Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 2,135

Source: SANS Internet Storm Center, InfoCON: green

Articles recieved 18/07/2021
Article: Video: CyberChef BASE85 Decoding, (Sun, Jul 18th) - published over 3 years ago.
Content: In this video, I show how to decode the sample of Xavier's diary entry "Multiple BaseXX Obfuscations" with CyberChef.
https://isc.sans.edu/diary/rss/27644 
🔥🔥
 
Published: 2021 07 18 09:49:17
Received: 2021 07 18 12:00:54
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
12:00 Video: CyberChef BASE85 Decoding, (Sun, Jul 18th)
🔥🔥
Articles recieved 17/07/2021
Article: BASE85 Decoding With base64dump.py, (Sat, Jul 17th) - published over 3 years ago.
Content: Xavier's diary entry "Multiple BaseXX Obfuscations" covers a malicious script that is encoded with different "base" encodings. Xavier starts with my tool base64dump.py, but he can not do the full decoding with base64dump, as it does not support BASE85.
https://isc.sans.edu/diary/rss/27642 
🔥🔥
 
Published: 2021 07 17 07:17:24
Received: 2021 07 17 09:00:55
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
09:00 BASE85 Decoding With base64dump.py, (Sat, Jul 17th)
🔥🔥
Articles recieved 16/07/2021
Article: Multiple BaseXX Obfuscations, (Fri, Jul 16th) - published over 3 years ago.
Content: I found an interesting malicious Python script during my daily hunting routine. The script has a VT score of 2/58[1] (SHA256: 6990298edd0d66850578bfd1e1b9d42abfe7a8d1deb828ef0c7017281ee7c5b7). Its purpose is to perform the first stage of the infection. It downloads a shellcode, injects it into memory, and executes it. What’s interesting is the way obfuscatio...
https://isc.sans.edu/diary/rss/27640 
🔥🔥
 
Published: 2021 07 16 07:14:39
Received: 2021 07 16 10:00:32
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Friday, July 16th, 2021 https://isc.sans.edu/podcastdetail.html?id=7588, (Fri, Jul 16th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27638 
🔥🔥
 
Published: 2021 07 16 02:05:02
Received: 2021 07 16 04:00:29
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
10:00 Multiple BaseXX Obfuscations, (Fri, Jul 16th)
🔥🔥
04:00 ISC Stormcast For Friday, July 16th, 2021 https://isc.sans.edu/podcastdetail.html?id=7588, (Fri, Jul 16th)
🔥🔥
Articles recieved 15/07/2021
Article: ISC Stormcast For Thursday, July 15th, 2021 https://isc.sans.edu/podcastdetail.html?id=7586, (Thu, Jul 15th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27636 
🔥🔥
 
Published: 2021 07 15 02:05:02
Received: 2021 07 15 04:00:52
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: USPS Phishing Using Telegram to Collect Data, (Tue, Jul 13th) - published over 3 years ago.
Content: Phishing... at least they don't understand security any better than most kids. The latest example is a simple USPS phish. The lure is an email claiming that a package can not be delivered until I care to update my address. Urgency... and obvious action. They learned something in their phishing 101 class.
https://isc.sans.edu/diary/rss/27630 
🔥🔥
 
Published: 2021 07 15 01:29:27
Received: 2021 07 15 03:00:41
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
04:00 ISC Stormcast For Thursday, July 15th, 2021 https://isc.sans.edu/podcastdetail.html?id=7586, (Thu, Jul 15th)
🔥🔥
03:00 USPS Phishing Using Telegram to Collect Data, (Tue, Jul 13th)
🔥🔥
Articles recieved 14/07/2021
Article: One way to fail at malspam - give recipients the wrong password for an encrypted attachment , (Wed, Jul 14th) - published over 3 years ago.
Content: It is not unusual for malspam authors to encrypt the malicious files that they attach to messages they send out. Whether they encrypt the malicious file itself (as in the case of a password-protected Office document) or embed it in an encrypted archive, encryption can sometimes help attackers to get their creations past e-mail security scans.
https://isc.sans.edu/diary/rss/27634 
🔥🔥
 
Published: 2021 07 14 11:06:36
Received: 2021 07 14 12:00:25
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, July 14th, 2021 https://isc.sans.edu/podcastdetail.html?id=7584, (Wed, Jul 14th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27632 
🔥🔥
 
Published: 2021 07 14 02:05:03
Received: 2021 07 14 05:00:42
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
12:00 One way to fail at malspam - give recipients the wrong password for an encrypted attachment , (Wed, Jul 14th)
🔥🔥
05:00 ISC Stormcast For Wednesday, July 14th, 2021 https://isc.sans.edu/podcastdetail.html?id=7584, (Wed, Jul 14th)
🔥🔥
Articles recieved 13/07/2021
Article: Microsoft July 2021 Patch Tuesday, (Tue, Jul 13th) - published over 3 years ago.
Content: This month we got patches for 117 vulnerabilities. Of these, 13 are critical, 6 were previously disclosed and 4 are being exploited according to Microsoft.
https://isc.sans.edu/diary/rss/27628 
🔥🔥
 
Published: 2021 07 13 19:03:42
Received: 2021 07 13 21:00:28
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, July 13th, 2021 https://isc.sans.edu/podcastdetail.html?id=7582, (Tue, Jul 13th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27626 
🔥🔥
 
Published: 2021 07 13 02:00:02
Received: 2021 07 13 04:00:39
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
21:00 Microsoft July 2021 Patch Tuesday, (Tue, Jul 13th)
🔥🔥
04:00 ISC Stormcast For Tuesday, July 13th, 2021 https://isc.sans.edu/podcastdetail.html?id=7582, (Tue, Jul 13th)
🔥🔥
Articles recieved 12/07/2021
Article: ISC Stormcast For Monday, July 12th, 2021 https://isc.sans.edu/podcastdetail.html?id=7580, (Mon, Jul 12th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27624 
🔥🔥
 
