Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 142

Feed: /dev/random

Articles recieved 25/01/2023
Article: This Blog Has 20 Years! - published almost 2 years ago.
Content: Twenty years ago… I decided to start a blog to share my thoughts! That’s why I called it “/dev/random”. How was the Internet twenty years ago? Well, they were good things and bad ones… With the years, the blog content evolved, and I wrote a lot of technical stuff related to my job, experiences, tools, etc. Then, I had the opportunity to attend a lot ...
https://blog.rootshell.be/2023/01/25/this-blog-has-20-years/ 
🔥🔥
 
Published: 2023 01 25 19:54:33
Received: 2023 01 25 20:39:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Do you collect “Observables” or “IOCs”? - published about 2 years ago.
Content: I published the following diary on isc.sans.edu: “Do you collect “Observables” or “IOCs”?“: Indicators of Compromise, or IOCs, are key elements in blue team activities. IOCs are mainly small pieces of technical information that have been collected during investigations, threat hunting activities or malware analysis. About the last example, the malware an...
https://blog.rootshell.be/2022/11/10/sans-isc-do-you-collect-observables-or-iocs/ 
🔥🔥
 
Published: 2022 11 10 11:48:37
Received: 2023 01 25 18:19:14
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] A First Malicious OneNote Document - published almost 2 years ago.
Content: I published the following diary on isc.sans.edu: “A First Malicious OneNote Document“: Attackers are always trying to find new ways to deliver malware to victims. They recently started sending Microsoft OneNote files in massive phishing campaigns. OneNote files (ending the extension “.one”) are handled automatically by computers that have the Microsoft O...
https://blog.rootshell.be/2023/01/25/sans-isc-a-first-malicious-onenote-document/ 
🔥🔥
 
Published: 2023 01 25 17:40:38
Received: 2023 01 25 18:19:14
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
20:39 This Blog Has 20 Years!
🔥🔥
18:19 [SANS ISC] Do you collect “Observables” or “IOCs”?
🔥🔥
18:19 [SANS ISC] A First Malicious OneNote Document
🔥🔥
Articles recieved 10/11/2022
Article: [SANS ISC] Another Script-Based Ransomware - published about 2 years ago.
Content: I published the following diary on isc.sans.edu: “Another Script-Based Ransomware“: In the past, I already found some script-based ransomware samples written in Python or Powershell. The last one I found was only a “proof-of-concept” (my guess) but it demonstrates how easy such malware can be developed and how they remain undetected by most antivirus pro...
https://blog.rootshell.be/2022/11/09/sans-another-script-based-ransomware/ 
🔥🔥
 
Published: 2022 11 09 11:42:36
Received: 2022 11 10 12:39:59
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Do you collect “Observables” or “IOCs”? - published about 2 years ago.
Content: I published the following diary on isc.sans.edu: “Do you collect “Observables” or “IOCs”?“: Indicators of Compromise, or IOCs, are key elements in blue team activities. IOCs are mainly small pieces of technical information that have been collected during investigations, threat hunting activities or malware analysis. About the last example, the malware an...
https://blog.rootshell.be/2022/11/10/sans-isc-do-you-collect-observables-or-iocs/ 
🔥🔥
 
Published: 2022 11 10 11:48:37
Received: 2022 11 10 12:39:59
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:39 [SANS ISC] Another Script-Based Ransomware
🔥🔥
12:39 [SANS ISC] Do you collect “Observables” or “IOCs”?
🔥🔥
Articles recieved 09/11/2022
Article: Botconf Day 3 Wrap-Up - published over 2 years ago.
Content: Here we go with day 3! In the morning, there are always fewer people due to the short night. The gala dinner is always a key activity during Botconf! The last day started with “Jumping the air-gap: 15 years of nation-state efforts” presented by Alexis Dorais-Joncas and Facundo Munoz. Does “air-gap” means a big castle in the middle of the Internet? That’...
https://blog.rootshell.be/2022/04/30/botconf-day-3-wrap-up/ 
🔥🔥
 
Published: 2022 04 29 22:07:52
Received: 2022 11 09 12:19:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Use Your Browser Internal Password Vault… or Not? - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Use Your Browser Internal Password Vault… or Not?“: Passwords… a so hot topic! Recently big players (Microsoft, Apple & Google) announced that they would like to suppress (or, at least, reduce) the use of classic passwords. In the meantime, they remain the most common way to authenticate users against...
https://blog.rootshell.be/2022/05/17/sans-isc-use-your-browser-internal-password-vault-or-not/ 
🔥🔥
 
Published: 2022 05 17 10:08:55
Received: 2022 11 09 12:19:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes“: Yesterday, I analyzed a malicious archive for a customer. It was delivered to the mailbox of a user who, hopefully, was security-aware and reported it. The payload passed through the different security layers based on big players on the market! ...
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/ 
🔥🔥
 
Published: 2022 05 20 10:05:12
Received: 2022 11 09 12:19:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Sandbox Evasion… With Just a Filename! - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Sandbox Evasion… With Just a Filename!“: Today, many sandbox solutions are available and deployed by most organizations to detonate malicious files and analyze their behavior. The main problem with some sandboxes is the filename used to submit the sample. The file can be named like “sample.exe”, “suspicio...
https://blog.rootshell.be/2022/06/03/sans-isc-sandbox-evasion-with-just-a-filename/ 
🔥🔥
 
Published: 2022 06 03 10:29:33
Received: 2022 11 09 12:19:27
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Houdini is Back Delivered Through a JavaScript Dropper - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Houdini is Back Delivered Through a JavaScript Dropper“: Houdini is a very old RAT that was discovered years ago. The first mention I found back is from 2013! Houdini is a simple remote access tool written in Visual Basic Script. The script is not very interesting because it is non-obfuscated and has just...
https://blog.rootshell.be/2022/06/16/sans-isc-houdini-is-back-delivered-through-a-javascript-dropper/ 
🔥🔥
 
Published: 2022 06 16 11:11:03
Received: 2022 11 09 12:19:27
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Malicious PowerShell Targeting Cryptocurrency Browser Extensions - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious PowerShell Targeting Cryptocurrency Browser Extensions“: While hunting, I found an interesting PowerShell script. After a quick check, my first conclusion was that it is again a simple info stealer. After reading the code more carefully, the conclusion was different: It targets crypto-currency b...
https://blog.rootshell.be/2022/06/22/sans-isc-malicious-powershell-targeting-cryptocurrency-browser-extensions/ 
🔥🔥
 
Published: 2022 06 22 10:42:58
Received: 2022 11 09 12:19:27
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Another Script-Based Ransomware - published about 2 years ago.
Content: I published the following diary on isc.sans.edu: “Another Script-Based Ransomware“: In the past, I already found some script-based ransomware samples written in Python or Powershell. The last one I found was only a “proof-of-concept” (my guess) but it demonstrates how easy such malware can be developed and how they remain undetected by most antivirus pro...
https://blog.rootshell.be/2022/11/09/sans-another-script-based-ransomware/ 
🔥🔥
 
Published: 2022 11 09 11:42:36
Received: 2022 11 09 12:19:27
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:19 Botconf Day 3 Wrap-Up
🔥🔥
12:19 [SANS ISC] Use Your Browser Internal Password Vault… or Not?
🔥🔥
12:19 [SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
🔥🔥
12:19 [SANS ISC] Sandbox Evasion… With Just a Filename!
🔥🔥
12:19 [SANS ISC] Houdini is Back Delivered Through a JavaScript Dropper
🔥🔥
12:19 [SANS ISC] Malicious PowerShell Targeting Cryptocurrency Browser Extensions
🔥🔥
12:19 [SANS ISC] Another Script-Based Ransomware
🔥🔥
Articles recieved 24/10/2022
Article: CTI-Summit 2022 Luxembourg Wrap-Up - published about 2 years ago.
Content: It has been a while since I did not take time to write a security conference wrap-up. With all these COVID restrictions, we were stuck at home for a while. Still today, some events remain postponed and, worse, canceled! The energy crisis in Europe does not help, some venues are already increasing their prize to host events! How will this evolve? No idea, bu...
https://blog.rootshell.be/2022/10/24/cti-summit-2022-wrap-up/ 
🔥🔥
 
