ISC Stormcast For Monday, October 24th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleA few Mirai Updates: MIPS, PPC version; a bit less scanning, (Mon, Oct 24th)
Since Friday, the Mirai botnet has become kind of a household name. I have been continuing to watch the botnet infect my test DVR over and over. A coupleof things I have seen over the weekend: Overall...
View ArticleISC Stormcast For Tuesday, October 25th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleAnother Day, Another Spam..., (Tue, Oct 25th)
In my last diary[1], I gave an example of anuncommon spam message. But attackers have always new ideas to deliver their malicious content to us. Here are two new examples. October being the Cyber...
View ArticleISC Stormcast For Wednesday, October 26th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleNew VMWare Security Advisory: VMSA-2016-0017 Information Disclosure in...
--- Johannes B. Ullrich, Ph.D. STI|Twitter|LinkedIn (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleCritical Flash Player Update APSB16-36, (Wed, Oct 26th)
Adobe today released a critical update for Flash Player. The update was released outside of Adobes regular patch cycle. [1] The singled vulnerability fixed by this update, CVE-2016-7855, has already...
View ArticleISC Stormcast For Thursday, October 27th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Your Bill Is Not Overdue today!, (Thu, Oct 27th)
Just as little as yesterdays order that proceeded. It Look like todays ransomware subject is Your Bill is Overdue. But then again, dont bother blocking it. Block ZIPed visual basic scripts. This round...
View ArticleISC Stormcast For Friday, October 28th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWindows "Atom Bombing" Attack, (Fri, Oct 28th)
Earlier this week, Ensilo released a blog describing a new code injection attack via Windows Atom Tables [1]. The attack is pretty ingenious and could be used to inject malicious code into running...
View ArticleHelp us improve our daily #podcast by participating in this 2 question survey...
--- Johannes B. Ullrich, Ph.D. STI|Twitter|LinkedIn (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleVolatility Bot: Automated Memory Analysis, (Sun, Oct 30th)
Few weeks ago Ive attended the SANS DFIR Summit in Prague, and one of the very interesting talks was from Martin Korman (@MartinKorman), who presented a new tool he developed: Volatility Bot. According...
View ArticleISC Stormcast For Monday, October 31st 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleSEC505 DFIR capture script: snapshot.ps1, (Mon, Oct 31st)
I just spent a fair bit of time preparing to take the GIAC Security Expert exam as part of the requirement to recertify every four years. I first took the exam in 2012, and I will tell you, for me, one...
View ArticleISC Stormcast For Tuesday, November 1st 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Stormcast For Wednesday, November 2nd 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWhat Does a Pentest Look Like?, (Wed, Nov 2nd)
I recently got asked what does a typical pentest look like? Actually, it usually starts with some education, where we start by asking the client if they really want a pentest? If theyve never had an...
View ArticleUsing the Cloud Securely: November Edition of Ouch Newsletter:...
--- Johannes B. Ullrich, Ph.D. STI|Twitter|LinkedIn (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleAs a very timely follow on to today's story, check today's BHIS blog on...
=============== Rob VandenBrink Metafore (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Article