Published: 2021 07 12 02:00:03
Received: 2021 07 12 04:00:26
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Securing and Optimizing Networks: Using pfSense Traffic Shaper Limiters to Combat Bufferbloat, (Mon, Feb 15th) - published over 3 years ago.
Content: [This is a guest diary by Yee Ching Tok (personal website here (https://poppopretn.com)). Feedback welcome either via comments or our contact page (https://isc.sans.edu/contact.html)]
https://isc.sans.edu/diary/rss/27102 
🔥🔥
 
Published: 2021 07 12 02:46:50
Received: 2021 07 12 04:00:26
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
04:00 ISC Stormcast For Monday, July 12th, 2021 https://isc.sans.edu/podcastdetail.html?id=7580, (Mon, Jul 12th)
🔥🔥
04:00 Securing and Optimizing Networks: Using pfSense Traffic Shaper Limiters to Combat Bufferbloat, (Mon, Feb 15th)
🔥🔥
Articles recieved 11/07/2021
Article: Scanning for Microsoft Secure Socket Tunneling Protocol, (Sat, Jul 10th) - published over 3 years ago.
Content: Over the past month I noticed a resurgence of probe by Digitalocean looking for the Microsoft (MS) Secure Socket Tunneling Protocol (SSTP). This MS proprietary VPN protocol is used to establish a secure connection via the Transport Layer Security (TLS) between a client and a VPN gateway. Additional information on this protocol available here.
https://isc.sans.edu/diary/rss/27622 
🔥🔥
 
Published: 2021 07 10 21:56:51
Received: 2021 07 11 00:00:28
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
00:00 Scanning for Microsoft Secure Socket Tunneling Protocol, (Sat, Jul 10th)
🔥🔥
Articles recieved 09/07/2021
Article: ISC Stormcast For Friday, July 9th, 2021 https://isc.sans.edu/podcastdetail.html?id=7578, (Fri, Jul 9th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27620 
🔥🔥
 
Published: 2021 07 09 02:10:03
Received: 2021 07 09 04:00:43
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Hancitor tries XLL as initial malware file, (Fri, Jul 9th) - published over 3 years ago.
Content: Introduction
https://isc.sans.edu/diary/rss/27618 
🔥🔥
 
Published: 2021 07 09 01:44:31
Received: 2021 07 09 03:00:26
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
04:00 ISC Stormcast For Friday, July 9th, 2021 https://isc.sans.edu/podcastdetail.html?id=7578, (Fri, Jul 9th)
🔥🔥
03:00 Hancitor tries XLL as initial malware file, (Fri, Jul 9th)
🔥🔥
Articles recieved 08/07/2021
Article: Using Sudo with Python For More Security Controls, (Thu, Jul 8th) - published over 3 years ago.
Content: I'm a big fan of the Sudo[1] command. This tool, available on every UNIX flavor, allows system administrators to provide access to certain users/groups to certain commands as root or another user. This is performed with a lot of granularity in the access rights and logging/reporting features. I'm using it for many years and I'm still learning great stuff abo...
https://isc.sans.edu/diary/rss/27614 
🔥🔥
 
Published: 2021 07 08 11:09:18
Received: 2021 07 08 13:00:32
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Thursday, July 8th, 2021 https://isc.sans.edu/podcastdetail.html?id=7576, (Thu, Jul 8th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27616 
🔥🔥
 
Published: 2021 07 08 02:05:02
Received: 2021 07 08 04:00:29
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
13:00 Using Sudo with Python For More Security Controls, (Thu, Jul 8th)
🔥🔥
04:00 ISC Stormcast For Thursday, July 8th, 2021 https://isc.sans.edu/podcastdetail.html?id=7576, (Thu, Jul 8th)
🔥🔥
Articles recieved 07/07/2021
Article: Microsoft Releases Patches for CVE-2021-34527, (Wed, Jul 7th) - published over 3 years ago.
Content: Microsoft today released patches for CVE-2021-34527, the vulnerability also known as "printnightmare." Patches are now available for all affected versions of Windows (as long as they are still supported). Applying the update will also patch the older CVE-2021-1675 vulnerability.
https://isc.sans.edu/diary/rss/27610 
🔥🔥
 
Published: 2021 07 07 11:17:40
Received: 2021 07 07 03:00:46
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, July 7th, 2021 https://isc.sans.edu/podcastdetail.html?id=7574, (Wed, Jul 7th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27612 
🔥🔥
 
Published: 2021 07 07 02:05:03
Received: 2021 07 07 03:00:46
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
03:00 Microsoft Releases Patches for CVE-2021-34527, (Wed, Jul 7th)
🔥🔥
03:00 ISC Stormcast For Wednesday, July 7th, 2021 https://isc.sans.edu/podcastdetail.html?id=7574, (Wed, Jul 7th)
🔥🔥
Articles recieved 06/07/2021
Article: Python DLL Injection Check, (Tue, Jul 6th) - published over 3 years ago.
Content: They are many security tools that inject DLL into processes running on a Windows system. The classic examples are anti-virus products. They like to inject plenty of code that, combined with API hooking, implements security checks. If DLLs are injected into processes, they can be detected and it's a common anti-debugging or evasion technique implemented by ma...
https://isc.sans.edu/diary/rss/27608 
🔥🔥
 
Published: 2021 07 06 11:19:12
Received: 2021 07 06 13:00:36
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, July 6th, 2021 https://isc.sans.edu/podcastdetail.html?id=7572, (Tue, Jul 6th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27606 
🔥🔥
 
Published: 2021 07 06 02:10:03
Received: 2021 07 06 04:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
13:00 Python DLL Injection Check, (Tue, Jul 6th)
🔥🔥
04:00 ISC Stormcast For Tuesday, July 6th, 2021 https://isc.sans.edu/podcastdetail.html?id=7572, (Tue, Jul 6th)
🔥🔥
Articles recieved 04/07/2021
Article: ISC Stormcast For Monday, July 5th, 2021 https://isc.sans.edu/podcastdetail.html?id=7570, (Sun, Jul 4th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27604 
🔥🔥
 