Published: 2022 10 24 15:58:11
Received: 2022 10 24 16:48:50
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
16:48 CTI-Summit 2022 Luxembourg Wrap-Up
🔥🔥
Articles recieved 20/07/2022
Article: [SANS ISC] Malicious Python Script Behaving Like a Rubber Ducky - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious Python Script Behaving Like a Rubber Ducky“: Last week, it was SANSFIRE in Washington where I presented a SANS@Night talk about malicious Python scripts in Windows environment. I’m still looking for more fresh meat and, yesterday, I found another interesting one. Do you remember the Rubber Du...
https://blog.rootshell.be/2022/07/20/sans-isc-malicious-python-script-behaving-like-a-rubber-ducky/ 
🔥🔥
 
Published: 2022 07 20 11:08:28
Received: 2022 07 20 12:28:22
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:28 [SANS ISC] Malicious Python Script Behaving Like a Rubber Ducky
🔥🔥
Articles recieved 06/07/2022
Article: Pass-The-Salt 2022 Wrap-Up - published over 2 years ago.
Content: Conferences are back! After Botconf in April, that’s Pass-The-Salt that is organized this week in Lille, France. After the two years break, the formula did not change: same location, free, presentations around security, and free software! And, most important, the same atmosphere. The first day started in the afternoon and talks are grouped by topic. The...
https://blog.rootshell.be/2022/07/06/pass-the-salt-2022-wrap-up/ 
🔥🔥
 
Published: 2022 07 06 16:42:30
Received: 2022 07 06 18:08:58
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
18:08 Pass-The-Salt 2022 Wrap-Up
🔥🔥
Articles recieved 26/06/2022
Article: [SANS ISC] Sandbox Evasion… With Just a Filename! - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Sandbox Evasion… With Just a Filename!“: Today, many sandbox solutions are available and deployed by most organizations to detonate malicious files and analyze their behavior. The main problem with some sandboxes is the filename used to submit the sample. The file can be named like “sample.exe”, “suspicio...
https://blog.rootshell.be/2022/06/03/sans-isc-sandbox-evasion-with-just-a-filename/ 
🔥🔥
 
Published: 2022 06 03 10:29:33
Received: 2022 06 26 19:48:02
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Houdini is Back Delivered Through a JavaScript Dropper - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Houdini is Back Delivered Through a JavaScript Dropper“: Houdini is a very old RAT that was discovered years ago. The first mention I found back is from 2013! Houdini is a simple remote access tool written in Visual Basic Script. The script is not very interesting because it is non-obfuscated and has just...
https://blog.rootshell.be/2022/06/16/sans-isc-houdini-is-back-delivered-through-a-javascript-dropper/ 
🔥🔥
 
Published: 2022 06 16 11:11:03
Received: 2022 06 26 19:48:02
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Malicious PowerShell Targeting Cryptocurrency Browser Extensions - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious PowerShell Targeting Cryptocurrency Browser Extensions“: While hunting, I found an interesting PowerShell script. After a quick check, my first conclusion was that it is again a simple info stealer. After reading the code more carefully, the conclusion was different: It targets crypto-currency b...
https://blog.rootshell.be/2022/06/22/sans-isc-malicious-powershell-targeting-cryptocurrency-browser-extensions/ 
🔥🔥
 
Published: 2022 06 22 10:42:58
Received: 2022 06 26 19:48:02
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
19:48 [SANS ISC] Sandbox Evasion… With Just a Filename!
🔥🔥
19:48 [SANS ISC] Houdini is Back Delivered Through a JavaScript Dropper
🔥🔥
19:48 [SANS ISC] Malicious PowerShell Targeting Cryptocurrency Browser Extensions
🔥🔥
Articles recieved 03/06/2022
Article: [SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes“: Yesterday, I analyzed a malicious archive for a customer. It was delivered to the mailbox of a user who, hopefully, was security-aware and reported it. The payload passed through the different security layers based on big players on the market! ...
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/ 
🔥🔥
 
Published: 2022 05 20 10:05:12
Received: 2022 06 03 10:46:21
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Sandbox Evasion… With Just a Filename! - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Sandbox Evasion… With Just a Filename!“: Today, many sandbox solutions are available and deployed by most organizations to detonate malicious files and analyze their behavior. The main problem with some sandboxes is the filename used to submit the sample. The file can be named like “sample.exe”, “suspicio...
https://blog.rootshell.be/2022/06/03/sans-isc-sandbox-evasion-with-just-a-filename/ 
🔥🔥
 
Published: 2022 06 03 10:29:33
Received: 2022 06 03 10:46:21
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
10:46 [SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
🔥🔥
10:46 [SANS ISC] Sandbox Evasion… With Just a Filename!
🔥🔥
Articles recieved 20/05/2022
Article: [SANS ISC] Use Your Browser Internal Password Vault… or Not? - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Use Your Browser Internal Password Vault… or Not?“: Passwords… a so hot topic! Recently big players (Microsoft, Apple & Google) announced that they would like to suppress (or, at least, reduce) the use of classic passwords. In the meantime, they remain the most common way to authenticate users against...
https://blog.rootshell.be/2022/05/17/sans-isc-use-your-browser-internal-password-vault-or-not/ 
🔥🔥
 
Published: 2022 05 17 10:08:55
Received: 2022 05 20 10:25:52
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes“: Yesterday, I analyzed a malicious archive for a customer. It was delivered to the mailbox of a user who, hopefully, was security-aware and reported it. The payload passed through the different security layers based on big players on the market! ...
https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/ 
🔥🔥
 
Published: 2022 05 20 10:05:12
Received: 2022 05 20 10:25:51
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
10:25 [SANS ISC] Use Your Browser Internal Password Vault… or Not?
🔥🔥
10:25 [SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
🔥🔥
Articles recieved 17/05/2022
Article: Botconf Day 3 Wrap-Up - published over 2 years ago.
Content: Here we go with day 3! In the morning, there are always fewer people due to the short night. The gala dinner is always a key activity during Botconf! The last day started with “Jumping the air-gap: 15 years of nation-state efforts” presented by Alexis Dorais-Joncas and Facundo Munoz. Does “air-gap” means a big castle in the middle of the Internet? That’...
https://blog.rootshell.be/2022/04/30/botconf-day-3-wrap-up/ 
🔥🔥
 
Published: 2022 04 29 22:07:52
Received: 2022 05 17 10:25:51
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Use Your Browser Internal Password Vault… or Not? - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Use Your Browser Internal Password Vault… or Not?“: Passwords… a so hot topic! Recently big players (Microsoft, Apple & Google) announced that they would like to suppress (or, at least, reduce) the use of classic passwords. In the meantime, they remain the most common way to authenticate users against...
https://blog.rootshell.be/2022/05/17/sans-isc-use-your-browser-internal-password-vault-or-not/ 
🔥🔥
 
