Collecting Users Credentials from Locked Devices, (Fri, Sep 9th)
Its a fact: When a device can be physically accessed, you may consider it as compromised. And if the device is properly hardened, its just a matter of time. The best hacks are the ones which use a...
View ArticleOngoing IMAP Scan, Anyone Else?, (Sat, Sep 10th)
Im operating a mail server which handles email flows from multiple domains (20 domains). The server is under a massive IMAPS (%%port:993%%) scan for a few days. More details about the ongoing attack:...
View ArticleISC Stormcast For Monday, September 12th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleGetting Ready for macOS Sierra: Upgrade Securely, (Sun, Sep 11th)
Downloadable PDF with screen shots Apple is expected to release the next version of its operating system on or around September 20th, 2016 [1]. The current version of OS X, 10.11, or also known as El...
View ArticleIf it's Free, YOU are the Product, (Tue, Sep 13th)
This is a commonly used phrase, usually when describing free products on the internet (often social media sites). When my wife asked me to convert a PDF to a DOCX file, I thought Id test this proverb...
View ArticleISC Stormcast For Tuesday, September 13th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleAdobe security updates for AIR SDK and Compiler:...
=============== Rob VandenBrink Metafore (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleApple iOS 10 and 10.0.1 Released, (Tue, Sep 13th)
On top of today being Patch Tuesday, Apple has released IOS 10 sometime today as well. They also released 10.0.1, with not a lot of detail behind that release (maybe something was missed?) Security...
View ArticleMicrosoft Patch Tuesday Analysis, (Tue, Sep 13th)
The Microsoft Patch Tuesday updates are out, our analysis is here: https://isc.sans.edu/mspatchdays.html?viewday=2016-09-13 If you consume these using an API, the link for that is here:...
View ArticleISC Stormcast For Wednesday, September 14th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleExploit Attempts for Drupal RESTWS .x Module Vulnerability, (Wed, Sep 14th)
Attackers usually dont have to worry much about Drupal administrators applying patches. The majority of exploit attempts I see in our honeypots use pretty ancient vulnerabilities. So I was happy to see...
View ArticleISC Stormcast For Thursday, September 15th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleIs "2 out of 3" good enough for Anti-Malware?, (Thu, Sep 15th)
One of my morning rituals is to take the last few malware samples I received in any of my inboxes and run them in a virtual machine to see if there is anything new. To be honest: There isnt much new...
View ArticleISC Stormcast For Friday, September 16th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleIn Need of a OTP Manager Soon?, (Thu, Sep 15th)
Even if everybody agrees to say that passwords are a weak way to protect access to sensitive or private information, they remainstill today the default method implemented by many online services. A...
View ArticleMultiple Cisco Products affected by IKEv1 Vulnerability, (Sat, Sep 17th)
Cisco released a an advisory (CVE-2016-6415) regarding a vulnerability in IKEv1 that affect Cisco IOS, IOS XE and IOS XR software which could allow an unauthenticated malicious user to retrieve memory...
View ArticleWindows Events log for IR/Forensics ,Part 1, (Sun, Sep 18th)
In the time of incidents, Windows Event logs provide a plenty of useful information for the Incident responder.As you know Windows can generate thousands of events in few minutes ,in this diary I will...
View ArticleISC Stormcast For Monday, September 19th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleDoes it Matter If You Cover Your Webcam?, (Mon, Sep 19th)
During security conferences, laptops with tape covering the webcam has certainly been a common sight. But recently, covering webcams has become somewhat of a main-stream phenomenon, after Mark...
View ArticleISC Stormcast For Tuesday, September 20th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Article