2021
SANS ISC Diary - Phishing e-mail with...an advertisement?
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a slightly unusual phishing message that contained text reminiscent of an advertisement for Xerox products…

TriOp update - version 1.4 (and Shodan Trends)
· β˜• 1 min read
I’ve published version 1.4 of TriOp today. The only change in this version is the addition of CVE-2021-31206 (vulnerability used in the ProxyShell attack) to the relevant search list. One additional point that deserves a mention is that Shodan has recently opened access to a new service called Shodan Trends...

Open ports statistics for Q3 2021
· β˜• 2 min read
Only the last three months remain until the end of 2021, which means it's time for a look at how the internet as a whole changed in the third quarter of the year...

Interview - ECSC 2021
· β˜• 1 min read
Prague is currently hosting this year’s European Cyber Security Challenge - an international security competition for teams of young talents from different European countries. Since I am the author of one of the practical challenges that make up the competition and ALEF is one of its sponsors, I was asked for a short interview by the competition’s organizers in the run up to the Challenge itself. The resulting video was published on Youtube today.

Presentation from TF-CSIRT meeting - How TLS 1.3 adoption (and disposal of SSL) is going
· β˜• 1 min read
64th meeting of the TF-CSIRT community took place today. I've had the pleasure to contribute to it with a short presentation about the current state of adoption of TLS 1.3 and continued use of SSL protocols. Although I usually don't mention presentations I've prepared for TF-CSIRT meetings here, I've decided to make an exception for this one, since I believe that it might be worth looking at even without the accompanying commentary...