Published: 2022 05 17 10:08:55
Received: 2022 05 17 10:25:51
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
10:25 Botconf Day 3 Wrap-Up
🔥🔥
10:25 [SANS ISC] Use Your Browser Internal Password Vault… or Not?
🔥🔥
Articles recieved 29/04/2022
Article: Botconf Day 1 Wrap-Up - published over 2 years ago.
Content: Incredible! Here is my first wrap-up for two years! Now that the COVID seems under control, it’s so good to be back at conferences and meet a lot of good friends. Like most of the events, Botconf was canceled, postponed, uncertain until the COVID situation was better and, finally, it occurs live! For this edition, we are in Nantes, France. I arrived yesterd...
https://blog.rootshell.be/2022/04/27/botconf-day-1-wrap-up/ 
🔥🔥
 
Published: 2022 04 27 20:09:59
Received: 2022 04 29 22:25:58
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: Botconf Day 3 Wrap-Up - published over 2 years ago.
Content: Here we go with day 3! In the morning, there are always fewer people due to the short night. The gala dinner is always a key activity during Botconf! The last day started with “Jumping the air-gap: 15 years of nation-state efforts” presented by Alexis Dorais-Joncas and Facundo Munoz. Does “air-gap” means a big castle in the middle of the Internet? That’...
https://blog.rootshell.be/2022/04/30/botconf-day-3-wrap-up/ 
🔥🔥
 
Published: 2022 04 29 22:07:52
Received: 2022 04 29 22:25:58
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
22:25 Botconf Day 1 Wrap-Up
🔥🔥
22:25 Botconf Day 3 Wrap-Up
🔥🔥
Articles recieved 28/04/2022
Article: Botconf Day 2 Wrap-Up - published over 2 years ago.
Content: The second day is already over. Here is my recap of the talks. The first one was “Identifying malware campaigns on a budget” by Max “Libra” Kersten and Rens Van Der Linden. The idea was to search for malicious activity without spending too much money. Read: “using as few resources as possible”. The solution proposed must be scalable, reusable, and repurposa...
https://blog.rootshell.be/2022/04/29/botconf-day-2-wrap-up/ 
🔥🔥
 
Published: 2022 04 28 22:47:48
Received: 2022 04 28 23:05:57
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
23:05 Botconf Day 2 Wrap-Up
🔥🔥
Articles recieved 27/04/2022
Article: [SANS ISC] Simple PDF Linking to Malicious Content - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Simple PDF Linking to Malicious Content“: Last week, I found an interesting piece of phishing based on a PDF file. Today, most of the PDF files that are delivered to end-user are not malicious, I mean that they don’t contain an exploit to trigger a vulnerability and infect the victim’s computer. They are ...
https://blog.rootshell.be/2022/04/25/sans-isc-simple-pdf-linking-to-malicious-content/ 
🔥🔥
 
Published: 2022 04 25 11:17:42
Received: 2022 04 27 20:26:32
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: Botconf Day 1 Wrap-Up - published over 2 years ago.
Content: Incredible! Here is my first wrap-up for two years! Now that the COVID seems under control, it’s so good to be back at conferences and meet a lot of good friends. Like most of the events, Botconf was canceled, postponed, uncertain until the COVID situation was better and, finally, it occurs live! For this edition, we are in Nantes, France. I arrived yesterd...
https://blog.rootshell.be/2022/04/27/botconf-day-1-wrap-up/ 
🔥🔥
 
Published: 2022 04 27 20:09:59
Received: 2022 04 27 20:26:32
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
20:26 [SANS ISC] Simple PDF Linking to Malicious Content
🔥🔥
20:26 Botconf Day 1 Wrap-Up
🔥🔥
Articles recieved 25/04/2022
Article: [SANS ISC] XLSB Files: Because Binary is Stealthier Than XML - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “XLSB Files: Because Binary is Stealthier Than XML“: In one of his last diaries, Brad mentioned an Excel sheet named with a .xlsb extension. Now, it was my turn to find one… What’s the magic behind this file extension? “XLS” means that we are facing an Excel sheet and “B” means that we have a binary workbo...
https://blog.rootshell.be/2022/03/25/sans-isc-xlsb-files-because-binary-is-stealthier-than-xml/ 
🔥🔥
 
Published: 2022 03 25 11:19:22
Received: 2022 04 25 11:45:39
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Simple PDF Linking to Malicious Content - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Simple PDF Linking to Malicious Content“: Last week, I found an interesting piece of phishing based on a PDF file. Today, most of the PDF files that are delivered to end-user are not malicious, I mean that they don’t contain an exploit to trigger a vulnerability and infect the victim’s computer. They are ...
https://blog.rootshell.be/2022/04/25/sans-isc-simple-pdf-linking-to-malicious-content/ 
🔥🔥
 
Published: 2022 04 25 11:17:42
Received: 2022 04 25 11:45:39
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Keep an Eye on WebSockets - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Keep an Eye on WebSockets“: It has been a while that I did not spot WebSockets used by malware. Yesterday I discovered an interesting piece of Powershell. Very small and almost undetected according to its Virustotal score (2/54). A quick reminder for those that don’t know what a “WebSocket” is. When you p...
https://blog.rootshell.be/2022/03/11/sans-isc-keep-an-eye-on-websockets/ 
🔥🔥
 
Published: 2022 03 11 11:56:13
Received: 2022 03 25 11:45:24
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] XLSB Files: Because Binary is Stealthier Than XML - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “XLSB Files: Because Binary is Stealthier Than XML“: In one of his last diaries, Brad mentioned an Excel sheet named with a .xlsb extension. Now, it was my turn to find one… What’s the magic behind this file extension? “XLS” means that we are facing an Excel sheet and “B” means that we have a binary workbo...
https://blog.rootshell.be/2022/03/25/sans-isc-xlsb-files-because-binary-is-stealthier-than-xml/ 
🔥🔥
 
Published: 2022 03 25 11:19:22
Received: 2022 03 25 11:45:24
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:45 [SANS ISC] XLSB Files: Because Binary is Stealthier Than XML
🔥🔥
11:45 [SANS ISC] Simple PDF Linking to Malicious Content
🔥🔥
11:45 [SANS ISC] Keep an Eye on WebSockets
🔥🔥
11:45 [SANS ISC] XLSB Files: Because Binary is Stealthier Than XML
🔥🔥
Articles recieved 15/03/2022
Article: [SANS ISC] Clean Binaries with Suspicious Behaviour - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Clean Binaries with Suspicious Behaviour“: EDR or “Endpoint Detection & Response” is a key element of many networks today. An agent is installed on all endpoints to track suspicious/malicious activity and (try to) block it. Behavioral monitoring is also a key element in modern SIEM infrastructure: To ...
https://blog.rootshell.be/2022/03/15/sans-isc-clean-binaries-with-suspicious-behaviour/ 
🔥🔥
 
Published: 2022 03 15 12:54:26
Received: 2022 03 15 13:06:37
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
13:06 [SANS ISC] Clean Binaries with Suspicious Behaviour
🔥🔥
Articles recieved 11/03/2022
Article: In-Person Infosec Conferences Are Back - published over 2 years ago.
Content: Yes! Infosec conferences are back with in-person events! If we were able to attend virtual events from our sofa during the last two years, it’s much more fun to meet people “IRL” and have good times! Let’s hope that the pandemic will remain behind us. I should restart publishing some wrap-ups (overview here) from conferences that I’ll attend. That’s why ...
https://blog.rootshell.be/2022/03/11/in-person-infosec-conferences-are-back/ 
🔥🔥
 
Published: 2022 03 11 12:21:18
Received: 2022 03 11 12:26:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Credentials Leaks on VirusTotal - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Credentials Leaks on VirusTotal“: A few weeks ago, researchers published some information about stolen credentials that were posted on Virustotal. I’m keeping an eye on VT for my customers and searching for data related to them. For example, I looking for their domain name(s) inside files posted on VT. I ...
https://blog.rootshell.be/2022/03/10/sans-isc-credentials-leaks-on-virustotal/ 
🔥🔥
 
