SANS ISC Diary

SANS ISC Diary - SSL 2.0 turns 30 this Sunday... Perhaps the time has come to let it die?

📅 Feb 7, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look an upcoming 30-year anniversary of the publication of SSL 2.0, and on the number of internet-exposed systems that still support this protocol…

SANS ISC Diary - An unusual 'shy z-wasp' phishing

📅 Jan 27, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an unusual phishing message, in which two different techniques for splitting text using unrendered characters were used with the intention of bypassing security scans…

SANS ISC Diary - Changes in SSL and TLS support in 2024

📅 Dec 30, 2024 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at changes in SSL/TLS support on web servers and e-mail servers during the 12 months of 2024…

SANS ISC Diary - The strange case of disappearing Russian servers

📅 Nov 25, 2024 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a recent significant decrease in the number of servers seen by Shodan in Russia…

SANS ISC Diary - Self-contained HTML phishing attachment using Telegram to exfiltrate stolen credentials

📅 Oct 28, 2024 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an HTML phishing attachment which used Telegram to send stolen credentials back to its authors…

SANS ISC Diary - Phishing links with @ sign and the need for effective security awareness building

📅 Sep 23, 2024 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at misuse of the user information string in a URL, and at the topic of effective security awareness building in relation to phishing…

SANS ISC Diary - Script obfuscation using multiple instances of the same function

📅 Aug 5, 2024 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an interesting script obfuscation technique…

SANS ISC Diary - 'Reply-chain phishing' with a twist

📅 Jul 16, 2024 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a slightly unusual “reply-chain” phishing technique…

SANS ISC Diary - Support of SSL 2.0 on web servers in 2024

📅 Jun 28, 2024 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at the number of web server that still support SSL v2.0…

SANS ISC Diary - Files with TXZ extension used as malspam attachments

📅 May 27, 2024 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at recent malspam campaigns distributing files with the TXZ extension…