A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a phishing campaign that has been running almost unchanged for more than a year and seems to be distributing exclusively Agent Tesla.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at two phishing e-mails from the same campaign sent out 3 months apart.
One of the side effects of social distancing and self-quarantining due to COVID-19 was a large increase in the use of VPNs (and, in some cases, different remote access protocols, such as RDP or SSH) by companies around the world, so that their employees might work from home.
I was wondering how large this increase would be when compared to the usual state of affairs. To determine this, I took a look at data I gathered from Shodan over the course of March and made couple of - hopefully interesting - charts.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles self-referential links, which makes it possible to use specially crafted URL and LNK files to crash Explorer.
Videos of all presentations from last weeks CrisisCon are now accessible on Youtube. Among them is my own talk on known unpatched vulnerabilities and weaknesses in Windows.
If you couldn’t make it to the online conference, I recommend you at least go through some of the recordings as couple of the talks were quite interesting.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles desktop.ini files, which makes it possible to use them as an interesting post-exploitation tool.
Whether your work has anything to do with security monitoring, malware analysis, incident response, or just general IT administration, youβve probably come across VirusTotal. It is an invaluable tool when it comes to identifying malicious code, however sometimes we need to dig a bit deeper than just getting a 'detection score' for a potentially dangerous file...
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we delve into the support of HTTP and HTTPS among web servers on the internet, as well as support for Telnet and SSH, over the last six months.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at couple of online scam campaigns I came accross in the last weeks.