Published: 2022 03 10 12:43:42
Received: 2022 03 11 12:06:20
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Keep an Eye on WebSockets - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Keep an Eye on WebSockets“: It has been a while that I did not spot WebSockets used by malware. Yesterday I discovered an interesting piece of Powershell. Very small and almost undetected according to its Virustotal score (2/54). A quick reminder for those that don’t know what a “WebSocket” is. When you p...
https://blog.rootshell.be/2022/03/11/sans-isc-keep-an-eye-on-websockets/ 
🔥🔥
 
Published: 2022 03 11 11:56:13
Received: 2022 03 11 12:06:20
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:26 In-Person Infosec Conferences Are Back
🔥🔥
12:06 [SANS ISC] Credentials Leaks on VirusTotal
🔥🔥
12:06 [SANS ISC] Keep an Eye on WebSockets
🔥🔥
Articles recieved 10/03/2022
Article: [SANS ISC] Ukraine & Russia Situation From a Domain Names Perspective - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Ukraine & Russia Situation From a Domain Names Perspective“: For a few days, the eyes of the world are on the situation between Russia and Ukraine. Today, operations are also organized in the “cyber” dimension (besides the classic ones – land, air, sea, and space). This new dimension is not only used ...
https://blog.rootshell.be/2022/02/24/sans-isc-ukraine-russia-situation-from-a-domain-names-perspective/ 
🔥🔥
 
Published: 2022 02 24 11:55:38
Received: 2022 03 10 13:05:13
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Credentials Leaks on VirusTotal - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Credentials Leaks on VirusTotal“: A few weeks ago, researchers published some information about stolen credentials that were posted on Virustotal. I’m keeping an eye on VT for my customers and searching for data related to them. For example, I looking for their domain name(s) inside files posted on VT. I ...
https://blog.rootshell.be/2022/03/10/sans-isc-credentials-leaks-on-virustotal/ 
🔥🔥
 
Published: 2022 03 10 12:43:42
Received: 2022 03 10 13:05:13
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
13:05 [SANS ISC] Ukraine & Russia Situation From a Domain Names Perspective
🔥🔥
13:05 [SANS ISC] Credentials Leaks on VirusTotal
🔥🔥
Articles recieved 09/03/2022
Article: [SANS ISC] Infostealer in a Batch File - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Infostealer in a Batch File“: It’s pretty common to see malicious content delivered as email attachments. Every day, my mailboxes are flooded with malicious content… which is great from a research point of view. Am I the only one to be happy when I see my catch-all mailboxes full of junk… [Read more] The ...
https://blog.rootshell.be/2022/03/09/sans-isc-infostealer-in-a-batch-file/ 
🔥🔥
 
Published: 2022 03 09 12:27:49
Received: 2022 03 09 12:45:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:45 [SANS ISC] Infostealer in a Batch File
🔥🔥
Articles recieved 24/02/2022
Article: Europol & Interpol Phishing Ahead? - published over 2 years ago.
Content: When you keep an eye on newly registered domains, they are some of them that attract your eyes immediately. Some domains related to Europol, the European Union’s law enforcement agency, and Interpol have been recently registered. DomainRegistration DateRegistrareuropol-belgique.com2022-02-15Googleeuro-interpol.com2022-02-08WebNiceuropol-be.com2022-02-15L...
https://blog.rootshell.be/2022/02/23/europol-interpol-phishing-ahead/ 
🔥🔥
 
Published: 2022 02 23 12:41:49
Received: 2022 02 24 12:05:24
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Ukraine & Russia Situation From a Domain Names Perspective - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “Ukraine & Russia Situation From a Domain Names Perspective“: For a few days, the eyes of the world are on the situation between Russia and Ukraine. Today, operations are also organized in the “cyber” dimension (besides the classic ones – land, air, sea, and space). This new dimension is not only used ...
https://blog.rootshell.be/2022/02/24/sans-isc-ukraine-russia-situation-from-a-domain-names-perspective/ 
🔥🔥
 
Published: 2022 02 24 11:55:38
Received: 2022 02 24 12:05:24
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:05 Europol & Interpol Phishing Ahead?
🔥🔥
12:05 [SANS ISC] Ukraine & Russia Situation From a Domain Names Perspective
🔥🔥
Articles recieved 23/02/2022
Article: [SANS ISC] A Good Old Equation Editor Vulnerability Delivering Malware - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “A Good Old Equation Editor Vulnerability Delivering Malware“: Here is another sample demonstrating how attackers still rely on good old vulnerabilities…  In 2017, Microsoft Office suffered from a critical vulnerability that affected its Equation Editor tool, known as CVE-2017-11882. It’s a memory corrupti...
https://blog.rootshell.be/2022/02/22/sans-isc-a-good-old-equation-editor-vulnerability-delivering-malware/ 
🔥🔥
 
Published: 2022 02 22 12:12:16
Received: 2022 02 23 12:45:38
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: Europol & Interpol Phishing Ahead? - published over 2 years ago.
Content: When you keep an eye on newly registered domains, they are some of them that attract your eyes immediately. Some domains related to Europol, the European Union’s law enforcement agency, and Interpol have been recently registered. DomainRegistration DateRegistrareuropol-belgique.com2022-02-15Googleeuro-interpol.com2022-02-08WebNiceuropol-be.com2022-02-15L...
https://blog.rootshell.be/2022/02/23/europol-interpol-phishing-ahead/ 
🔥🔥
 
Published: 2022 02 23 12:41:49
Received: 2022 02 23 12:45:38
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:45 [SANS ISC] A Good Old Equation Editor Vulnerability Delivering Malware
🔥🔥
12:45 Europol & Interpol Phishing Ahead?
🔥🔥
Articles recieved 22/02/2022
Article: [SANS ISC] Remcos RAT Delivered Through Double Compressed Archive - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Remcos RAT Delivered Through Double Compressed Archive“: One of our readers shared an interesting sample received via email. Like him, if you get access to interesting/suspicious data, please share it with us (if you’re authorized of course). We are always looking for fresh meat! The file was received as ...
https://blog.rootshell.be/2022/02/18/sans-isc-remcos-rat-delivered-through-double-compressed-archive/ 
🔥🔥
 
Published: 2022 02 18 12:27:07
Received: 2022 02 22 12:25:29
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] A Good Old Equation Editor Vulnerability Delivering Malware - published over 2 years ago.
Content: I published the following diary on isc.sans.edu: “A Good Old Equation Editor Vulnerability Delivering Malware“: Here is another sample demonstrating how attackers still rely on good old vulnerabilities…  In 2017, Microsoft Office suffered from a critical vulnerability that affected its Equation Editor tool, known as CVE-2017-11882. It’s a memory corrupti...
https://blog.rootshell.be/2022/02/22/sans-isc-a-good-old-equation-editor-vulnerability-delivering-malware/ 
🔥🔥
 
Published: 2022 02 22 12:12:16
Received: 2022 02 22 12:25:29
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:25 [SANS ISC] Remcos RAT Delivered Through Double Compressed Archive
🔥🔥
12:25 [SANS ISC] A Good Old Equation Editor Vulnerability Delivering Malware
🔥🔥
Articles recieved 18/02/2022
Article: [SANS ISC] Who Are Those Bots? - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Who Are Those Bots?“: I’m operating a mail server for multiple domains. This server is regularly targeted by bots that launch brute-force attacks to try to steal credentials. They try a list of common usernames but they also try targeted ones based on a list of email addresses that have been crawled. The ...
https://blog.rootshell.be/2022/02/15/sans-isc-who-are-those-bots/ 
🔥🔥
 
