A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at phishing kits, which are offered on the indexed part of the web.
If you've read any of my posts about open ports on public IP addresses either here or on the SANS Internet Storm Center website, you probably know that I'm interested in how the internet changes over time and I try to gain at least some understanding of it by analyzing data gathered over time from Shodan. Since I'm probably not the only one who finds the changes in numbers of different open ports interesting, I've decided to start publishing quarterly charts for the number of IPs, which have some of the more interesting ports open/services accessible from the internet...
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at an interesting (and slightly broken) phishing campaign, which overlays legitimate pages with fake login prompts.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a campaign in which the malicious actors decided to go reall “old school” when it comes to file formats they would use.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at the draft standard for “A File Format to Aid in Security Vulnerability Disclosure”, better known as security.txt.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a 130 MB EXE carrying within it a 24 kB malicious payload.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at which interesting pages “bad” bots look for the most on web servers.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at how regional travel restrictions impact (or don’t) the number of IP addresses which expose remote access protocols to the internet.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a weakness handling of LNK files in Windows, through which one may force the OS to download an arbitrary file from a remote server any time the shortcut file is displayed.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a phishing, which accidentally exploited a 0-day vulnerability in Outlook, which allows for creation or modification of links when an e-mail is forwarded by Outlook.
