Collaborate Disseminate
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Continue reading ISC Stormcast For Friday, May 2nd, 2025 https://isc.sans.edu/podcastdetail/9434, (Fri, May 2nd)
A friend asked me if my pngdump.py tool can extract individual bits from an image (cfr. diary entry “Steganography Analysis With pngdump.py“).
Continue reading Steganography Analysis With pngdump.py: Bitstreams, (Thu, May 1st)
I like it when a diary entry like “Example of a Payload Delivered Through Steganography” is published: it gives me an opportunity to test my tools, in particular pngdump.py, a tool to analyze PNG files.
Continue reading Steganography Analysis With pngdump.py, (Sat, Apr 26th)
In this diary, I’ll show you a practical example of how steganography is used to hide payloads (or other suspicious data) from security tools and Security Analysts’ eyes. Steganography can be defined like this: It is the art and science of concealing a secret message, file, or image within an ordinary-looking carrierâsuch as a digital photograph, audio clip, or textâso that the very existence of the hidden data is undetectable to casual observers (read: security people). Many online implementations of basic steganography allow you to embed a message (a string) into a picture[1].
Continue reading Example of a Payload Delivered Through Steganography, (Fri, Apr 25th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Continue reading ISC Stormcast For Friday, April 25th, 2025 https://isc.sans.edu/podcastdetail/9424, (Fri, Apr 25th)
Ever wonder where all the SMS spam comes from? If you are trying to send SMS “at scale,” there are a few options: You could sign up for a messaging provider like Twilio, the AWS SNS service, or several similar services. These services offer easily scriptable and affordable ways to send SMS messages. We have previously covered how attackers attempt to steal related credentials to use these services even cheaper (for free!).
Continue reading Attacks against Teltonika Networks SMS Gateways, (Thu, Apr 24th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Continue reading ISC Stormcast For Thursday, April 24th, 2025 https://isc.sans.edu/podcastdetail/9422, (Thu, Apr 24th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Continue reading ISC Stormcast For Thursday, April 24th, 2025 https://isc.sans.edu/podcastdetail/9422, (Thu, Apr 24th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Continue reading ISC Stormcast For Wednesday, April 23rd, 2025 https://isc.sans.edu/podcastdetail/9420, (Wed, Apr 23rd)
In the last week I ran into some issues that I hadn&#;x26;#;39;t anticipated:
Continue reading Honeypot Iptables Maintenance and DShield-SIEM Logging, (Wed, Apr 23rd)