Published: 2021 07 04 21:32:14
Received: 2021 07 04 23:00:49
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: DIY CD/DVD Destruction - Follow Up, (Sun, Jul 4th) - published over 3 years ago.
Content: Thanks a lot to all of you who posted a comment on my diary entry "DIY CD/DVD Destruction". They inspired me to try out some other methods.
https://isc.sans.edu/diary/rss/27602 
🔥🔥
 
Published: 2021 07 04 18:22:02
Received: 2021 07 04 20:01:09
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
23:00 ISC Stormcast For Monday, July 5th, 2021 https://isc.sans.edu/podcastdetail.html?id=7570, (Sun, Jul 4th)
🔥🔥
20:01 DIY CD/DVD Destruction - Follow Up, (Sun, Jul 4th)
🔥🔥
Articles recieved 03/07/2021
Article: Finding Strings With oledump.py, (Sat, Jul 3rd) - published over 3 years ago.
Content: In diary entry "CFBF Files Strings Analysis" I show how to extract strings from CFBF/ole files with my tool oledump.py.
https://isc.sans.edu/diary/rss/27600 
🔥🔥
 
Published: 2021 07 03 19:33:06
Received: 2021 07 03 21:00:50
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
21:00 Finding Strings With oledump.py, (Sat, Jul 3rd)
🔥🔥
Articles recieved 02/07/2021
Article: Kaseya VSA Users Hit by Ransomware, (Fri, Jul 2nd) - published over 3 years ago.
Content: We are aware that some MSSP's customers (Managed Security Services Providers) have been hit by a ransomware. It seems that four(4) MSSP's have been affected until now. The ransomware was spread through the remote management solution "VSA"  provided by Kaseya[1]. This looks to be a brand new type of supply chain attack.
https://isc.sans.edu/diary/rss/27598 
🔥🔥
 
Published: 2021 07 02 20:18:29
Received: 2021 07 02 21:00:49
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Friday, July 2nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7568, (Fri, Jul 2nd) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27596 
🔥🔥
 
Published: 2021 07 02 14:10:56
Received: 2021 07 02 16:00:51
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: "inception.py"... Multiple Base64 Encodings, (Fri, Jul 2nd) - published over 3 years ago.
Content: "Inception" is a very nice SF movie in which, if you did not watch it, dreams are implemented in people's minds to help to get access to sensitive information from their memory. Then, a dream is implemented into another dream, etc... up to five levels[1]! If you are not paying attention to the movie, you can be quickly lost. ...
https://isc.sans.edu/diary/rss/27594 
🔥🔥
 
Published: 2021 07 02 05:33:23
Received: 2021 07 02 07:00:37
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
21:00 Kaseya VSA Users Hit by Ransomware, (Fri, Jul 2nd)
🔥🔥
16:00 ISC Stormcast For Friday, July 2nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7568, (Fri, Jul 2nd)
🔥🔥
07:00 "inception.py"... Multiple Base64 Encodings, (Fri, Jul 2nd)
🔥🔥
Articles recieved 01/07/2021
Article: ISC Stormcast For Thursday, July 1st, 2021 https://isc.sans.edu/podcastdetail.html?id=7566, (Thu, Jul 1st) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27590 
🔥🔥
 
Published: 2021 07 01 02:00:03
Received: 2021 07 01 04:00:46
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
04:00 ISC Stormcast For Thursday, July 1st, 2021 https://isc.sans.edu/podcastdetail.html?id=7566, (Thu, Jul 1st)
🔥🔥
Articles recieved 30/06/2021
Article: CVE-2021-1675: Incomplete Patch and Leaked RCE Exploit, (Wed, Jun 30th) - published over 3 years ago.
Content: [preliminary. please let us know if we missed something or made any mistakes]
https://isc.sans.edu/diary/rss/27588 
🔥🔥
 
Published: 2021 07 01 12:57:40
Received: 2021 06 30 16:00:35
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, June 30th, 2021 https://isc.sans.edu/podcastdetail.html?id=7564, (Wed, Jun 30th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27586 
🔥🔥
 
Published: 2021 06 30 02:05:03
Received: 2021 06 30 03:00:45
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: June 2021 Forensic Contest: Answers and Analysis, (Wed, Jun 30th) - published over 3 years ago.
Content: Introduction
https://isc.sans.edu/diary/rss/27582 
🔥🔥
 
Published: 2021 06 30 00:01:33
Received: 2021 06 30 01:00:46
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
16:00 CVE-2021-1675: Incomplete Patch and Leaked RCE Exploit, (Wed, Jun 30th)
🔥🔥
03:00 ISC Stormcast For Wednesday, June 30th, 2021 https://isc.sans.edu/podcastdetail.html?id=7564, (Wed, Jun 30th)
🔥🔥
01:00 June 2021 Forensic Contest: Answers and Analysis, (Wed, Jun 30th)
🔥🔥
Articles recieved 29/06/2021
Article: ISC Stormcast For Tuesday, June 29th, 2021 https://isc.sans.edu/podcastdetail.html?id=7562, (Tue, Jun 29th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27580 
🔥🔥
 
Published: 2021 06 29 02:05:04
Received: 2021 06 29 04:00:36
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Diving into a Google Sweepstakes Phishing E-mail, (Tue, Jun 29th) - published over 3 years ago.
Content: I was recently forwarded another phishing e-mail to examine. This time, it was an e-mail that claimed to be from Google. The e-mail included a pdf file, and instructed the recipient download the file for further information. Figure 1 below shows the headers, while Figure 2 shows the content of the e-mail message.
https://isc.sans.edu/diary/rss/27578 
🔥🔥
 
