Pentest Time Machine: NMAP + Powershell + whatever tool is next, (Tue, Jan...
Early on in many penetration test or security assessment, you will often find yourself wading through what seems like hundreds or thousands of text files, each seemingly hundreds or thousands of pages...
View ArticleOpenSSL versions 1.0.2f, 1.0.1r to be released 28 Jan 2016, (Tue, Jan 26th)
=============== Rob VandenBrink Compugen (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Stormcast For Wednesday, January 27th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleCouple updates and reminders, (Wed, Jan 27th)
We still got two surveys running, and will probably close them out soon: Our year end, how to improve survey:https://dshield.typeform.com/to/W5p1Cu If you are interested in submitting logs to usbut are...
View ArticleSYN-ACK Packets With Data, (Wed, Jan 27th)
We havent had an event like this in a while... Odd Packets! I was going through some honeypot packet captures with tcpflow, when I got this error message: $ tcpflow -r ../allpackets Wifipcap() tcpflow:...
View ArticleDridex malspam example from January 2016, (Thu, Jan 28th)
Introduction I occasionally find malicious spam (malspam) thats blocked by our email filters for various reasons. Most of these blocked messages have .zip archives as file attachments. The .zip...
View ArticleISC Stormcast For Thursday, January 28th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Stormcast For Friday, January 29th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleScripting Web Categorization, (Fri, Jan 29th)
When you are dealing with a huge amount of data, it can be very useful to enhance them by adding more valuable content. Example: Geolocalization for IP addresses Get an IP address DShield score Lookup...
View ArticleAll CVE Details at Your Fingertips, (Sat, Jan 30th)
CVE (Common Vulnerabilities and Exposure) is a system developed to provide structured data for information security vulnerabilities. CVE numbersare everywhere and easy to find. When a security...
View ArticleOpenSSL 1.0.2 Advisory and Update, (Sun, Jan 31st)
On the 26 ISC handler Rob posted a onliner that a major flaw exposed TLS traffic (CVE-2016-0701) where an attacker could decrypt and obtain information on traffic that you would deem secure. More...
View ArticleWindows 10 and System Protection for DATA Default is OFF, (Sun, Jan 31st)
I had the unfortunate consequences of a main hard drive failure this week and I had to rebuild my laptop. However, after I restored Windows 7 and then upgraded to Windows 10 and started to patch my...
View ArticleISC Stormcast For Monday, February 1st 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Stormcast For Tuesday, February 2nd 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleTargeted IPv6 Scans Using pool.ntp.org ., (Tue, Feb 2nd)
IPv6 poses a problem for systems like Shodan, who try to enumerate vulnerabilities Internet-wide. Tools like zmap can scan the IPv4 internet in minutes (or maybe hours), but for IPv6, the same approach...
View ArticleISC Stormcast For Wednesday, February 3rd 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleAutomating Vulnerability Scans, (Wed, Feb 3rd)
Today, Ill explainyou how to automate vulnerability scans. There are plenty of vulnerability scanners on the market (commercial or free solutions). Usually, Im using OpenVASmainly because it is free....
View ArticleEMET 5.5 Released, (Wed, Feb 3rd)
Microsoft announced on the TechNet blog the availability of a new version of its EMET tool (EMET stands for Enhanced Mitigation Experience Toolkit). The purpose of this tool is to implement extrat...
View ArticleISC Stormcast For Thursday, February 4th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Fake Adobe Flash Update OS X Malware, (Thu, Feb 4th)
Yesterday, while investigating some Facebook click-bait, I came across a fake Flash update that is targeting OS X users. Fake flash updates have been very common to infect OS X. They do not rely on a...
View Article