Libraries and Dependencies - It Really is Turtles All The Way Down!, (Wed,...
Theres been a fair amount of discussion in recent months, especially in IoT circles, about application dependencies - especially with respect to encryption and vulnerabilities in libraries. For...
View ArticleUnity Makes Strength, (Thu, Dec 24th)
Im living in Belgiumwhere our motto is Unity Makes Strength. It means that small entities can join together to build a bigger and stronger one. If this was the case in 1830 when the unified Belgium was...
View ArticleMalfunctioning Malware, (Sat, Dec 26th)
Malware is software. Thus it contains bugs. And like software, sometimes when deployed in production, it does not work. Im not going to ponder the question if non-functioning malware is actually...
View Articlehashcat and oclHashcat are now open source, (Mon, Dec 7th)
For those of you in the pentesting world,atom, the principal developer of hashcat and oclHashcat has announced that they are going to be released to open source. In the release he reveals a number of...
View ArticleISC StormCast for Monday, December 28th 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleAdobe Flash and Adobe AIR Updates -...
-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons...
View ArticleSurvey: How Can We Get You to Submit Logs To Us, (Mon, Dec 28th)
About once a year, we run a brief survey of our readers to figure out how to improve our site. This year, we want to focus on issues people have submitting logs. We added a lot of new features and new...
View ArticleNew Years Resolutions, (Tue, Dec 29th)
No, not eating more broccoli, or going to the gym ... Im referring to security related resolutions only. It is time to think about them now, so that you dont have to pick the first thing that comes to...
View ArticleISC StormCast for Tuesday, December 29th 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleActor using Rig EK to deliver Qbot - update, (Wed, Dec 30th)
Introduction This diary is a follow-up to my previous diary on the actor using Rig exploit kit (EK) to deliver Qbot [1]. For this diary, Ive infected more Windows hosts from other compromised websites,...
View ArticleISC StormCast for Wednesday, December 30th 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticlePoetry attack?, (Thu, Dec 31st)
If like me you spend a fair amount of time looking at network traffic and logs there are generally things that make you frown, groan and utter noises of dismay. It isnt often that you get a little...
View ArticleHunting for Juicy Information, (Thu, Dec 31st)
Today, we must be proactive in protecting our assets. The huge mass of information available online requires us to have tools to stay aware. If collecting IOCs is important to detect malicious...
View ArticleISC StormCast for Thursday, December 31st 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleFailure Is An Option, (Fri, Jan 1st)
6D713031CD29F69C679DE72C234E45AA ! You can not always be successful in your undertakings. Failure will happen too. But failure is not necessarily negative, for example, its positive when you can learn...
View ArticleA Tip For The Analysis Of MIME Files, (Sat, Jan 2nd)
Ive written a diary entry about malicious MS Office documents stored as MIME files. A few days ago a reader contacted me for a problem he had analyzing such a maldoc MIME file. When he used emldump to...
View ArticleYear End Surveys, (Sun, Jan 3rd)
At the end of each year, we try to poll our readers to see where to take the site next, and what to focus on or what to improve. We do have two distinct surveys this year we would like your help with:...
View ArticleISC StormCast for Monday, January 4th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Testing for DNS recursion and avoiding being part of DNS amplification...
Yes, it has been said too many times, but still there are too many DNS servers out there allowing recursion to devices outside their network, which could be used for DNS amplification attacks. How? The...
View ArticleRansom32: The first javascript ransomware, (Mon, Jan 4th)
We have all seen how ransomware is becoming a pretty common trend in cybercrimes. Well, there is a new variant and this one has been build using javascript. This malware fakes the NW.js framework. Once...
View Article