbra account.
https://isc.sans.edu/diary/rss/27570 
🔥🔥
 
Published: 2021 06 26 10:13:15
Received: 2021 06 26 12:00:47
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
12:00 CVE-2019-9670: Zimbra Collaboration Suite XXE vulnerability, (Sat, Jun 26th)
🔥🔥
Articles recieved 25/06/2021
Article: ISC Stormcast For Friday, June 25th, 2021 https://isc.sans.edu/podcastdetail.html?id=7558, (Fri, Jun 25th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27568 
🔥🔥
 
Published: 2021 06 25 02:05:03
Received: 2021 06 25 04:00:43
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Is this traffic bAD?, (Fri, Jun 25th) - published almost 3 years ago.
Content: It seems like every time I take a handler shift lately, I'm talking about an uptick of traffic on another port and I'm not breaking that trend today. This really takes me back to the early days of the Internet Storm Center when that seemed to be the main thing we talked about. This time, the port that gotmy attention is UDP port 389. This is the normal port ...
https://isc.sans.edu/diary/rss/27566 
🔥🔥
 
Published: 2021 06 25 00:45:40
Received: 2021 06 25 02:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
04:00 ISC Stormcast For Friday, June 25th, 2021 https://isc.sans.edu/podcastdetail.html?id=7558, (Fri, Jun 25th)
🔥🔥
02:00 Is this traffic bAD?, (Fri, Jun 25th)
🔥🔥
Articles recieved 24/06/2021
Article: Do you Like Cookies? Some are for sale!, (Thu, Jun 24th) - published almost 3 years ago.
Content: Cookies… These small pieces of information are always with us. Since the GDPR was kicked off in Europe, we are flooded by pop-ups asking if we accept “cookies”. Honestly, most people don’t take time to read the warning and just accept the default settings.
https://isc.sans.edu/diary/rss/27558 
🔥🔥
 
Published: 2021 06 24 05:33:16
Received: 2021 06 24 07:00:42
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Thursday, June 24th, 2021 https://isc.sans.edu/podcastdetail.html?id=7556, (Thu, Jun 24th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27564 
🔥🔥
 
Published: 2021 06 24 02:00:03
Received: 2021 06 24 02:00:50
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
07:00 Do you Like Cookies? Some are for sale!, (Thu, Jun 24th)
🔥🔥
02:00 ISC Stormcast For Thursday, June 24th, 2021 https://isc.sans.edu/podcastdetail.html?id=7556, (Thu, Jun 24th)
🔥🔥
Articles recieved 23/06/2021
Article: Standing With Security Researchers Against Misuse of the DMCA, (Wed, Jun 23rd) - published almost 3 years ago.
Content: As Dean of Research for our graduate school (sans.edu), I often assist students in developing their research ideas. The research conducted by our students is valuable and important to defend our networks against highly organized and well-funded threat actors. Any restriction on our student's ability to conduct their research, and sharing their results freely...
https://isc.sans.edu/diary/rss/27562 
🔥🔥
 
Published: 2021 06 23 15:56:47
Received: 2021 06 23 17:00:53
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, June 23rd, 2021 https://isc.sans.edu/podcastdetail.html?id=7554, (Wed, Jun 23rd) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27560 
🔥🔥
 
Published: 2021 06 23 02:10:03
Received: 2021 06 23 04:00:40
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
17:00 Standing With Security Researchers Against Misuse of the DMCA, (Wed, Jun 23rd)
🔥🔥
04:00 ISC Stormcast For Wednesday, June 23rd, 2021 https://isc.sans.edu/podcastdetail.html?id=7554, (Wed, Jun 23rd)
🔥🔥
Articles recieved 22/06/2021
Article: Phishing asking recipients not to report abuse, (Tue, Jun 22nd) - published almost 3 years ago.
Content: It can be a little disheartening to deal with well-prepared phishing attacks every day, since one can easily see how even users who are fully “security-aware” could fall for some them. The messages don’t even have to be too complex to be believable. For example, a message containing seemingly innocuous text and a link that points to legitimate, well-known do...
https://isc.sans.edu/diary/rss/27556 
🔥🔥
 
