Posts
SANS ISC Diary - A Tale of Two Phishing Sites
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look two phishing sites based on the same phishing kit, that differed significantly (not just) in the level of obfuscation…

Measuring security operations capabilities and improving their maturity, efficiency, and effectiveness
· β˜• 15 min read
To slightly paraphrase Peter Drucker’s famous quote, one can’t manage what one can’t measure. This – of course – holds true even for Computer Security Incident Response Teams (CSIRTs) and Security Operations Centers (SOCs). The only question is, how can we β€œmeasure” what they do in a meaningful way? This is what we will discuss in this article...

10 years of Untrusted Network
· β˜• 1 min read
Today marks the 10-year anniversary of this website. It has changed a lot since 2015, and not just visually, but also in terms of content. And since I thought it would be worthwhile to share something interesting for the anniversary, in this post, you will find some high-level AWStats data that encompasses the entire lifetime of this website…

SSL 2.0 support on servers in the Czech Republic
· β˜• 1 min read
While I was writing last week's article, which was devoted to the number of internet-exposed servers that still support SSL 2.0, it occured to me that it might be interesting to take a look at how support for this protocol has decreased in the Czech Republic over the years...

SANS ISC Diary - An unusual 'shy z-wasp' phishing
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an unusual phishing message, in which two different techniques for splitting text using unrendered characters were used with the intention of bypassing security scans…

SANS ISC Diary - Changes in SSL and TLS support in 2024
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at changes in SSL/TLS support on web servers and e-mail servers during the 12 months of 2024…