Published: 2021 06 30 02:06:13
Received: 2021 06 29 01:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
04:00 ISC Stormcast For Tuesday, June 29th, 2021 https://isc.sans.edu/podcastdetail.html?id=7562, (Tue, Jun 29th)
🔥🔥
01:00 Diving into a Google Sweepstakes Phishing E-mail, (Tue, Jun 29th)
🔥🔥
Articles recieved 28/06/2021
Article: CFBF Files Strings Analysis, (Mon, Jun 28th) - published over 3 years ago.
Content: The Office file format that predates the OOXML format, is a binary format based on the CFBF format. I informally call this the ole file format.
https://isc.sans.edu/diary/rss/27576 
🔥🔥
 
Published: 2021 06 28 17:10:33
Received: 2021 06 28 19:00:51
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Monday, June 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7560, (Mon, Jun 28th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27574 
🔥🔥
 
Published: 2021 06 28 02:05:02
Received: 2021 06 28 03:00:52
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
19:00 CFBF Files Strings Analysis, (Mon, Jun 28th)
🔥🔥
03:00 ISC Stormcast For Monday, June 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7560, (Mon, Jun 28th)
🔥🔥
Articles recieved 27/06/2021
Article: DIY CD/DVD Destruction, (Sun, Jun 27th) - published over 3 years ago.
Content: I have some personal CDs & DVDs to dispose of. And I don't want them to reamain (easily) readable.
https://isc.sans.edu/diary/rss/27572 
🔥🔥
 
Published: 2021 06 27 19:14:18
Received: 2021 06 27 21:00:43
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
21:00 DIY CD/DVD Destruction, (Sun, Jun 27th)
🔥🔥
Articles recieved 26/06/2021
Article: CVE-2019-9670: Zimbra Collaboration Suite XXE vulnerability, (Sat, Jun 26th) - published over 3 years ago.
Content: This XML External Entity injection (XXE) vulnerability disclosed in March 2019 is still actively scanned for a vulnerable mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10. This exploit attempts to read the Zimbra configuration file that contains an LDAP password for the zimbra account.
https://isc.sans.edu/diary/rss/27570 
🔥🔥
 
Published: 2021 06 26 10:13:15
Received: 2021 06 26 12:00:47
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
12:00 CVE-2019-9670: Zimbra Collaboration Suite XXE vulnerability, (Sat, Jun 26th)
🔥🔥
Articles recieved 25/06/2021
Article: ISC Stormcast For Friday, June 25th, 2021 https://isc.sans.edu/podcastdetail.html?id=7558, (Fri, Jun 25th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27568 
🔥🔥
 
Published: 2021 06 25 02:05:03
Received: 2021 06 25 04:00:43
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Is this traffic bAD?, (Fri, Jun 25th) - published over 3 years ago.
Content: It seems like every time I take a handler shift lately, I'm talking about an uptick of traffic on another port and I'm not breaking that trend today. This really takes me back to the early days of the Internet Storm Center when that seemed to be the main thing we talked about. This time, the port that gotmy attention is UDP port 389. This is the normal port ...
https://isc.sans.edu/diary/rss/27566 
🔥🔥
 
Published: 2021 06 25 00:45:40
Received: 2021 06 25 02:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
04:00 ISC Stormcast For Friday, June 25th, 2021 https://isc.sans.edu/podcastdetail.html?id=7558, (Fri, Jun 25th)
🔥🔥
02:00 Is this traffic bAD?, (Fri, Jun 25th)
🔥🔥
Articles recieved 24/06/2021
Article: Do you Like Cookies? Some are for sale!, (Thu, Jun 24th) - published over 3 years ago.
Content: Cookies… These small pieces of information are always with us. Since the GDPR was kicked off in Europe, we are flooded by pop-ups asking if we accept “cookies”. Honestly, most people don’t take time to read the warning and just accept the default settings.
https://isc.sans.edu/diary/rss/27558 
🔥🔥
 
Published: 2021 06 24 05:33:16
Received: 2021 06 24 07:00:42
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Thursday, June 24th, 2021 https://isc.sans.edu/podcastdetail.html?id=7556, (Thu, Jun 24th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27564 
🔥🔥
 
Published: 2021 06 24 02:00:03
Received: 2021 06 24 02:00:50
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
07:00 Do you Like Cookies? Some are for sale!, (Thu, Jun 24th)
🔥🔥
02:00 ISC Stormcast For Thursday, June 24th, 2021 https://isc.sans.edu/podcastdetail.html?id=7556, (Thu, Jun 24th)
🔥🔥
Articles recieved 23/06/2021
Article: Standing With Security Researchers Against Misuse of the DMCA, (Wed, Jun 23rd) - published over 3 years ago.
Content: As Dean of Research for our graduate school (sans.edu), I often assist students in developing their research ideas. The research conducted by our students is valuable and important to defend our networks against highly organized and well-funded threat actors. Any restriction on our student's ability to conduct their research, and sharing their results freely...
https://isc.sans.edu/diary/rss/27562 
🔥🔥
 
Published: 2021 06 23 15:56:47
Received: 2021 06 23 17:00:53
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, June 23rd, 2021 https://isc.sans.edu/podcastdetail.html?id=7554, (Wed, Jun 23rd) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27560 
🔥🔥
 
Published: 2021 06 23 02:10:03
Received: 2021 06 23 04:00:40
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
17:00 Standing With Security Researchers Against Misuse of the DMCA, (Wed, Jun 23rd)
🔥🔥
04:00 ISC Stormcast For Wednesday, June 23rd, 2021 https://isc.sans.edu/podcastdetail.html?id=7554, (Wed, Jun 23rd)
🔥🔥
Articles recieved 22/06/2021
Article: Phishing asking recipients not to report abuse, (Tue, Jun 22nd) - published over 3 years ago.
Content: It can be a little disheartening to deal with well-prepared phishing attacks every day, since one can easily see how even users who are fully “security-aware” could fall for some them. The messages don’t even have to be too complex to be believable. For example, a message containing seemingly innocuous text and a link that points to legitimate, well-known do...
https://isc.sans.edu/diary/rss/27556 
🔥🔥
 
