SANS Internet Storm Center, InfoCON: green

↧

ISC Stormcast For Thursday, December 8th 2016...

December 7, 2016, 4:35 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

Good Cop; Bad Cop; Domain Cop?, (Thu, Dec 8th)

December 8, 2016, 5:08 am

When investigating events, like malware or spam hitting our systems, we often send notifications to parties from which the malicious traffic originates. One the other hand, it isntterribly unusual, for...

View Article

ISC Stormcast For Friday, December 9th 2016...

December 8, 2016, 4:40 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

Mirai - now with DGA, (Fri, Dec 9th)

December 9, 2016, 11:29 am

Shortly after Miraiwas attributed to massive DDOS on OVH and Brian Krebsthe source code for Mirai was released on Github. This was a double edged sword. It gave security researchers insight into the...

View Article

Image may be NSFW.
Clik here to view.

Sleeping VBS Really Wants To Sleep, (Sat, Dec 10th)

December 10, 2016, 12:23 pm

Diary reader Wayne Smith shared an interesting malicious document with us. Wayne also provided us with his own analysis: this malicious document sleeps and checks the time online before it activates...

View Article

Steganography in Action: Image Steganography & StegExpose, (Sun, Dec 11th)

December 11, 2016, 10:02 am

In the last of a three part (Part 1-GCIH, Part 2-GCIA) series focused on tools I revisited during my GSE re-certification process, I thought itd be timely and relevant to give you a bit of a...

View Article

ISC Stormcast For Monday, December 12th 2016...

December 11, 2016, 2:50 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

5 Questions to Ask your IoT Vendors; But Do Not Expect an Answer., (Mon, Dec...

December 11, 2016, 6:39 pm

This year shapes up to become the year that IoT exploits started to become mainstream news. Mirai, car hacking,and ubiquitous router exploits are now being discussed outside security conferences. One...

View Article

ISC Stormcast For Tuesday, December 13th 2016...

December 12, 2016, 5:10 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

December 2016 Microsoft Patch Tuesday, (Tue, Dec 13th)

December 13, 2016, 11:10 am

https://isc.sans.edu/mspatchdays.html?viewday=2016-12-13 == Update Thank you to our reader who caught the incorrect link. We at the ISC do not have a time machine. Summary out shortly. ~Richard (c)...

View Article

December 2016 Patch Tuesday Brief and Updates, (Tue, Dec 13th)

December 13, 2016, 12:45 pm

December Patch Tuesday ISC Link:https://isc.sans.edu/mspatchdays.html?viewday=2016-12-13 MS16-144 Woha, patch now on clients! Servers might need emergency procedures (depending upon internal...

View Article

ISC Stormcast For Wednesday, December 14th 2016...

December 13, 2016, 8:00 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

UAC Bypass in JScript Dropper, (Tue, Dec 13th)

December 14, 2016, 11:46 am

Yesterday, one of our readers sent us a malicious piece of JScript: doc2016044457899656.pdf.js.js. Its always interesting to have a look at samples coming from alternate sources because they may...

View Article

ISC Stormcast For Thursday, December 15th 2016...

December 14, 2016, 6:05 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

Domaincop malpsam, (Thu, Dec 15th)

December 14, 2016, 9:54 pm

Introduction Last month on 2016-11-22, I saw 10 items of malicious spam (malspam) sent to my spam folder. The messages all had links to malware. Unfortunately, by the time I examined those emails, the...

View Article

ISC Stormcast For Friday, December 16th 2016...

December 15, 2016, 5:40 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

One, if by email, and two, if by EK: The Cerbers are coming!, (Fri, Dec 16th)

December 15, 2016, 6:49 pm

Introduction One, if by land, and two, if by sea is a phrase used by American poet Henry Wadsworth Longfellow in his poem Paul Reveres Ride first published in 1861. Longfellows poem tells a somewhat...

View Article

Holiday Safe Computing Tips, (Sat, Dec 17th)

December 17, 2016, 12:18 pm

It is that time of year again. It is the holiday season with presents under the tree. Some of those presents are bound to be electronic. Whether they are PCs, Macs, cellular phones, gaming systems or...

View Article

Blocking Powershell Connection via Windows Firewall. , (Sun, Dec 18th)

December 17, 2016, 5:12 pm

In my last post, I mapped controls to stop a malicious doc calling out via Powershell. Im now going to cover how using the Windows firewall can stop the attack chain.">Windows firewall can be used...

View Article

ISC Stormcast For Monday, December 19th 2016...

December 18, 2016, 6:25 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article