Article: [SANS ISC] Do Attackers Pay More Attention to IPv6? - published over 1 year ago. Content: Today, I published the following diary on isc.sans.edu: “Do Attackers Pay More Attention to IPv6?“: IPv6 has always been a hot topic! Available for years, many ISP’s deployed IPv6 up to their residential customers. In Belgium, we were for a long time, the top-one country with IPv6 deployment because all big players provided IPv6 connectivity. In today’s ... https://blog.rootshell.be/2023/07/29/sans-isc-do-attackers-pay-more-attention-to-ipv6/ Published: 2023 07 29 13:16:18 Received: 2023 12 16 20:59:41 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
Article: [SANS ISC] Are Leaked Credentials Dumps Used by Attackers? - published over 1 year ago. Content: Today, I published the following diary on isc.sans.edu: “Are Leaked Credentials Dumps Used by Attackers?“: Leaked credentials are a common thread for a while. Popular services like “Have I Been Pwned” help everyone know if some emails and passwords have been leaked. This is a classic problem: One day, you create an account on a website (ex: an online sho... https://blog.rootshell.be/2023/08/04/sans-isc-are-leaked-credentials-dumps-used-by-attackers/ Published: 2023 08 04 07:52:13 Received: 2023 12 16 20:59:41 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
|
Article: [SANS ISC] Show me All Your Windows! - published over 1 year ago. Content: Today, I published the following diary on isc.sans.edu: “Show me All Your Windows!“: It’s a key point for attackers to implement anti-debugging and anti-analysis techniques. Anti-debugging means the malware will try to detect if it’s being debugged (executed in a debugger or its execution is slower than expected). Anti-analysis refers to techniques to de... https://blog.rootshell.be/2023/08/11/sans-isc-show-me-all-your-windows/ Published: 2023 08 11 09:02:00 Received: 2023 12 16 20:59:41 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
|
Article: [SANS ISC] From a Zalando Phishing to a RAT - published over 1 year ago. Content: Today, I published the following diary on isc.sans.edu: “From a Zalando Phishing to a RAT“: Phishing remains a lucrative threat. We get daily emails from well-known brands (like DHL, PayPal, Netflix, Microsoft, Dropbox, Apple, etc). Recently, I received a bunch of phishing emails targeting Zalando customers. Zalando is a German retailer of shoes, fashion... https://blog.rootshell.be/2023/08/18/sans-isc-from-a-zalando-phishing-to-a-rat/ Published: 2023 08 18 06:22:27 Received: 2023 12 16 20:59:41 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
Article: [SANS ISC] Quick Malware Triage With Inotify Tools - published over 1 year ago. Content: Today, I published the following diary on isc.sans.edu: “Quick Malware Triage With Inotify Tools“: When you handle a lot of malicious files, you must have a process and tools in place to speedup the analysis. It’s impossible to investigate all files and a key point is to find interesting files that deserve more attention. In my malware analysis lab, I us... https://blog.rootshell.be/2023/08/21/sans-isc-quick-malware-triage-with-inotify-tools/ Published: 2023 08 21 06:43:12 Received: 2023 12 16 20:59:41 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
|
Article: [SANS ISC] Have You Ever Heard of the Fernet Encryption Algorithm? - published over 1 year ago. Content: Today, I published the following diary on isc.sans.edu: “Have You Ever Heard of the Fernet Encryption Algorithm?“: In cryptography, there is a gold rule that states to not develop your own algorithm because… it will be probably weak and broken! They are strong algorithms (like AES) that do a great job so why reinvent the wheel? However, there are project... https://blog.rootshell.be/2023/08/22/sans-isc-have-you-ever-heard-of-the-fernet-encryption-algorithm/ Published: 2023 08 22 08:35:45 Received: 2023 12 16 20:59:41 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
|
Article: [SANS ISC] More Exotic Excel Files Dropping AgentTesla - published about 1 year ago. Content: Today, I published the following diary on isc.sans.edu: “More Exotic Excel Files Dropping AgentTesla”: Excel is an excellent target for attackers. The Microsoft Office suite is installed on millions of computers, and people trust these files. If we have the classic xls, xls, xlsm file extensions, Excel supports many others! Just check your local registry... https://blog.rootshell.be/2023/08/23/sans-isc-more-exotic-excel-files-dropping-agenttesla/ Published: 2023 08 23 07:27:01 Received: 2023 12 16 20:59:41 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