Published: 2021 06 22 13:15:17
Received: 2021 06 22 16:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, June 22nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7552, (Tue, Jun 22nd) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27554 
🔥🔥
 
Published: 2021 06 22 02:00:03
Received: 2021 06 22 04:00:40
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
16:00 Phishing asking recipients not to report abuse, (Tue, Jun 22nd)
🔥🔥
04:00 ISC Stormcast For Tuesday, June 22nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7552, (Tue, Jun 22nd)
🔥🔥
Articles recieved 21/06/2021
Article: Mitre CWE - Common Weakness Enumeration, (Mon, Jun 21st) - published over 3 years ago.
Content: If you are involved in the security industry  you are at least somewhat familiar with the Mitre ATT&CK framework, the very useful, community driven, knowledgebase of attack threat models and methodologies which can be used to emulate adversary behavior to test security controls. However fewer are aware of a lesser known Mitre project, Common Weakness Enu...
https://isc.sans.edu/diary/rss/27552 
🔥🔥
 
Published: 2021 06 21 19:10:23
Received: 2021 06 21 21:00:39
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Executives and Ransomware Webcast: Stop, Collaborate, and Listen! - https://www.sans.org/webcasts/executives-ransomware-stop-collaborate-listen-120150, (Mon, Jun 21st) - published over 3 years ago.
Content: -- Rick Wanner MSISE - rwanner at isc dot sans dot edu - Twitter:namedeplume (Protected)
https://isc.sans.edu/diary/rss/27550 
🔥🔥
 
Published: 2021 06 21 15:24:32
Received: 2021 06 21 17:00:44
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Monday, June 21st, 2021 https://isc.sans.edu/podcastdetail.html?id=7550, (Mon, Jun 21st) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27548 
🔥🔥
 
Published: 2021 06 21 02:00:03
Received: 2021 06 21 03:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
21:00 Mitre CWE - Common Weakness Enumeration, (Mon, Jun 21st)
🔥🔥
17:00 Executives and Ransomware Webcast: Stop, Collaborate, and Listen! - https://www.sans.org/webcasts/executives-ransomware-stop-collaborate-listen-120150, (Mon, Jun 21st)
🔥🔥
03:00 ISC Stormcast For Monday, June 21st, 2021 https://isc.sans.edu/podcastdetail.html?id=7550, (Mon, Jun 21st)
🔥🔥
Articles recieved 20/06/2021
Article: Video: oledump Cheat Sheet, (Sun, Jun 20th) - published over 3 years ago.
Content: I did create a SANS cheat sheet for oledump.py.
https://isc.sans.edu/diary/rss/27546 
🔥🔥
 
Published: 2021 06 20 14:59:32
Received: 2021 06 20 16:00:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
16:00 Video: oledump Cheat Sheet, (Sun, Jun 20th)
🔥🔥
Articles recieved 19/06/2021
Article: Easy Access to the NIST RDS Database, (Sat, Jun 19th) - published over 3 years ago.
Content: When you're facing some suspicious files while performing forensic investigations or analyzing malware components, it's always interesting to know these files are legit or malicious/modified. One of the key sources to verify hashes is provided by NIST and is called the NSLR project ("National Software Reference Library")[1]. They build "Reference Data Set" (...
https://isc.sans.edu/diary/rss/27544 
🔥🔥
 
Published: 2021 06 19 10:27:32
Received: 2021 06 19 11:00:34
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
11:00 Easy Access to the NIST RDS Database, (Sat, Jun 19th)
🔥🔥
Articles recieved 18/06/2021
Article: Open redirects ... and why Phishers love them, (Fri, Jun 18th) - published over 3 years ago.
Content: Working from home, did you get a meeting invite recently that pointed to https://meet.google.com ?  Well, that's indeed where Google's online meeting tool is located. But potentially the URL you got is not "only" leading you there.
https://isc.sans.edu/diary/rss/27542 
🔥🔥
 
Published: 2021 06 18 13:03:34
Received: 2021 06 18 15:01:07
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: 
Network Forensics on Azure VMs (Part #2), (Fri, Jun 18th) - published over 3 years ago.
Content: In yesterday's diary, we took a look at two methods that allow to capture network connection information off a potentially compromised virtual machine in Azure. Today, we'll investigate the most recent addition to the VM monitoring arsenal, namely "Azure Monitor Insights".
https://isc.sans.edu/diary/rss/27538 
🔥🔥
 
Published: 2021 06 18 00:28:16
Received: 2021 06 18 03:00:47
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Friday, June 18th, 2021 https://isc.sans.edu/podcastdetail.html?id=7548, (Fri, Jun 18th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27540 
🔥🔥
 
Published: 2021 06 18 02:00:04
Received: 2021 06 18 03:00:47
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: 
 Network Forensics on Azure VMs (Part #1), (Thu, Jun 17th) - published over 3 years ago.
Content: The tooling to investigate a potentially malicious event on an Azure Cloud VM is still in its infancy. We have covered before (Forensicating Azure VMs) how we can create a snapshot of the OS disk of a running VM. Snapshotting and then killing off the infected VM is very straight forward, but it also tips off an intruder that he has been found out. Sometimes,...
https://isc.sans.edu/diary/rss/27536 
🔥🔥
 
Published: 2021 06 17 14:40:22
Received: 2021 06 18 02:00:45
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Network Forensics on Azure VMs (Part #2), (Fri, Jun 18th) - published over 3 years ago.
Content: In yesterday's diary, we took a look at two methods that allow to capture network connection information off a potentially compromised virtual machine in Azure. Today, we'll investigate the most recent addition to the VM monitoring arsenal, namely "Azure Monitor Insights".
https://isc.sans.edu/diary/rss/27538 
🔥🔥
 