Published: 2021 06 22 13:15:17
Received: 2021 06 22 16:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, June 22nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7552, (Tue, Jun 22nd) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27554 
🔥🔥
 
Published: 2021 06 22 02:00:03
Received: 2021 06 22 04:00:40
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
16:00 Phishing asking recipients not to report abuse, (Tue, Jun 22nd)
🔥🔥
04:00 ISC Stormcast For Tuesday, June 22nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7552, (Tue, Jun 22nd)
🔥🔥
Articles recieved 21/06/2021
Article: Mitre CWE - Common Weakness Enumeration, (Mon, Jun 21st) - published almost 3 years ago.
Content: If you are involved in the security industry  you are at least somewhat familiar with the Mitre ATT&CK framework, the very useful, community driven, knowledgebase of attack threat models and methodologies which can be used to emulate adversary behavior to test security controls. However fewer are aware of a lesser known Mitre project, Common Weakness Enu...
https://isc.sans.edu/diary/rss/27552 
🔥🔥
 
Published: 2021 06 21 19:10:23
Received: 2021 06 21 21:00:39
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Executives and Ransomware Webcast: Stop, Collaborate, and Listen! - https://www.sans.org/webcasts/executives-ransomware-stop-collaborate-listen-120150, (Mon, Jun 21st) - published almost 3 years ago.
Content: -- Rick Wanner MSISE - rwanner at isc dot sans dot edu - Twitter:namedeplume (Protected)
https://isc.sans.edu/diary/rss/27550 
🔥🔥
 
Published: 2021 06 21 15:24:32
Received: 2021 06 21 17:00:44
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Monday, June 21st, 2021 https://isc.sans.edu/podcastdetail.html?id=7550, (Mon, Jun 21st) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27548 
🔥🔥
 
Published: 2021 06 21 02:00:03
Received: 2021 06 21 03:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
21:00 Mitre CWE - Common Weakness Enumeration, (Mon, Jun 21st)
🔥🔥
17:00 Executives and Ransomware Webcast: Stop, Collaborate, and Listen! - https://www.sans.org/webcasts/executives-ransomware-stop-collaborate-listen-120150, (Mon, Jun 21st)
🔥🔥
03:00 ISC Stormcast For Monday, June 21st, 2021 https://isc.sans.edu/podcastdetail.html?id=7550, (Mon, Jun 21st)
🔥🔥
Articles recieved 20/06/2021
Article: Video: oledump Cheat Sheet, (Sun, Jun 20th) - published almost 3 years ago.
Content: I did create a SANS cheat sheet for oledump.py.
https://isc.sans.edu/diary/rss/27546 
🔥🔥
 
Published: 2021 06 20 14:59:32
Received: 2021 06 20 16:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
16:00 Video: oledump Cheat Sheet, (Sun, Jun 20th)
🔥🔥
Articles recieved 19/06/2021
Article: Easy Access to the NIST RDS Database, (Sat, Jun 19th) - published almost 3 years ago.
Content: When you're facing some suspicious files while performing forensic investigations or analyzing malware components, it's always interesting to know these files are legit or malicious/modified. One of the key sources to verify hashes is provided by NIST and is called the NSLR project ("National Software Reference Library")[1]. They build "Reference Data Set" (...
https://isc.sans.edu/diary/rss/27544 
🔥🔥
 
Published: 2021 06 19 10:27:32
Received: 2021 06 19 11:00:34
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
11:00 Easy Access to the NIST RDS Database, (Sat, Jun 19th)
🔥🔥
Articles recieved 18/06/2021
Article: Open redirects ... and why Phishers love them, (Fri, Jun 18th) - published almost 3 years ago.
Content: Working from home, did you get a meeting invite recently that pointed to https://meet.google.com ?  Well, that's indeed where Google's online meeting tool is located. But potentially the URL you got is not "only" leading you there.
https://isc.sans.edu/diary/rss/27542 
🔥🔥
 
