Quantcast
Channel: SANS Internet Storm Center, InfoCON: green
Browsing all 8246 articles
Browse latest View live
↧

When Prevention Fails, Incident Response Begins, (Mon, Apr 27th)

:0
:0
April 27, 2015, 9:37 am

Ive been asked a few times this year ($dayjob) to discuss and review incident handling practices with some of our clients. This topic seems to have come up to the surface again, and with some breaches...

View Article
Search

ISC StormCast for Tuesday, April 28th 2015...

:0
:0
April 27, 2015, 6:29 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

Actor using Fiesta exploit kit, (Tue, Apr 28th)

:0
:0
April 27, 2015, 7:43 pm

An Enduring Adversary This diary entry documents a criminal group using the Fiesta exploit kit (EK) to infect Windows computers. I previously wrote a guest diary about this group on 2014-12-26 [1] and...

View Article

Scammy Nepal earthquake donation requests, (Tue, Apr 28th)

:0
:0
April 28, 2015, 8:52 am

Predictably, like after every major hurricane or earthquake, the miscreants around the globe are currently scurrying to set up their fake charities and web pages, in order to solicit donations. The...

View Article

ISC StormCast for Wednesday, April 29th 2015...

:0
:0
April 28, 2015, 7:40 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

UDP/3478 to Amazon 54.84.9.242 -- got packets? (solved), (Wed, Apr 29th)

:0
:0
April 29, 2015, 12:30 pm

Several readers are reporting UDP/3478 (STUN) traffic to Amazon AWS address 54.84.9.242. If you got packets or know what it is, please share below. Update Apr 29 19:30 UTC: Thanks everyone for pitching...

View Article

Dalexis/CTB-Locker malspam campaign, (Thu, Apr 30th)

:0
:0
April 29, 2015, 5:01 pm

MalwareEvery Day Malicious spam (malspam) is by sent by botnets every day. These malspam campaigns send malware designed to infect Windows computers. Ill see Dridex or Upatre/Dyre campaigns a daily...

View Article

ISC StormCast for Thursday, April 30th 2015...

:0
:0
April 29, 2015, 5:44 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article
Search

ISC StormCast for Friday, May 1st 2015...

:0
:0
April 30, 2015, 5:17 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article
Image may be NSFW.
Clik here to view.

Massive malware spam campain to corporate domains in Colombia, (Fri, May 1st)

:0
:0
May 1, 2015, 11:46 am

There was a massive malware spam campain directed to corporate domains in Colombia. The following was the e-mail received: Now this e-mail has two interesting aspects: It is tracking if the user reads...

View Article

New release of Samurai Web Testing Framework...

:0
:0
May 2, 2015, 2:47 pm

----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

VolDiff, for memory image differential analysis, (Sun, May 3rd)

:0
:0
May 2, 2015, 9:35 pm

VolDiff is a bash script that runs Volatility plugins against memory images captured before and after malware execution providing a differential analysis, helping identify IOCs and understand advanced...

View Article

ISC StormCast for Monday, May 4th 2015...

:0
:0
May 3, 2015, 7:42 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article
Image may be NSFW.
Clik here to view.

Traffic pattern change noted in Fiesta exploit kit, (Mon, May 4th)

:0
:0
May 3, 2015, 8:40 pm

A few hours ago, Jerome Segura, Senior Security Researcher at Malwarebytes, tweeted about a change in traffic patterns from Fiesta exploit kit (EK) [1]. What had been semi-colons in the URLs from...

View Article

Upatre/Dyre - the daily grind of botnet-based malspam, (Tue, May 5th)

:0
:0
May 4, 2015, 5:15 pm

Malicious spam (malspam) delivering Upatre/Dyre has been an ongoing issue for quite some time. Many organizations have posted articles about this malware. Ive read good information on Dyre last year...

View Article
Search

ISC StormCast for Tuesday, May 5th 2015...

:0
:0
May 4, 2015, 8:44 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

ISC StormCast for Wednesday, May 6th 2015...

:0
:0
May 5, 2015, 9:23 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

OUCH! May '15 Newseletter: Securing the Cyber Generation Gap -...

:0
:0
May 6, 2015, 8:23 am

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

The Art of Logging, (Thu, May 7th)

:0
:0
May 6, 2015, 7:38 pm

[This is a Guest Diary by Xavier Mertens] Handling log files is not a new topic. For a long time, people should know that taking care of your logs is a must have. They are very valuable when you need...

View Article

ISC StormCast for Thursday, May 7th 2015...

:0
:0
May 6, 2015, 9:29 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article
Browsing all 8246 articles
Browse latest View live
Search