Published: 2022 02 15 12:29:02
Received: 2022 02 18 12:46:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Remcos RAT Delivered Through Double Compressed Archive - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Remcos RAT Delivered Through Double Compressed Archive“: One of our readers shared an interesting sample received via email. Like him, if you get access to interesting/suspicious data, please share it with us (if you’re authorized of course). We are always looking for fresh meat! The file was received as ...
https://blog.rootshell.be/2022/02/18/sans-isc-remcos-rat-delivered-through-double-compressed-archive/ 
🔥🔥
 
Published: 2022 02 18 12:27:07
Received: 2022 02 18 12:46:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:46 [SANS ISC] Who Are Those Bots?
🔥🔥
12:46 [SANS ISC] Remcos RAT Delivered Through Double Compressed Archive
🔥🔥
Articles recieved 15/02/2022
Article: [SANS ISC] Who Are Those Bots? - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Who Are Those Bots?“: I’m operating a mail server for multiple domains. This server is regularly targeted by bots that launch brute-force attacks to try to steal credentials. They try a list of common usernames but they also try targeted ones based on a list of email addresses that have been crawled. The ...
https://blog.rootshell.be/2022/02/15/sans-isc-who-are-those-bots/ 
🔥🔥
 
Published: 2022 02 15 12:29:02
Received: 2022 02 15 12:45:26
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:45 [SANS ISC] Who Are Those Bots?
🔥🔥
Articles recieved 11/02/2022
Article: [SANS ISC] CinaRAT Delivered Through HTML ID Attributes - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “CinaRAT Delivered Through HTML ID Attributes“: A few days ago, I wrote a diary about a malicious ISO file being dropped via a simple HTML file. I found another sample that again drops a malicious ISO file but this time, it is much more obfuscated and the VT score is… 0! Yes, not detected by any antivirus ...
https://blog.rootshell.be/2022/02/11/sans-isc-cinarat-delivered-through-html-id-attributes/ 
🔥🔥
 
Published: 2022 02 11 11:57:07
Received: 2022 02 11 12:05:39
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:05 [SANS ISC] CinaRAT Delivered Through HTML ID Attributes
🔥🔥
Articles recieved 21/01/2022
Article: [SANS ISC] Obscure Wininet.dll Feature? - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Obscure Wininet.dll Feature?“: The Internet Storm Center relies on a group of Handlers who are volunteers and offer some free time to the community besides our daily job. Sometimes, we share information between us about an incident or a problem that we are facing and ask for help. Indeed, why not request ...
https://blog.rootshell.be/2022/01/21/sans-isc-obscure-wininet-dll-feature/ 
🔥🔥
 
Published: 2022 01 21 11:12:35
Received: 2022 01 21 11:44:11
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:44 [SANS ISC] Obscure Wininet.dll Feature?
🔥🔥
Articles recieved 20/01/2022
Article: [SANS ISC] RedLine Stealer Delivered Through FTP - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “RedLine Stealer Delivered Through FTP“: Here is a piece of malicious Python script that injects a RedLine stealer into its own process. Process injection is a common attacker’s technique these days (for a long time already). The difference, in this case, is that the payload is delivered through FTP! It’s ...
https://blog.rootshell.be/2022/01/20/sans-isc-redline-stealer-delivered-through-ftp/ 
🔥🔥
 
Published: 2022 01 20 12:26:41
Received: 2022 01 20 12:44:05
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:44 [SANS ISC] RedLine Stealer Delivered Through FTP
🔥🔥
Articles recieved 07/01/2022
Article: [SANS ISC] Custom Python RAT Builder - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Custom Python RAT Builder“: This week I already wrote a diary about “code reuse” in the malware landscape but attackers also have plenty of tools to generate new samples on the fly. When you received a malicious Word documents, it has not been prepared by hand, it has been for sure automatically generated...
https://blog.rootshell.be/2022/01/07/sans-isc-custom-python-rat-builder/ 
🔥🔥
 
Published: 2022 01 07 11:38:10
Received: 2022 01 07 11:43:53
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:43 [SANS ISC] Custom Python RAT Builder
🔥🔥
Articles recieved 06/01/2022
Article: [SANS ISC] Malicious Python Script Targeting Chinese People - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious Python Script Targeting Chinese People“: This week I found a lot of interesting scripts as this is my fourth diary in a row! I spotted a Python script that targets Chinese people. The script has a very low VT score (2/56) (SHA256:aaec7f4829445c89237694a654a731ee5a52fae9486b1d2bce5767d1ec30c7fb)....
https://blog.rootshell.be/2022/01/06/sans-isc-malicious-python-script-targeting-chinese-people/ 
🔥🔥
 
Published: 2022 01 06 12:17:21
Received: 2022 01 06 12:23:56
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:23 [SANS ISC] Malicious Python Script Targeting Chinese People
🔥🔥
Articles recieved 05/01/2022
Article: [SANS ISC] Code Reuse In the Malware Landscape - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Code Reuse In the Malware Landscape“: Code re-use is classic behavior for many developers and this looks legit: Why reinvent the wheel if you can find some pieces of code that do what you are trying to achieve? If you publish a nice piece of code on platforms like GitHub, there are chances that your proje...
https://blog.rootshell.be/2022/01/05/sans-isc-code-reuse-in-the-malware-landscape/ 
🔥🔥
 
Published: 2022 01 05 12:25:15
Received: 2022 01 05 12:43:46
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:43 [SANS ISC] Code Reuse In the Malware Landscape
🔥🔥
Articles recieved 04/01/2022
Article: [SANS ISC] A Simple Batch File That Blocks People - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “A Simple Batch File That Blocks People“: I found another script that performs malicious actions. It’s a simple batch file (.bat) that is not obfuscated but it has a very low VT score (1/53). The file hash is cc8ae359b629bc40ec6151ddffae21ec8cbfbcf7ca7bda9b3d9687ca05b1d584. The file is detected by only one...
https://blog.rootshell.be/2022/01/04/sans-isc-a-simple-batch-file-that-blocks-people/ 
🔥🔥
 
Published: 2022 01 04 14:15:48
Received: 2022 01 04 14:23:46
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
14:23 [SANS ISC] A Simple Batch File That Blocks People
🔥🔥
Articles recieved 03/01/2022
Article: [SANS ISC] McAfee Phishing Campaign with a Nice Fake Scan - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “McAfee Phishing Campaign with a Nice Fake Scan“: I spotted this interesting phishing campaign that (ab)uses the McAfee antivirus to make people scared. It starts with a classic email that notifies the targeted user that a McAfee subscription expired… [Read more] The post [SANS ISC] McAfee Phishi...
https://blog.rootshell.be/2022/01/03/sans-isc-mcafee-phishing-campaign-with-a-nice-fake-scan/ 
🔥🔥
 
Published: 2022 01 03 15:53:51
Received: 2022 01 03 16:04:04
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
16:04 [SANS ISC] McAfee Phishing Campaign with a Nice Fake Scan
🔥🔥
Articles recieved 21/12/2021
Article: Velociraptor & Loki - published almost 3 years ago.
Content: Velociraptor is a great DFIR tool that becomes more and more popular amongst Incident Handlers. Velociraptor works with agents that are deployed on endpoints. Once installed, the agent automatically “phones home” and keep s a connection with the server… exactly like a malware with it’s C2 server but this time it’s for the good and not the bad. Because, I he...
https://blog.rootshell.be/2021/12/21/velociraptor-loki/ 
🔥🔥
 
Published: 2021 12 21 14:11:30
Received: 2021 12 21 14:23:38
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] More Undetected PowerShell Dropper - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “More Undetected PowerShell Dropper“: Last week, I published a diary about a PowerShell backdoor running below the radar with a VT score of 0! This time, it’s a dropper with multiple obfuscation techniques in place. It is also important to mention that the injection technique used is similar to Jan’s diary...
https://blog.rootshell.be/2021/12/21/sans-isc-more-undetected-powershell-dropper/ 
🔥🔥
 