Published: 2021 06 18 13:03:34
Received: 2021 06 18 15:01:07
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: 
Network Forensics on Azure VMs (Part #2), (Fri, Jun 18th) - published almost 3 years ago.
Content: In yesterday's diary, we took a look at two methods that allow to capture network connection information off a potentially compromised virtual machine in Azure. Today, we'll investigate the most recent addition to the VM monitoring arsenal, namely "Azure Monitor Insights".
https://isc.sans.edu/diary/rss/27538 
🔥🔥
 
Published: 2021 06 18 00:28:16
Received: 2021 06 18 03:00:47
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Friday, June 18th, 2021 https://isc.sans.edu/podcastdetail.html?id=7548, (Fri, Jun 18th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27540 
🔥🔥
 
Published: 2021 06 18 02:00:04
Received: 2021 06 18 03:00:47
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: 
 Network Forensics on Azure VMs (Part #1), (Thu, Jun 17th) - published almost 3 years ago.
Content: The tooling to investigate a potentially malicious event on an Azure Cloud VM is still in its infancy. We have covered before (Forensicating Azure VMs) how we can create a snapshot of the OS disk of a running VM. Snapshotting and then killing off the infected VM is very straight forward, but it also tips off an intruder that he has been found out. Sometimes,...
https://isc.sans.edu/diary/rss/27536 
🔥🔥
 
Published: 2021 06 17 14:40:22
Received: 2021 06 18 02:00:45
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Network Forensics on Azure VMs (Part #2), (Fri, Jun 18th) - published almost 3 years ago.
Content: In yesterday's diary, we took a look at two methods that allow to capture network connection information off a potentially compromised virtual machine in Azure. Today, we'll investigate the most recent addition to the VM monitoring arsenal, namely "Azure Monitor Insights".
https://isc.sans.edu/diary/rss/27538 
🔥🔥
 
Published: 2021 06 18 00:28:16
Received: 2021 06 18 02:00:45
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
15:01 Open redirects ... and why Phishers love them, (Fri, Jun 18th)
🔥🔥
03:00 
Network Forensics on Azure VMs (Part #2), (Fri, Jun 18th)
🔥🔥
03:00 ISC Stormcast For Friday, June 18th, 2021 https://isc.sans.edu/podcastdetail.html?id=7548, (Fri, Jun 18th)
🔥🔥
02:00 
 Network Forensics on Azure VMs (Part #1), (Thu, Jun 17th)
🔥🔥
02:00 Network Forensics on Azure VMs (Part #2), (Fri, Jun 18th)
🔥🔥
Articles recieved 17/06/2021
Article: Network Forensics on Azure VMs (Part #1), (Thu, Jun 17th) - published almost 3 years ago.
Content: The tooling to investigate a potentially malicious event on an Azure Cloud VM is still in its infancy. We have covered before (Forensicating Azure VMs) how we can create a snapshot of the OS disk of a running VM. Snapshotting and then killing off the infected VM is very straight forward, but it also tips off an intruder that he has been found out. Sometimes,...
https://isc.sans.edu/diary/rss/27536 
🔥🔥
 
Published: 2021 06 17 14:40:22
Received: 2021 06 17 16:00:52
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Thursday, June 17th, 2021 https://isc.sans.edu/podcastdetail.html?id=7546, (Thu, Jun 17th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27534 
🔥🔥
 
Published: 2021 06 17 02:10:03
Received: 2021 06 17 04:00:50
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
16:00 Network Forensics on Azure VMs (Part #1), (Thu, Jun 17th)
🔥🔥
04:00 ISC Stormcast For Thursday, June 17th, 2021 https://isc.sans.edu/podcastdetail.html?id=7546, (Thu, Jun 17th)
🔥🔥
Articles recieved 16/06/2021
Article: June 2021 Forensic Contest, (Wed, Jun 16th) - published almost 3 years ago.
Content: Introduction
https://isc.sans.edu/diary/rss/27532 
🔥🔥
 