Published: 2021 06 18 00:28:16
Received: 2021 06 18 02:00:45
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
15:01 Open redirects ... and why Phishers love them, (Fri, Jun 18th)
🔥🔥
03:00 
Network Forensics on Azure VMs (Part #2), (Fri, Jun 18th)
🔥🔥
03:00 ISC Stormcast For Friday, June 18th, 2021 https://isc.sans.edu/podcastdetail.html?id=7548, (Fri, Jun 18th)
🔥🔥
02:00 
 Network Forensics on Azure VMs (Part #1), (Thu, Jun 17th)
🔥🔥
02:00 Network Forensics on Azure VMs (Part #2), (Fri, Jun 18th)
🔥🔥
Articles recieved 17/06/2021
Article: Network Forensics on Azure VMs (Part #1), (Thu, Jun 17th) - published over 3 years ago.
Content: The tooling to investigate a potentially malicious event on an Azure Cloud VM is still in its infancy. We have covered before (Forensicating Azure VMs) how we can create a snapshot of the OS disk of a running VM. Snapshotting and then killing off the infected VM is very straight forward, but it also tips off an intruder that he has been found out. Sometimes,...
https://isc.sans.edu/diary/rss/27536 
🔥🔥
 
Published: 2021 06 17 14:40:22
Received: 2021 06 17 16:00:52
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Thursday, June 17th, 2021 https://isc.sans.edu/podcastdetail.html?id=7546, (Thu, Jun 17th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27534 
🔥🔥
 
Published: 2021 06 17 02:10:03
Received: 2021 06 17 04:00:50
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
16:00 Network Forensics on Azure VMs (Part #1), (Thu, Jun 17th)
🔥🔥
04:00 ISC Stormcast For Thursday, June 17th, 2021 https://isc.sans.edu/podcastdetail.html?id=7546, (Thu, Jun 17th)
🔥🔥
Articles recieved 16/06/2021
Article: June 2021 Forensic Contest, (Wed, Jun 16th) - published over 3 years ago.
Content: Introduction
https://isc.sans.edu/diary/rss/27532 
🔥🔥
 
Published: 2021 06 16 20:09:59
Received: 2021 06 16 21:00:59
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, June 16th, 2021 https://isc.sans.edu/podcastdetail.html?id=7544, (Wed, Jun 16th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27530 
🔥🔥
 
Published: 2021 06 16 02:00:03
Received: 2021 06 16 05:01:28
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
21:00 June 2021 Forensic Contest, (Wed, Jun 16th)
🔥🔥
05:01 ISC Stormcast For Wednesday, June 16th, 2021 https://isc.sans.edu/podcastdetail.html?id=7544, (Wed, Jun 16th)
🔥🔥
Articles recieved 15/06/2021
Article: Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more, (Tue, Jun 15th) - published over 3 years ago.
Content: Vulnerable perimeter devices remain a popular target, and we do see consistent exploit attempts against them. This weekend, Guy wrote about some scans for Fortinet vulnerabilities [1], and Xavier notes that Crowdstrike observed attacks against EoL Sonicwalls [2]. Starting earlier this month, we did also observe a consistent trickle of requests looking for a ...
https://isc.sans.edu/diary/rss/27528 
🔥🔥
 
Published: 2021 06 15 10:16:33
Received: 2021 06 15 12:01:14
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, June 15th, 2021 https://isc.sans.edu/podcastdetail.html?id=7542, (Tue, Jun 15th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27526 
🔥🔥
 
Published: 2021 06 15 02:00:03
Received: 2021 06 15 03:00:51
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
12:01 Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more, (Tue, Jun 15th)
🔥🔥
03:00 ISC Stormcast For Tuesday, June 15th, 2021 https://isc.sans.edu/podcastdetail.html?id=7542, (Tue, Jun 15th)
🔥🔥
Articles recieved 14/06/2021
Article: ISC Stormcast For Monday, June 14th, 2021 https://isc.sans.edu/podcastdetail.html?id=7540, (Mon, Jun 14th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27524 
🔥🔥
 
Published: 2021 06 14 02:05:02
Received: 2021 06 14 04:00:53
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
04:00 ISC Stormcast For Monday, June 14th, 2021 https://isc.sans.edu/podcastdetail.html?id=7540, (Mon, Jun 14th)
🔥🔥
Articles recieved 13/06/2021
Article: Update: mac-robber.py, (Sun, Jun 13th) - published over 3 years ago.
Content: Almost 4 years ago, I wrote a python version of mac-robber. I use it fairly regularly at $dayjob. This past week, one of my co-workers was using it, but realized that it hashes large files a little too slowly. He decided to use mac-robber.py to collect the MAC times and do the hashing separately so he could limit the hashes to to files under a certain size. ...
https://isc.sans.edu/diary/rss/27522 
🔥🔥
 
Published: 2021 06 13 01:34:51
Received: 2021 06 13 03:00:48
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
03:00 Update: mac-robber.py, (Sun, Jun 13th)
🔥🔥
Articles recieved 12/06/2021
Article: Fortinet Targeted for Unpatched SSL VPN Discovery Activity, (Sat, Jun 12th) - published over 3 years ago.
Content: Over the past 60 days, I have observed scanning activity to discover FortiGate SSL VPN unpatched services. Fortinet has fixed several critical vulnerabilities in SSL VPN and web firewall this year from Remote Code Execution (RCE) to SQL Injection, Denial of Service (DoS) which impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) products...
https://isc.sans.edu/diary/rss/27520 
🔥🔥
 
Published: 2021 06 12 17:32:44
Received: 2021 06 12 19:00:44
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
19:00 Fortinet Targeted for Unpatched SSL VPN Discovery Activity, (Sat, Jun 12th)
🔥🔥
Articles recieved 11/06/2021
Article: Sonicwall SRA 4600 Targeted By an Old Vulnerability, (Fri, Jun 11th) - published over 3 years ago.
Content: Devices and applications used to provide remote access are juicy targets. I've already been involved in many ransomware cases and most of the time, the open door was an unpatched VPN device/remote access solution or weak credentials. A good example, the recent attack against the Colonial Pipeline that started with a legacy VPN profile[1].
https://isc.sans.edu/diary/rss/27518 
🔥🔥
 
