ISC StormCast for Tuesday, January 5th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWhat are you Concerned the Most in 2016?, (Tue, Jan 5th)
There are quite a few predictions out there for 2016, obviously some appear more interesting than others. I picked three that I could have an impact on what we do: 1- Cybersecurity Skill Shortage I...
View ArticleISC StormCast for Wednesday, January 6th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleSite Updates: ISC/DShield API and ipinfo_ascii.html Page, (Wed, Jan 6th)
We are planning a couple of updates to the ways data can be retrieved automatically from this site. The main reason for this is to make it easier for us to maintain and support some of these features....
View Articletoolsmith #112: Red vs Blue - PowerSploit vs PowerForensics, (Wed, Jan 6th)
The following is a cross-posted from HolisticInfoSec. Happy New Year and welcome to 2016! When last we explored red team versus blue team tactics inMay 2015, we utilizedInvoke-Mimikatz, then reviewed...
View ArticleA recent example of wire transfer fraud, (Thu, Jan 7th)
Introduction Do you know about any attempts of wire transfer fraud in your organization? They often start with phishing emails. These emails are used to trick an employee into wiring money to bank...
View ArticleISC StormCast for Thursday, January 7th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleVMware Sec Advisory released (VMSA-2016-0001) - VMware ESXi, Fusion, Player,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Friday, January 8th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleSLOTH, attack on TLS using MD5, (Fri, Jan 8th)
Giving a talk late last year I was asked what some of my predictions were for 2016. One of the ones we talked about was further issues with TLS and the various algorithms used to provide a protocol...
View ArticleVirtual Bitlocker Containers, (Sat, Jan 9th)
This week, I gotan interestingquestion from a customer: What do you recommend to safely store files in a directoryon my laptop?. They are plenty of ways to achievethis, the right choice depending on...
View ArticleISC StormCast for Monday, January 11th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticlePlease Participate in the SANS Application Security Survey...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleVMware security update, (Sun, Jan 10th)
Our friends over at VMware have released their first security bulletin of the year. The vulnerability is a privilege escalation issue in VMware Tools in Windows guests. Affected products include ESXi,...
View ArticleBlackEnergy .XLS Dropper, (Mon, Jan 11th)
The malware used in the recent Ukranian cyber attack was (allegedly) delivered via a malicious spreadsheet. I analyzed this maldoc (97b7577d13cf5e3bf39cbe6d3f0a7732) and its very simple: the macro runs...
View ArticleISC StormCast for Tuesday, January 12th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleJanuary 2016 Microsoft Patch Tuesday, (Tue, Jan 12th)
Overview of the January 2016 Microsoft patches and their status. # Affected Contra Indications - KB Known Exploits Microsoft rating(**) ISC rating(*) clients servers MS16-001 Cumulative Security Update...
View ArticleISC StormCast for Wednesday, January 13th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
You Have Got a New Audio Message - Guest Diary by Pasquale Stirparo, (Wed,...
[Guest Diary by Pasquale Stirparo] Few weeks ago we witnessed a quite significant wave of email carrying with them a zip file containing an executable. The only common thing among all the emails was...
View ArticleCryptoWall sent by Angler and Neutrino exploit kits or through malicious...
Introduction Since August 2015, actors using Angler exploit kit (EK) to send ransomware have occasionally switched back and forth between Angler EK and Neutrino EK. Sometime in mid-August 2015, actors...
View Article