Published: 2021 06 16 20:09:59
Received: 2021 06 16 21:00:59
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, June 16th, 2021 https://isc.sans.edu/podcastdetail.html?id=7544, (Wed, Jun 16th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27530 
🔥🔥
 
Published: 2021 06 16 02:00:03
Received: 2021 06 16 05:01:28
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
21:00 June 2021 Forensic Contest, (Wed, Jun 16th)
🔥🔥
05:01 ISC Stormcast For Wednesday, June 16th, 2021 https://isc.sans.edu/podcastdetail.html?id=7544, (Wed, Jun 16th)
🔥🔥
Articles recieved 15/06/2021
Article: Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more, (Tue, Jun 15th) - published almost 3 years ago.
Content: Vulnerable perimeter devices remain a popular target, and we do see consistent exploit attempts against them. This weekend, Guy wrote about some scans for Fortinet vulnerabilities [1], and Xavier notes that Crowdstrike observed attacks against EoL Sonicwalls [2]. Starting earlier this month, we did also observe a consistent trickle of requests looking for a ...
https://isc.sans.edu/diary/rss/27528 
🔥🔥
 
Published: 2021 06 15 10:16:33
Received: 2021 06 15 12:01:14
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, June 15th, 2021 https://isc.sans.edu/podcastdetail.html?id=7542, (Tue, Jun 15th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27526 
🔥🔥
 
Published: 2021 06 15 02:00:03
Received: 2021 06 15 03:00:51
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
12:01 Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more, (Tue, Jun 15th)
🔥🔥
03:00 ISC Stormcast For Tuesday, June 15th, 2021 https://isc.sans.edu/podcastdetail.html?id=7542, (Tue, Jun 15th)
🔥🔥
Articles recieved 14/06/2021
Article: ISC Stormcast For Monday, June 14th, 2021 https://isc.sans.edu/podcastdetail.html?id=7540, (Mon, Jun 14th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27524 
🔥🔥
 
Published: 2021 06 14 02:05:02
Received: 2021 06 14 04:00:53
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
04:00 ISC Stormcast For Monday, June 14th, 2021 https://isc.sans.edu/podcastdetail.html?id=7540, (Mon, Jun 14th)
🔥🔥
Articles recieved 13/06/2021
Article: Update: mac-robber.py, (Sun, Jun 13th) - published almost 3 years ago.
Content: Almost 4 years ago, I wrote a python version of mac-robber. I use it fairly regularly at $dayjob. This past week, one of my co-workers was using it, but realized that it hashes large files a little too slowly. He decided to use mac-robber.py to collect the MAC times and do the hashing separately so he could limit the hashes to to files under a certain size. ...
https://isc.sans.edu/diary/rss/27522 
🔥🔥
 
Published: 2021 06 13 01:34:51
Received: 2021 06 13 03:00:48
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
03:00 Update: mac-robber.py, (Sun, Jun 13th)
🔥🔥
Articles recieved 12/06/2021
Article: Fortinet Targeted for Unpatched SSL VPN Discovery Activity, (Sat, Jun 12th) - published almost 3 years ago.
Content: Over the past 60 days, I have observed scanning activity to discover FortiGate SSL VPN unpatched services. Fortinet has fixed several critical vulnerabilities in SSL VPN and web firewall this year from Remote Code Execution (RCE) to SQL Injection, Denial of Service (DoS) which impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) products...
https://isc.sans.edu/diary/rss/27520 
🔥🔥
 