Published: 2021 12 21 11:14:39
Received: 2021 12 21 11:43:38
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
14:23 Velociraptor & Loki
🔥🔥
11:43 [SANS ISC] More Undetected PowerShell Dropper
🔥🔥
Articles recieved 15/12/2021
Article: [SANS ISC] Simple but Undetected PowerShell Backdoor - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Simple but Undetected PowerShell Backdoor“: For a while, most security people agree on the fact that antivirus products are not enough for effective protection against malicious code. If they can block many threats, some of them remain undetected by classic technologies. Here is another example with a sim...
https://blog.rootshell.be/2021/12/15/sans-isc-simple-but-undetected-powershell-backdoor/ 
🔥🔥
 
Published: 2021 12 15 13:26:05
Received: 2021 12 15 13:43:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
13:43 [SANS ISC] Simple but Undetected PowerShell Backdoor
🔥🔥
Articles recieved 10/12/2021
Article: [SANS ISC] Python Shellcode Injection From JSON Data - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Python Shellcode Injection From JSON Data“: My hunting rules detected a niece piece of Python code. It’s interesting to see how the code is simple, not deeply obfuscated, and with a very low VT score: 2/56!. I see more and more malicious Python code targeting the Windows environments. Thanks to the librar...
https://blog.rootshell.be/2021/12/10/sans-isc-python-shellcode-injection-from-json-data/ 
🔥🔥
 
Published: 2021 12 10 11:25:48
Received: 2021 12 10 11:43:31
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:43 [SANS ISC] Python Shellcode Injection From JSON Data
🔥🔥
Articles recieved 03/12/2021
Article: [SANS ISC] The UPX Packer Will Never Die! - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “The UPX Packer Will Never Die!“: Today, many malware samples that you can find in the wild are “packed”. The process of packing an executable file is not new and does not mean that it is de-facto malicious. Many developers decide to pack their software to protect the code. But why malware are often packed...
https://blog.rootshell.be/2021/12/03/sans-isc-the-upx-packer-will-never-die/ 
🔥🔥
 
Published: 2021 12 03 16:01:02
Received: 2021 12 03 16:23:49
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
16:23 [SANS ISC] The UPX Packer Will Never Die!
🔥🔥
Articles recieved 01/12/2021
Article: [SANS ISC] Info-Stealer Using webhook.site to Exfiltrate Data - published almost 3 years ago.
Content: I published the following diary on isc.sans.edu: “Info-Stealer Using webhook.site to Exfiltrate Data“: We already reported multiple times that, when you offer an online (cloud) service, there are a lot of chances that it will be abused for malicious purposes. I spotted an info-stealer that exfiltrates data through webhook.site. Today, many Python scripts...
https://blog.rootshell.be/2021/12/01/sans-isc-info-stealer-using-webhook-site-to-exfiltrate-data/ 
🔥🔥
 
Published: 2021 12 01 12:22:23
Received: 2021 12 01 12:43:47
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:43 [SANS ISC] Info-Stealer Using webhook.site to Exfiltrate Data
🔥🔥
Articles recieved 30/11/2021
Article: Tor IP Renewal For The Win - published almost 3 years ago.
Content: I’m using Tor for so long that I can’t remember! The main reasons to use it are to access some websites while preserving my anonymity (after all that’s the main purpose of Tor) but also to access dangerous resources like command & control servers or sites delivering malicious content. The last reason is to perform scans and assessments of web services. ...
https://blog.rootshell.be/2021/11/30/tor-ip-renewal-for-the-win/ 
🔥🔥
 
Published: 2021 11 30 15:41:48
Received: 2021 11 30 16:03:55
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
16:03 Tor IP Renewal For The Win
🔥🔥
Articles recieved 17/11/2021
Article: Portable Malware Analyzis Lab - published about 3 years ago.
Content: Security professionals are high-profile users and virtualization is a key component of our labs. Many of us are also fans of Macbook laptops. But since Apple started to roll out its new computers with M1 processors, we are facing a major issue… The M1 is an ARM-based chipset and this architecture has a huge impact on virtualization… Let’s be clear: Today, t...
https://blog.rootshell.be/2021/11/17/portable-malware-analyzis-lab/ 
🔥🔥
 
Published: 2021 11 17 20:50:09
Received: 2021 11 17 21:04:14
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
21:04 Portable Malware Analyzis Lab
🔥🔥
Articles recieved 10/11/2021
Article: [SANS ISC] Shadow IT Makes People More Vulnerable to Phishing - published about 3 years ago.
Content: I published the following diary on isc.sans.edu: “Shadow IT Makes People More Vulnerable to Phishing“: Shadow IT is a real problem in many organizations. Behind this term, we speak about pieces of hardware or software that are installed by users without the approval of the IT department. In many cases, shadow IT is used because internal IT teams are not ...
https://blog.rootshell.be/2021/11/10/sans-isc-shadow-it-makes-people-more-vulnerable-to-phishing/ 
🔥🔥
 
Published: 2021 11 10 12:26:12
Received: 2021 11 10 13:04:11
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
13:04 [SANS ISC] Shadow IT Makes People More Vulnerable to Phishing
🔥🔥
Articles recieved 08/11/2021
Article: [SANS ISC] (Ab)Using Security Tools & Controls for the Bad - published about 3 years ago.
Content: I published the following diary on isc.sans.edu: “(Ab)Using Security Tools & Controls for the Bad“: As security practitioners, we give daily advice to our customers to increase the security level of their infrastructures. Install this tool, enable this feature, disable this function, etc. When enabled, these techniques can also be (ab)used by attacke...
https://blog.rootshell.be/2021/11/08/sans-isc-abusing-security-tools-controls-for-the-bad/ 
🔥🔥
 
Published: 2021 11 08 13:48:04
Received: 2021 11 08 14:04:18
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
14:04 [SANS ISC] (Ab)Using Security Tools & Controls for the Bad
🔥🔥
Articles recieved 24/09/2021
Article: [SANS ISC] Keep an Eye on Your Users Mobile Devices (Simple Inventory) - published about 3 years ago.
Content: I published the following diary on isc.sans.edu: “Keep an Eye on Your Users Mobile Devices (Simple Inventory)“: Today, smartphones are everywhere and became our best friends for many tasks. Probably your users already access their corporate mailbox via a mobile device. If it’s not yet the case, you probably have many requests to implement this. They are ...
https://blog.rootshell.be/2021/09/24/sans-isc-keep-an-eye-on-your-users-mobile-devices-simple-inventory/ 
🔥🔥
 
Published: 2021 09 24 11:14:34
Received: 2021 09 24 12:04:22
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:04 [SANS ISC] Keep an Eye on Your Users Mobile Devices (Simple Inventory)
🔥🔥
Articles recieved 23/09/2021
Article: [SANS ISC] Excel Recipe: Some VBA Code with a Touch of Excel4 Macro - published about 3 years ago.
Content: I published the following diary on isc.sans.edu: “Excel Recipe: Some VBA Code with a Touch of Excel4 Macro“: Microsoft Excel supports two types of macros. The legacy format is known as “Excel4 macro” and the new (but already used for a while) is based on VBA. We already cover both formats in many diaries. Yesterday, I spotted an interesting sample that i...
https://blog.rootshell.be/2021/09/23/sans-isc-excel-recipe-some-vba-code-with-a-touch-of-excel4-macro/ 
🔥🔥
 
