This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, January 7th, 2025…
Category: SANS Internet Storm Center, InfoCON: green
Make Malware Happy, (Mon, Jan 6th)
When I teach FOR610[1], I like to use a funny quotation with my students: “Make malware happy!†What does it mean? Yes, we like malware, and we need to treat it in a friendly way. To help the malware work…
ISC Stormcast For Monday, January 6th, 2025 https://isc.sans.edu/podcastdetail/9266, (Mon, Jan 6th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, January 6th, 2025…
SwaetRAT Delivery Through Python, (Fri, Jan 3rd)
We entered a new year, but attack scenarios have not changed (yet). I found a Python script with an interesting behavior[1] and a low Virustotal score (7/61). It targets Microsoft Windows hosts because it starts by loading all libraries required…
Goodware Hash Sets, (Thu, Jan 2nd)
In the cybersecurity landscape, we all need hashes! A hash is the result of applying a special mathematical function (a “hash functionâ€) that transforms an input (such as a file or a piece of text) into a fixed-size string or…
No Holiday Season for Attackers, (Tue, Dec 31st)
While most of us are preparing the switch to a new year (If it's already the case for you: Happy New Year!), Attackers never stop and implement always new tricks to defeat our security controls. For a long time now,…
Changes in SSL and TLS support in 2024, (Mon, Dec 30th)
With the end of the year quickly approaching, it is undoubtedly a good time to take a look at what has changed during the past 12 months. One security-related area, which deserves special attention in this context, is related to…
Phishing for Banking Information, (Fri, Dec 27th)
It is again the time of the year when scammers are asking to verify banking information, whether it is credit cards, bank card, package shipping information, winning money, etc. Last night I received a text message to verify a credit…
Capturing Honeypot Data Beyond the Logs, (Thu, Dec 26th)
By default, DShield Honeypots [1] collect firewall, web and cowrie (telnet/ssh) [2] data and log them on the local filesystem. A subset of this data is reported to the SANS Internet Storm Center (ISC) where it can be used by…
Compiling Decompyle++ For Windows, (Wed, Dec 25th)
Occasionaly I decompile Python code, with decompilers written in Python. Recently I discovered Decompyle++, a Python disassembler & decompiler written in C++. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Compiling Decompyle++…