SSL version 2.0 support on web servers in the Czech Republic

📅 Jun 8, 2023 · ☕ 1 min read

Last week, I published an article discussing the weakening support for SSLv2 on web servers on the global internet. While I was writing it, it occurred to me that it might also be interesting to look specifically at the situation as it relates to web servers in the Czech Republic...

---

SANS ISC Diary - After 28 years, SSLv2 is still not gone from the internet... but we're getting there

📅 Jun 1, 2023 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at how SSLv2 support on web servers connected to the internet is slowly “dying off”…

---

SANS ISC Diary - Ongoing Facebook phishing campaign without a sender and (almost) without links

📅 May 15, 2023 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an interesting, long-term phishing campaign targeting Facebook users…

---

SANS ISC Diary - 'Passive' analysis of a phishing attachment

📅 May 1, 2023 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a “passive”, OPSEC-friendly approach to the analysis of HTML phishing attachments…

---

SANS ISC Diary - The strange case of Great honeypot of China

📅 Apr 17, 2023 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a sharp increase of Shodan’s detections of honeypots in China…

---

SANS ISC Diary - Use of X-Frame-Options and CSP frame-ancestors security headers on 1 million most popular domains

📅 Mar 31, 2023 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at the use of security-related HTTP headers that are able to prevent “framing attacks” on one million most commonly visited domains…

---

SANS ISC Diary - IPFS phishing and the need for correctly set HTTP security headers

📅 Mar 15, 2023 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at several phishing pages hosted on a disributed file system IPFS and shortly dicuss the potential of HTTP security headers to serve as a defense against phishing…

---

SANS ISC Diary - HTML phishing attachment with browser-in-the-browser technique

📅 Feb 16, 2023 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at the use of “browser-in-the-browser” technique in a generic phishing campaign…

---

SANS ISC Diary - SPF and DMARC use on 100k most popular domains

📅 Jan 19, 2023 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at SPF and DMARC use on world’s most popular domains…

---

SANS ISC Diary - Passive detection of internet-connected systems affected by vulnerabilities from the CISA KEV catalog

📅 Jan 11, 2023 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a new function of my TriOp tool and its use for passive identification of systems affected by vulnerabilities listed in the CISA KEV Catalog…

---

• 1
• 2
• 3
• 4
• 5
• …
• 16