Published: 2021 06 12 17:32:44
Received: 2021 06 12 19:00:44
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
19:00 Fortinet Targeted for Unpatched SSL VPN Discovery Activity, (Sat, Jun 12th)
🔥🔥
Articles recieved 11/06/2021
Article: Sonicwall SRA 4600 Targeted By an Old Vulnerability, (Fri, Jun 11th) - published almost 3 years ago.
Content: Devices and applications used to provide remote access are juicy targets. I've already been involved in many ransomware cases and most of the time, the open door was an unpatched VPN device/remote access solution or weak credentials. A good example, the recent attack against the Colonial Pipeline that started with a legacy VPN profile[1].
https://isc.sans.edu/diary/rss/27518 
🔥🔥
 
Published: 2021 06 11 13:55:53
Received: 2021 06 11 16:00:44
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Keeping an Eye on Dangerous Python Modules, (Fri, Jun 11th) - published almost 3 years ago.
Content: With Python getting more and more popular, especially on Microsoft Operating systems, it's common to find malicious Python scripts today. I already covered some of them in previous diaries[1][2]. I like this language because it is very powerful: You can automate boring tasks in a few lines. It can be used for offensive as well as defensive purposes, and... i...
https://isc.sans.edu/diary/rss/27514 
🔥🔥
 
Published: 2021 06 11 05:31:23
Received: 2021 06 11 07:00:50
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Friday, June 11th, 2021 https://isc.sans.edu/podcastdetail.html?id=7538, (Fri, Jun 11th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27516 
🔥🔥
 
Published: 2021 06 11 02:00:02
Received: 2021 06 11 04:00:43
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
16:00 Sonicwall SRA 4600 Targeted By an Old Vulnerability, (Fri, Jun 11th)
🔥🔥
07:00 Keeping an Eye on Dangerous Python Modules, (Fri, Jun 11th)
🔥🔥
04:00 ISC Stormcast For Friday, June 11th, 2021 https://isc.sans.edu/podcastdetail.html?id=7538, (Fri, Jun 11th)
🔥🔥
Articles recieved 10/06/2021
Article: Are Cookie Banners a Waste of Time or a Complete Waste of Time?, (Thu, May 20th) - published almost 3 years ago.
Content: Legislation, in particular in the European Union, has led to a proliferation of "Cookie Banners." Warning banners that either ask you for blanket permission to set cookies or, in some cases, provide you with some control as to what cookies you do allow. These regulations emerged after advertisers made excessive use of HTTP Cookies to track users across diffe...
https://isc.sans.edu/diary/rss/27436 
🔥🔥
 
Published: 2021 06 10 12:08:59
Received: 2021 06 10 14:00:44
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Thursday, June 10th, 2021 https://isc.sans.edu/podcastdetail.html?id=7536, (Thu, Jun 10th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27512 
🔥🔥
 
Published: 2021 06 10 02:00:03
Received: 2021 06 10 04:00:47
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
14:00 Are Cookie Banners a Waste of Time or a Complete Waste of Time?, (Thu, May 20th)
🔥🔥
04:00 ISC Stormcast For Thursday, June 10th, 2021 https://isc.sans.edu/podcastdetail.html?id=7536, (Thu, Jun 10th)
🔥🔥
Articles recieved 09/06/2021
Article: Architecture, compilers and black magic, or "what else affects the ability of AVs to detect malicious files", (Wed, Jun 9th) - published almost 3 years ago.
Content: In my last diary, we went over the impact of different Base encodings on the ability of anti-malware tools to detect malicious code[1]. Since results of our tests showed (among other things) that AV tools in general still struggle significantly more with detecting 64-bit malicious code then 32-bit malicious code, I thought it might be interesting to discuss ...
https://isc.sans.edu/diary/rss/27510 
🔥🔥
 
Published: 2021 06 09 11:23:11
Received: 2021 06 09 13:00:40
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, June 9th, 2021 https://isc.sans.edu/podcastdetail.html?id=7534, (Wed, Jun 9th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27508 
🔥🔥
 