Published: 2021 09 23 11:21:07
Received: 2021 09 23 12:04:23
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:04 [SANS ISC] Excel Recipe: Some VBA Code with a Touch of Excel4 Macro
🔥🔥
Articles recieved 17/09/2021
Article: [SANS ISC] Malicious Calendar Subscriptions Are Back? - published about 3 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious Calendar Subscriptions Are Back?“: Did this threat really disappear? This isn’t a brand new technique to deliver malicious content to mobile devices but it seems that attackers started new waves of spam campaigns based on malicious calendar subscriptions. Being a dad, you can imagine that I alwa...
https://blog.rootshell.be/2021/09/17/sans-isc-malicious-calendar-subscriptions-are-back/ 
🔥🔥
 
Published: 2021 09 17 11:55:48
Received: 2021 09 17 12:04:09
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:04 [SANS ISC] Malicious Calendar Subscriptions Are Back?
🔥🔥
Articles recieved 02/09/2021
Article: [SANS ISC] Attackers Will Always Abuse Major Events in our Lifes - published about 3 years ago.
Content: I published the following diary on isc.sans.edu: “Attackers Will Always Abuse Major Events in our Lifes“: All major events in our daily life are potential sources of revenue for attackers. When elections or major sports events are organized, attackers will surf on these waves and try to make some profit or collect interesting data (credentials). It’s the...
https://blog.rootshell.be/2021/09/02/sans-isc-attackers-will-always-abuse-major-events-in-our-lifes/ 
🔥🔥
 
Published: 2021 09 02 10:46:26
Received: 2021 09 02 11:05:16
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:05 [SANS ISC] Attackers Will Always Abuse Major Events in our Lifes
🔥🔥
Articles recieved 30/08/2021
Article: [SANS ISC] Cryptocurrency Clipboard Swapper Delivered With Love - published about 3 years ago.
Content: I published the following diary on isc.sans.edu: “Cryptocurrency Clipboard Swapper Delivered With Love“: Be careful if you’re a user of cryptocurrencies. My goal is not to re-open a debate about them and their associated financial risks. No, I’m talking here about technical risk. Wallet addresses are long strings of characters that are pretty impossible ...
https://blog.rootshell.be/2021/08/30/sans-isc-cryptocurrency-clipboard-swapper-delivered-with-love/ 
🔥🔥
 
Published: 2021 08 30 10:05:50
Received: 2021 08 30 11:05:04
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:05 [SANS ISC] Cryptocurrency Clipboard Swapper Delivered With Love
🔥🔥
Articles recieved 20/08/2021
Article: [SANS ISC] Waiting for the C2 to Show Up - published over 3 years ago.
Content: published the following diary on isc.sans.edu: “Waiting for the C2 to Show Up“: Keep this in mind: “Patience is key”. Sometimes when you are working on a malware sample, you depend on online resources. I’m working on a classic case: a Powershell script decodes then injects a shellcode into a process. There are plenty of tools that help you to have a goo...
https://blog.rootshell.be/2021/08/20/sans-isc-waiting-for-the-c2-to-show-up/ 
🔥🔥
 
Published: 2021 08 20 11:09:38
Received: 2021 08 20 12:04:48
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
12:04 [SANS ISC] Waiting for the C2 to Show Up
🔥🔥
Articles recieved 19/08/2021
Article: Public Message to IoT Manufacturers - published over 3 years ago.
Content: Dear IoT manufacturers, Yes, I admit: I like your products and my Geekness does not help! I like to play with them. If some are “gadgets” that finally land in a drawer amongst others with cables and connectors, some of them are really useful and I use them daily. You can probably imagine that, when I receive a new device, it’s not connected “in the wild”...
https://blog.rootshell.be/2021/08/19/public-message-to-iot-manufacturers/ 
🔥🔥
 
Published: 2021 08 19 12:24:13
Received: 2021 08 19 13:04:50
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
13:04 Public Message to IoT Manufacturers
🔥🔥
Articles recieved 06/08/2021
Article: [SANS ISC] Malicious Microsoft Word Remains A Key Infection Vector - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious Microsoft Word Remains A Key Infection Vector“: Despite Microsoft’s attempts to make its Office suite more secure and disable many automatic features, despite the fact that users are warned that suspicious documents should not be opened, malicious Word documents remain a key infection vector tod...
https://blog.rootshell.be/2021/08/06/sans-isc-malicious-microsoft-word-remains-a-key-infection-vector/ 
🔥🔥
 
Published: 2021 08 06 10:11:59
Received: 2021 08 06 11:05:01
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:05 [SANS ISC] Malicious Microsoft Word Remains A Key Infection Vector
🔥🔥
Articles recieved 30/07/2021
Article: [SANS ISC] Infected With a .reg File - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Infected With a .reg File“: Yesterday, I reported a piece of malware that uses archive.org to fetch its next stage. Today, I spotted another file that is also interesting: A Windows Registry file (with a “.reg” extension). Such files are text files created by exporting values from the Registry (export) bu...
https://blog.rootshell.be/2021/07/30/sans-isc-infected-with-a-reg-file/ 
🔥🔥
 
Published: 2021 07 30 10:31:21
Received: 2021 07 30 11:04:47
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:04 [SANS ISC] Infected With a .reg File
🔥🔥
Articles recieved 29/07/2021
Article: [SANS ISC] Malicious Content Delivered Through archive.org - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious Content Delivered Through archive.org“: archive.org, also known as the “way back machine” is a very popular Internet site that allows you to travel back in time and browse old versions of a website (like the ISC website). It works like regular search engines and continuously crawls the internet ...
https://blog.rootshell.be/2021/07/29/sans-isc-malicious-content-delivered-through-archive-org/ 
🔥🔥
 
Published: 2021 07 29 10:16:32
Received: 2021 07 29 11:04:43
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:04 [SANS ISC] Malicious Content Delivered Through archive.org
🔥🔥
Articles recieved 08/07/2021
Article: [SANS ISC] Using Sudo with Python For More Security Controls - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Using Sudo with Python For More Security Controls“: I’m a big fan of the Sudo command. This tool, available on every UNIX flavor, allows system administrators to provide access to certain users/groups to certain commands as root or another user. This is performed with a lot of granularity in the access ri...
https://blog.rootshell.be/2021/07/08/sans-isc-using-sudo-with-python-for-more-security-controls/ 
🔥🔥
 
Published: 2021 07 08 13:15:55
Received: 2021 07 08 14:05:15
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
14:05 [SANS ISC] Using Sudo with Python For More Security Controls
🔥🔥
Articles recieved 07/07/2021
Article: Pass-The-Salt 2021 Virtual Wrap-Up - published over 3 years ago.
Content: I did not write any wrap-up for a while because we are all stuck at home and most conference organizers still decided to cancel live events (even if it seems to change by the end of 2021 where some nice events are already scheduled). For the second time, Pass-The-Salt was converted to a virtual event. I like this small event with a great atmosphere. This ed...
https://blog.rootshell.be/2021/07/07/pass-the-salt-2021-virtual-wrap-up/ 
🔥🔥
 
Published: 2021 07 07 15:54:00
Received: 2021 07 07 16:05:06
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Python DLL Injection Check - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Python DLL Injection Check“: They are many security tools that inject DLL into processes running on a Windows system. The classic examples are anti-virus products. They like to inject plenty of code that, combined with API hooking, implements security checks. If DLLs are injected into processes, they can ...
https://blog.rootshell.be/2021/07/07/sans-isc-python-dll-injection-check/ 
🔥🔥
 
Published: 2021 07 07 09:28:53
Received: 2021 07 07 10:04:51
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
16:05 Pass-The-Salt 2021 Virtual Wrap-Up
🔥🔥
10:04 [SANS ISC] Python DLL Injection Check
🔥🔥
Articles recieved 11/06/2021
Article: [SANS ISC] Keeping an Eye on Dangerous Python Modules - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Keeping an Eye on Dangerous Python Modules“: With Python getting more and more popular, especially on Microsoft Operating systems, it’s common to find malicious Python scripts today. I already covered some of them in previous diaries. I like this language because it is very powerful: You can automate bori...
https://blog.rootshell.be/2021/06/11/sans-isc-keeping-an-eye-on-dangerous-python-modules/ 
🔥🔥
 