Published: 2021 06 11 13:55:53
Received: 2021 06 11 16:00:44
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Keeping an Eye on Dangerous Python Modules, (Fri, Jun 11th) - published over 3 years ago.
Content: With Python getting more and more popular, especially on Microsoft Operating systems, it's common to find malicious Python scripts today. I already covered some of them in previous diaries[1][2]. I like this language because it is very powerful: You can automate boring tasks in a few lines. It can be used for offensive as well as defensive purposes, and... i...
https://isc.sans.edu/diary/rss/27514 
🔥🔥
 
Published: 2021 06 11 05:31:23
Received: 2021 06 11 07:00:50
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Friday, June 11th, 2021 https://isc.sans.edu/podcastdetail.html?id=7538, (Fri, Jun 11th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27516 
🔥🔥
 
Published: 2021 06 11 02:00:02
Received: 2021 06 11 04:00:43
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
16:00 Sonicwall SRA 4600 Targeted By an Old Vulnerability, (Fri, Jun 11th)
🔥🔥
07:00 Keeping an Eye on Dangerous Python Modules, (Fri, Jun 11th)
🔥🔥
04:00 ISC Stormcast For Friday, June 11th, 2021 https://isc.sans.edu/podcastdetail.html?id=7538, (Fri, Jun 11th)
🔥🔥
Articles recieved 10/06/2021
Article: Are Cookie Banners a Waste of Time or a Complete Waste of Time?, (Thu, May 20th) - published over 3 years ago.
Content: Legislation, in particular in the European Union, has led to a proliferation of "Cookie Banners." Warning banners that either ask you for blanket permission to set cookies or, in some cases, provide you with some control as to what cookies you do allow. These regulations emerged after advertisers made excessive use of HTTP Cookies to track users across diffe...
https://isc.sans.edu/diary/rss/27436 
🔥🔥
 
Published: 2021 06 10 12:08:59
Received: 2021 06 10 14:00:44
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Thursday, June 10th, 2021 https://isc.sans.edu/podcastdetail.html?id=7536, (Thu, Jun 10th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27512 
🔥🔥
 
Published: 2021 06 10 02:00:03
Received: 2021 06 10 04:00:47
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
14:00 Are Cookie Banners a Waste of Time or a Complete Waste of Time?, (Thu, May 20th)
🔥🔥
04:00 ISC Stormcast For Thursday, June 10th, 2021 https://isc.sans.edu/podcastdetail.html?id=7536, (Thu, Jun 10th)
🔥🔥
Articles recieved 09/06/2021
Article: Architecture, compilers and black magic, or "what else affects the ability of AVs to detect malicious files", (Wed, Jun 9th) - published over 3 years ago.
Content: In my last diary, we went over the impact of different Base encodings on the ability of anti-malware tools to detect malicious code[1]. Since results of our tests showed (among other things) that AV tools in general still struggle significantly more with detecting 64-bit malicious code then 32-bit malicious code, I thought it might be interesting to discuss ...
https://isc.sans.edu/diary/rss/27510 
🔥🔥
 
Published: 2021 06 09 11:23:11
Received: 2021 06 09 13:00:40
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, June 9th, 2021 https://isc.sans.edu/podcastdetail.html?id=7534, (Wed, Jun 9th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27508 
🔥🔥
 
Published: 2021 06 09 02:10:03
Received: 2021 06 09 03:00:45
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
13:00 Architecture, compilers and black magic, or "what else affects the ability of AVs to detect malicious files", (Wed, Jun 9th)
🔥🔥
03:00 ISC Stormcast For Wednesday, June 9th, 2021 https://isc.sans.edu/podcastdetail.html?id=7534, (Wed, Jun 9th)
🔥🔥
Articles recieved 08/06/2021
Article: Microsoft June 2021 Patch Tuesday, (Tue, Jun 8th) - published over 3 years ago.
Content: This month we got patches for 50 vulnerabilities. Of these, 5 are critical, 2 were previously disclosed and 6 is already being exploited according to Microsoft.
https://isc.sans.edu/diary/rss/27506 
🔥🔥
 
Published: 2021 06 08 17:57:19
Received: 2021 06 08 20:00:42
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, June 8th, 2021 https://isc.sans.edu/podcastdetail.html?id=7532, (Tue, Jun 8th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27504 
🔥🔥
 
Published: 2021 06 08 02:00:03
Received: 2021 06 08 04:00:40
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
20:00 Microsoft June 2021 Patch Tuesday, (Tue, Jun 8th)
🔥🔥
04:00 ISC Stormcast For Tuesday, June 8th, 2021 https://isc.sans.edu/podcastdetail.html?id=7532, (Tue, Jun 8th)
🔥🔥
Articles recieved 07/06/2021
Article: Amazon Sidewalk: Cutting Through the Hype, (Mon, Jun 7th) - published over 3 years ago.
Content: Later this week (tomorrow?), Amazon will enable its new Sidewalk feature. The feature has already gotten a lot of bad press. Much of this comes from the fact that existing devices are automatically used as Sidewalk Gateways, and users will have to opt out. New devices may require a specific opt-in during setup.
https://isc.sans.edu/diary/rss/27502 
🔥🔥
 
Published: 2021 06 07 19:22:50
Received: 2021 06 07 17:00:42
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Monday, June 7th, 2021 https://isc.sans.edu/podcastdetail.html?id=7530, (Mon, Jun 7th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27500 
🔥🔥
 