Published: 2021 06 09 02:10:03
Received: 2021 06 09 03:00:45
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
13:00 Architecture, compilers and black magic, or "what else affects the ability of AVs to detect malicious files", (Wed, Jun 9th)
🔥🔥
03:00 ISC Stormcast For Wednesday, June 9th, 2021 https://isc.sans.edu/podcastdetail.html?id=7534, (Wed, Jun 9th)
🔥🔥
Articles recieved 08/06/2021
Article: Microsoft June 2021 Patch Tuesday, (Tue, Jun 8th) - published almost 3 years ago.
Content: This month we got patches for 50 vulnerabilities. Of these, 5 are critical, 2 were previously disclosed and 6 is already being exploited according to Microsoft.
https://isc.sans.edu/diary/rss/27506 
🔥🔥
 
Published: 2021 06 08 17:57:19
Received: 2021 06 08 20:00:42
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, June 8th, 2021 https://isc.sans.edu/podcastdetail.html?id=7532, (Tue, Jun 8th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27504 
🔥🔥
 
Published: 2021 06 08 02:00:03
Received: 2021 06 08 04:00:40
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
20:00 Microsoft June 2021 Patch Tuesday, (Tue, Jun 8th)
🔥🔥
04:00 ISC Stormcast For Tuesday, June 8th, 2021 https://isc.sans.edu/podcastdetail.html?id=7532, (Tue, Jun 8th)
🔥🔥
Articles recieved 07/06/2021
Article: Amazon Sidewalk: Cutting Through the Hype, (Mon, Jun 7th) - published almost 3 years ago.
Content: Later this week (tomorrow?), Amazon will enable its new Sidewalk feature. The feature has already gotten a lot of bad press. Much of this comes from the fact that existing devices are automatically used as Sidewalk Gateways, and users will have to opt out. New devices may require a specific opt-in during setup.
https://isc.sans.edu/diary/rss/27502 
🔥🔥
 
Published: 2021 06 07 19:22:50
Received: 2021 06 07 17:00:42
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Monday, June 7th, 2021 https://isc.sans.edu/podcastdetail.html?id=7530, (Mon, Jun 7th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27500 
🔥🔥
 
Published: 2021 06 07 02:05:03
Received: 2021 06 07 03:00:35
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
17:00 Amazon Sidewalk: Cutting Through the Hype, (Mon, Jun 7th)
🔥🔥
03:00 ISC Stormcast For Monday, June 7th, 2021 https://isc.sans.edu/podcastdetail.html?id=7530, (Mon, Jun 7th)
🔥🔥
Articles recieved 06/06/2021
Article: Quick and dirty Python: nmap, (Mon, May 31st) - published almost 3 years ago.
Content: Continuing on from the "Quick and dirty Python: masscan" diary, which implemented a simple port scanner in Python using masscan to detect web instances on TCP ports 80 or 443.  Masscan is perfectly good as a blunt instrument to quickly find open TCP ports across large address spaces, but for fine details it is better to use a scanner like nmap that, while mu...
https://isc.sans.edu/diary/rss/27480 
🔥🔥
 
Published: 2021 05 31 19:20:50
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, June 1st, 2021 https://isc.sans.edu/podcastdetail.html?id=7522, (Tue, Jun 1st) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27484 
🔥🔥
 
Published: 2021 06 01 02:00:02
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Guildma is now using Finger and Signed Binary Proxy Execution to evade defenses, (Mon, May 31st) - published almost 3 years ago.
Content:  
https://isc.sans.edu/diary/rss/27482 
🔥🔥
 
Published: 2021 06 01 11:00:57
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, June 2nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7524, (Wed, Jun 2nd) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27486 
🔥🔥
 
Published: 2021 06 02 02:10:02
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Wireshark 3.4.6 (and 3.2.14) released, (Wed, Jun 2nd) - published almost 3 years ago.
Content: A new version of wireshark is out, a couple of bugfixes including a QUIC TLK decryption issue. Also, the Windows version now comes with npcap 1.31 (updated from 1.10).
https://isc.sans.edu/diary/rss/27488 
🔥🔥
 