Published: 2021 06 11 10:07:33
Received: 2021 06 11 11:05:23
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
11:05 [SANS ISC] Keeping an Eye on Dangerous Python Modules
🔥🔥
Articles recieved 06/06/2021
Article: [SANS ISC] How Safe Are Your Docker Images? - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “How Safe Are Your Docker Images?“: Today, I don’t know any organization that is not using Docker today. For only test and development only or to full production systems, containers are deployed everywhere! In the same way, most popular tools today have a “dockerized” version ready to use, sometimes mainta...
https://blog.rootshell.be/2021/04/22/sans-isc-how-safe-are-your-docker-images/ 
🔥🔥
 
Published: 2021 04 22 11:01:01
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Malicious PowerPoint Add-On: “Small Is Beautiful” - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious PowerPoint Add-On: ‘Small Is Beautiful‘”: Yesterday I spotted a DHL-branded phishing campaign that used a PowerPoint file to compromise the victim. The malicious attachment is a PowerPoint add-in. This technique is not new, I already analyzed such a sample in a previous diary. The filename is “d...
https://blog.rootshell.be/2021/04/23/sans-isc-malicious-powerpoint-add-on-small-is-beautiful/ 
🔥🔥
 
Published: 2021 04 23 10:17:04
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] From Python to .Net - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “From Python to .Net“: The Microsoft operating system provides the .Net framework to developers. It allows to fully interact with the OS and write powerful applications… but also malicious ones. In a previous diary, I talked about a malicious Python script that interacted with the OS using the ctypes libra...
https://blog.rootshell.be/2021/04/29/sans-isc-from-python-to-net/ 
🔥🔥
 
Published: 2021 04 29 10:46:35
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Alternative Ways To Perform Basic Tasks - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Alternative Ways To Perform Basic Tasks“: I like to spot techniques used by malware developers to perform basic tasks. We know the LOLBins that are pre-installed tools used to perform malicious activities. Many LOLBins are used, for example, to download some content from the Internet. Some tools are so po...
https://blog.rootshell.be/2021/05/06/sans-isc-alternative-ways-to-perform-basic-tasks/ 
🔥🔥
 
Published: 2021 05 06 10:17:45
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] “Open” Access to Industrial Systems Interface is Also Far From Zero - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “‘Open’ Access to Industrial Systems Interface is Also Far From Zero“: Jan’s last diary about the recent attack against the US pipeline was in perfect timing with the quick research I was preparing for a few weeks. If core components of industrial systems are less exposed in the wild, as said Jan, there is...
https://blog.rootshell.be/2021/05/14/sans-isc-open-access-to-industrial-systems-interface-is-also-far-from-zero/ 
🔥🔥
 
Published: 2021 05 14 10:08:16
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] From RunDLL32 to JavaScript then PowerShell - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “From RunDLL32 to JavaScript then PowerShell“: I spotted an interesting script on VT a few days ago and it deserves a quick diary because it uses a nice way to execute JavaScript on the targeted system. The technique used in this case is based on very common LOLbin: RunDLL32.exe. The goal of the tool is, a...
https://blog.rootshell.be/2021/05/18/sans-isc-from-rundll32-to-javascript-then-powershell/ 
🔥🔥
 
Published: 2021 05 18 10:31:14
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Locking Kernel32.dll As Anti-Debugging Technique - published over 3 years ago.
Content: [Edited: The technique discussed in this diary is not mine and has been used without proper citation of the original author] I published the following diary on isc.sans.edu: “Locking Kernel32.dll As Anti-Debugging Technique“: For bad guys, the implementation of techniques to prevent Security Analysts to perform their job is key! The idea is to make ou...
https://blog.rootshell.be/2021/05/21/sans-isc-locking-kernel32-dll-as-anti-debugging-technique/ 
🔥🔥
 
Published: 2021 05 21 10:29:30
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] “Serverless” Phishing Campaign - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “‘Serverless’ Phishing Campaign“: The Internet is full of code snippets and free resources that you can embed in your projects. SmtpJS is one of those small projects that are very interesting for developers but also bad guys. It’s the first time that I spot a phishing campaign that uses this piece of JavaS...
https://blog.rootshell.be/2021/05/22/sans-isc-serverless-phishing-campaign/ 
🔥🔥
 
Published: 2021 05 22 15:10:12
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Malicious PowerShell Hosted on script.google.com - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious PowerShell Hosted on script.google.com“: Google has an incredible portfolio of services. Besides the classic ones, there are less known services and… they could be very useful for attackers too. One of them is Google Apps Script. Google describes it like this: “Apps Script is a rapid applicat...
https://blog.rootshell.be/2021/05/28/sans-isc-malicious-powershell-hosted-on-script-google-com/ 
🔥🔥
 
Published: 2021 05 28 10:03:48
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Article: [SANS ISC] Russian Dolls VBS Obfuscation - published over 3 years ago.
Content: I published the following diary on isc.sans.edu: “Russian Dolls VBS Obfuscation“: We received an interesting sample from one of our readers (thanks Henry!) and we like this. If you find something interesting, we are always looking for fresh meat! Henry’s sample was delivered in a password-protected ZIP archive and the file was a VBS script called “presen...
https://blog.rootshell.be/2021/06/04/sans-isc-russian-dolls-vbs-obfuscation/ 
🔥🔥
 
Published: 2021 06 04 10:09:58
Received: 2021 06 06 09:04:42
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
09:04 [SANS ISC] How Safe Are Your Docker Images?
🔥🔥
09:04 [SANS ISC] Malicious PowerPoint Add-On: “Small Is Beautiful”
🔥🔥
09:04 [SANS ISC] From Python to .Net
🔥🔥
09:04 [SANS ISC] Alternative Ways To Perform Basic Tasks
🔥🔥
09:04 [SANS ISC] “Open” Access to Industrial Systems Interface is Also Far From Zero
🔥🔥
09:04 [SANS ISC] From RunDLL32 to JavaScript then PowerShell
🔥🔥
09:04 [SANS ISC] Locking Kernel32.dll As Anti-Debugging Technique
🔥🔥
09:04 [SANS ISC] “Serverless” Phishing Campaign
🔥🔥
09:04 [SANS ISC] Malicious PowerShell Hosted on script.google.com
🔥🔥
09:04 [SANS ISC] Russian Dolls VBS Obfuscation
🔥🔥

Get your Free Scan and Score Certificate

Cyber Tzar Free Score Certificate
Cyber Tzar Free Score Certificate

Get your repeat Free Scan and Score Certificate

Cyber Tzar Score Summary
Cyber Tzar Score Summary

Cyber Security Made Simple

Cyber Tzar Your Score Explained
Cyber Tzar Your Score Explained

Cyber Tzar Platform Highlights

Cyber Tzar Gold Score Certificate
Cyber Tzar Gold Score Certificate

Cyber Tzar Sites

Cyber Tzar Score Analysis
Cyber Tzar Score Analysis

Developer? Secuity Assesor? Risk Manager? Actary? We can help, whatever you need

Cyber Tzar Risk Impact Distribution
Cyber Tzar Risk Impact Distribution
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 142
  • "Home" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
  • Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
  • Authors is the most poorly serviced field in the articles we see from cyber security news providers.
  • Only Published Date selections use the articles Published Date (for ordering and grouping).
  • The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
  • All subsequent pages show fifty items.
  • Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
  • Return to the top of this page "Go Now"

Custom HTML Block

Click to Open Code Editor