Article: [SANS ISC] Python Malware Using Postgresql for C2 Communications - published about 1 year ago. Content: Today, I published the following diary on isc.sans.edu: “Python Malware Using Postgresql for C2 Communications“: For modern malware, having access to its C2 (Command and control) is a crucial point. There are many ways to connect to a C2 server using tons of protocols, but today, HTTP remains very common because HTTP is allowed on most networks… I found ... https://blog.rootshell.be/2023/08/25/sans-isc-python-malware-using-postgresql-for-c2-communications/ Published: 2023 08 25 08:57:53 Received: 2023 12 16 20:59:40 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
|
Article: [SANS ISC] macOS: Who’s Behind This Network Connection? - published about 1 year ago. Content: Today, I published the following diary on isc.sans.edu: “macOS: Who’s Behind This Network Connection?“: When you must investigate suspicious behavior or work on an actual incident, you could be asked to determine who’s behind a network connection. From a pure network point of view, your firewall or any network security control device/app will tell you th... https://blog.rootshell.be/2023/08/26/sans-isc-macos-whos-behind-this-network-connection/ Published: 2023 08 26 10:59:53 Received: 2023 12 16 20:59:40 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
|
Article: Hack.lu 2023 Wrap-Up - published about 1 year ago. Content: [Edit: Sorry for the “bullet-point” style, it was a lot of details to compile in this blog post] We were back at the Alvisse Parc Hotel after a break of four years! In 2022, only a light CTI summit was organized (see my wrap-up), but this year, hack.lu was back with a new format: Two days dedicated to CTI and two other days dedicated to normal talks arou... https://blog.rootshell.be/2023/10/19/hack-lu-2023-wrap-up/ Published: 2023 10 19 21:36:13 Received: 2023 12 16 20:59:40 Feed: /dev/random Source: /dev/random Category: Cyber Security Topic: Cyber Security |
Article: Docker Scout CLI Plugin: Simplify Docker Resource Management | DevSecOps - YouTube - published 11 months ago. Content: ... Scout is your shield in the Docker world. #dockerscout #dockersecurity #vulnerabilityscanning #softwarebillofmaterials #sbom #devsecops #opensource. https://www.youtube.com/watch?v=UsMXBN63wvY Published: 2023 12 16 15:40:35 Received: 2023 12 16 20:26:04 Feed: Google Alert - devsecops Source: Google Alert Category: News Topic: DevSecOps |
|
Article: CISA Urges Health Sector to Apply Critical Cyber Measures - BankInfoSecurity - published 11 months ago. Content: Institute for Cyber Security. Resources · All Resources · Handbooks · Surveys · White Papers. Compliance. Widespread ERP Modernisation Anticipated in ... https://www.bankinfosecurity.com/cisa-urges-health-sector-to-apply-critical-cyber-measures-a-23908 Published: 2023 12 16 14:19:20 Received: 2023 12 16 20:02:36 Feed: Google Alert – "cyber security" Source: Google Alert Category: News Topic: Cyber Security |
|
Article: Boost cybersecurity for safe holiday shopping | The Manila Times - published 11 months ago. Content: Consumers need to protect their online shopping this festive season by staying informed, using trusted cybersecurity defenses, and consistently ... https://www.manilatimes.net/2023/12/17/business/sunday-business-it/boost-cybersecurity-for-safe-holiday-shopping/1924491 Published: 2023 12 16 16:08:31 Received: 2023 12 16 20:02:31 Feed: Google Alert – cybersecurity Source: Google Alert Category: News Topic: Cyber Security |
Article: The Delinea Platform's Marketplace Expands to Over 400 Validated IT and Cybersecurity ... - published 11 months ago. Content: In a typical enterprise, cybersecurity teams, IT operations, cloud architects and engineers use an ever-expanding number of systems to manage, monitor ... https://influencing.com/pr/113151/the-delinea-platforms-marketplace-expands-to-over-400-validated-it-and-cybersecurity-integrations-tools-applications-and-downloads Published: 2023 12 16 17:25:58 Received: 2023 12 16 20:02:31 Feed: Google Alert – cybersecurity Source: Google Alert Category: News Topic: Cyber Security |
|
Click to Open Code Editor