Published: 2021 06 02 20:15:53
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Thursday, June 3rd, 2021 https://isc.sans.edu/podcastdetail.html?id=7526, (Thu, Jun 3rd) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27490 
🔥🔥
 
Published: 2021 06 03 02:10:02
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: DShield Data Analysis: Taking a Look at Port 45740 Activity, (Thu, Jun 3rd) - published almost 3 years ago.
Content: At the SANS Internet Storm Center (ISC), handlers frequently analyze data submitted from DShield participants to determine activity trends and potential attacks. A few days ago on May 31st, I observed a small anomaly for %%port:45740%% and decided to monitor it for the next 3 days or so. There was a huge spike in number of sources/day and reports/day recorde...
https://isc.sans.edu/diary/rss/27492 
🔥🔥
 
Published: 2021 06 03 07:00:02
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Friday, June 4th, 2021 https://isc.sans.edu/podcastdetail.html?id=7528, (Fri, Jun 4th) - published almost 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27498 
🔥🔥
 
Published: 2021 06 04 02:00:03
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Russian Dolls VBS Obfuscation, (Fri, Jun 4th) - published almost 3 years ago.
Content: We received an interesting sample from one of our readers (thanks Henry!) and we like this. If you find something interesting, we are always looking for fresh meat! Henry's sample was delivered in a password-protected ZIP archive and the file was a VBS script called "presentation_37142.vbs" (SHA256:2def8f350b1e7fc9a45669bc5f2c6e0679e901aac233eac6355026803494...
https://isc.sans.edu/diary/rss/27494 
🔥🔥
 
Published: 2021 06 04 05:01:36
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Strange goings on with port 37, (Thu, Jun 3rd) - published almost 3 years ago.
Content: Similar to Yee Ching's diary on Thursday, I noticed an oddity in the Dshield data last weekend (which I had hoped to discuss in a diary on Wednesday, but life got in the way) and thought it was worth asking around to see if anyone knows what is going on. As soon as I saw it, I reconfigured my honeypots to try to capture the traffic, but wasn't able to. I'm a...
https://isc.sans.edu/diary/rss/27496 
🔥🔥
 
Published: 2021 06 05 02:45:21
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
09:01 Quick and dirty Python: nmap, (Mon, May 31st)
🔥🔥
09:01 ISC Stormcast For Tuesday, June 1st, 2021 https://isc.sans.edu/podcastdetail.html?id=7522, (Tue, Jun 1st)
🔥🔥
09:01 Guildma is now using Finger and Signed Binary Proxy Execution to evade defenses, (Mon, May 31st)
🔥🔥
09:01 ISC Stormcast For Wednesday, June 2nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7524, (Wed, Jun 2nd)
🔥🔥
09:01 Wireshark 3.4.6 (and 3.2.14) released, (Wed, Jun 2nd)
🔥🔥
09:01 ISC Stormcast For Thursday, June 3rd, 2021 https://isc.sans.edu/podcastdetail.html?id=7526, (Thu, Jun 3rd)
🔥🔥
09:01 DShield Data Analysis: Taking a Look at Port 45740 Activity, (Thu, Jun 3rd)
🔥🔥
09:01 ISC Stormcast For Friday, June 4th, 2021 https://isc.sans.edu/podcastdetail.html?id=7528, (Fri, Jun 4th)
🔥🔥
09:01 Russian Dolls VBS Obfuscation, (Fri, Jun 4th)
🔥🔥
09:01 Strange goings on with port 37, (Thu, Jun 3rd)
🔥🔥
Cyber Tzar Free Score Certificate
Cyber Tzar Free Score Certificate
Cyber Tzar Your Score Explained
Cyber Tzar Your Score Explained
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 1,752
  • "Home" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
  • Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
  • Authors is the most poorly serviced field in the articles we see from cyber security news providers.
  • Only Published Date selections use the articles Published Date (for ordering and grouping).
  • The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
  • All subsequent pages show fifty items.
  • Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
  • Return to the top of this page "Go Now"

Custom HTML Block

Click to Open Code Editor