Published: 2021 06 07 02:05:03
Received: 2021 06 07 03:00:35
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
17:00 Amazon Sidewalk: Cutting Through the Hype, (Mon, Jun 7th)
🔥🔥
03:00 ISC Stormcast For Monday, June 7th, 2021 https://isc.sans.edu/podcastdetail.html?id=7530, (Mon, Jun 7th)
🔥🔥
Articles recieved 06/06/2021
Article: Quick and dirty Python: nmap, (Mon, May 31st) - published over 3 years ago.
Content: Continuing on from the "Quick and dirty Python: masscan" diary, which implemented a simple port scanner in Python using masscan to detect web instances on TCP ports 80 or 443.  Masscan is perfectly good as a blunt instrument to quickly find open TCP ports across large address spaces, but for fine details it is better to use a scanner like nmap that, while mu...
https://isc.sans.edu/diary/rss/27480 
🔥🔥
 
Published: 2021 05 31 19:20:50
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Tuesday, June 1st, 2021 https://isc.sans.edu/podcastdetail.html?id=7522, (Tue, Jun 1st) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27484 
🔥🔥
 
Published: 2021 06 01 02:00:02
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Guildma is now using Finger and Signed Binary Proxy Execution to evade defenses, (Mon, May 31st) - published over 3 years ago.
Content:  
https://isc.sans.edu/diary/rss/27482 
🔥🔥
 
Published: 2021 06 01 11:00:57
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Wednesday, June 2nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7524, (Wed, Jun 2nd) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27486 
🔥🔥
 
Published: 2021 06 02 02:10:02
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Wireshark 3.4.6 (and 3.2.14) released, (Wed, Jun 2nd) - published over 3 years ago.
Content: A new version of wireshark is out, a couple of bugfixes including a QUIC TLK decryption issue. Also, the Windows version now comes with npcap 1.31 (updated from 1.10).
https://isc.sans.edu/diary/rss/27488 
🔥🔥
 
Published: 2021 06 02 20:15:53
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Thursday, June 3rd, 2021 https://isc.sans.edu/podcastdetail.html?id=7526, (Thu, Jun 3rd) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27490 
🔥🔥
 
Published: 2021 06 03 02:10:02
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: DShield Data Analysis: Taking a Look at Port 45740 Activity, (Thu, Jun 3rd) - published over 3 years ago.
Content: At the SANS Internet Storm Center (ISC), handlers frequently analyze data submitted from DShield participants to determine activity trends and potential attacks. A few days ago on May 31st, I observed a small anomaly for %%port:45740%% and decided to monitor it for the next 3 days or so. There was a huge spike in number of sources/day and reports/day recorde...
https://isc.sans.edu/diary/rss/27492 
🔥🔥
 
Published: 2021 06 03 07:00:02
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: ISC Stormcast For Friday, June 4th, 2021 https://isc.sans.edu/podcastdetail.html?id=7528, (Fri, Jun 4th) - published over 3 years ago.
Content:
https://isc.sans.edu/diary/rss/27498 
🔥🔥
 
Published: 2021 06 04 02:00:03
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Russian Dolls VBS Obfuscation, (Fri, Jun 4th) - published over 3 years ago.
Content: We received an interesting sample from one of our readers (thanks Henry!) and we like this. If you find something interesting, we are always looking for fresh meat! Henry's sample was delivered in a password-protected ZIP archive and the file was a VBS script called "presentation_37142.vbs" (SHA256:2def8f350b1e7fc9a45669bc5f2c6e0679e901aac233eac6355026803494...
https://isc.sans.edu/diary/rss/27494 
🔥🔥
 
Published: 2021 06 04 05:01:36
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Article: Strange goings on with port 37, (Thu, Jun 3rd) - published over 3 years ago.
Content: Similar to Yee Ching's diary on Thursday, I noticed an oddity in the Dshield data last weekend (which I had hoped to discuss in a diary on Wednesday, but life got in the way) and thought it was worth asking around to see if anyone knows what is going on. As soon as I saw it, I reconfigured my honeypots to try to capture the traffic, but wasn't able to. I'm a...
https://isc.sans.edu/diary/rss/27496 
🔥🔥
 
Published: 2021 06 05 02:45:21
Received: 2021 06 06 09:01:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
09:01 Quick and dirty Python: nmap, (Mon, May 31st)
🔥🔥
09:01 ISC Stormcast For Tuesday, June 1st, 2021 https://isc.sans.edu/podcastdetail.html?id=7522, (Tue, Jun 1st)
🔥🔥
09:01 Guildma is now using Finger and Signed Binary Proxy Execution to evade defenses, (Mon, May 31st)
🔥🔥
09:01 ISC Stormcast For Wednesday, June 2nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7524, (Wed, Jun 2nd)
🔥🔥
09:01 Wireshark 3.4.6 (and 3.2.14) released, (Wed, Jun 2nd)
🔥🔥
09:01 ISC Stormcast For Thursday, June 3rd, 2021 https://isc.sans.edu/podcastdetail.html?id=7526, (Thu, Jun 3rd)
🔥🔥
09:01 DShield Data Analysis: Taking a Look at Port 45740 Activity, (Thu, Jun 3rd)
🔥🔥
09:01 ISC Stormcast For Friday, June 4th, 2021 https://isc.sans.edu/podcastdetail.html?id=7528, (Fri, Jun 4th)
🔥🔥
09:01 Russian Dolls VBS Obfuscation, (Fri, Jun 4th)
🔥🔥
09:01 Strange goings on with port 37, (Thu, Jun 3rd)
🔥🔥
Cyber Tzar Free Score Certificate
Cyber Tzar Free Score Certificate
Cyber Tzar Your Score Explained
Cyber Tzar Your Score Explained
Cyber Tzar Gold Score Certificate
Cyber Tzar Gold Score Certificate
Cyber Tzar Score Analysis
Cyber Tzar Score Analysis
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 2,135
  • "Home" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
  • Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
  • Authors is the most poorly serviced field in the articles we see from cyber security news providers.
  • Only Published Date selections use the articles Published Date (for ordering and grouping).
  • The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
  • All subsequent pages show fifty items.
  • Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
  • Return to the top of this page "Go Now"

Custom HTML Block

Click to Open Code Editor