Collaborate Disseminate
With the COVID19 pandemic ongoing, more and more countries are taking strong decisions to limit the movements of people. This is one of the best behavior to prevent more and more people to be infected. This has a big impact on many organizations that are now facing a business continuity
[The post Remote Access Bad Stories has been first published on /dev/random]
I published the following diary on isc.sans.edu: “Agent Tesla Delivered via Fake Canon EOS Notification on Free OwnCloud Account“: For a few days, there are new waves of Agent Tesla landing in our mailboxes. I found one that uses two new “channels” to deliver the trojan. Today, we can potentially receive
[The post [SANS ISC] Agent Tesla Delivered via Fake Canon EOS Notification on Free OwnCloud Account has been first published on /dev/random]
I published the following diary on isc.sans.edu: “A Safe Excel Sheet Not So Safe“: I discovered a nice sample yesterday. This excel sheet was found in a mail flagged as “suspicious” by a security appliance. The recipient asked to release the mail from the quarantine because “it was sent from
[The post [SANS ISC] A Safe Excel Sheet Not So Safe has been first published on /dev/random]
I published the following diary on isc.sans.edu: “Show me Your Clipboard Data!“: Thanks to one of our readers who submitted this interesting piece of phishing. Personally, I was not aware of this technique which is interesting to bypass common anti-spam filter and reputation systems. The idea is to create a
[The post [SANS ISC] Will You Put Your Password in a Survey? has been first published on /dev/random]
Continue reading [SANS ISC] Will You Put Your Password in a Survey?
I published the following diary on isc.sans.edu: “Show me Your Clipboard Data!“: Yesterday I’ve read an article about the clipboard on iPhones and how it can disclose sensitive information about the device owner. At the end of the article, the author gave a reference to an iPhone app that discloses
[The post [SANS ISC] Show me Your Clipboard Data! has been first published on /dev/random]
I published the following diary on isc.sans.edu: “Offensive Tools Are For Blue Teams Too“: Many offensive tools can be very useful for defenders too. Indeed, if they can help to gather more visibility about the environment that must be protected, why not use them? More information you get, more you
[The post [SANS ISC] Offensive Tools Are For Blue Teams Too has been first published on /dev/random]
Continue reading [SANS ISC] Offensive Tools Are For Blue Teams Too
The “diff” command is a very nice tools in *NIX environments to compare the content of two files. But there are some situations where diff is a pain to use. The classic case is when you need to compare many files from different directory trees (by example two different releases
[The post Diff’ing Some Files Across Similar Directory Trees has been first published on /dev/random]
Continue reading Diff’ing Some Files Across Similar Directory Trees
I published the following diary on isc.sans.edu: “Simple but Efficient VBScript Obfuscation“: Today, it’s easy to guess if a piece of code is malicious or not. Many security solutions automatically detonate it into a sandbox by security solutions. This remains quick and (most of the time still) efficient to have a first
[The post [SANS ISC] Simple but Efficient VBScript Obfuscation has been first published on /dev/random]
Continue reading [SANS ISC] Simple but Efficient VBScript Obfuscation
I published the following diary on isc.sans.edu: “Quick Analysis of an Encrypted Compound Document Format“: We like when our readers share interesting samples! Even if we have our own sources to hunt for malicious content, it’s always interesting to get fresh meat from third parties. Robert shared an interesting Microsoft Word
[The post [SANS ISC] Quick Analysis of an Encrypted Compound Document Format has been first published on /dev/random]
Continue reading [SANS ISC] Quick Analysis of an Encrypted Compound Document Format
For a few months, I’m writing less often on this blog, except to publish my conference wrap-up’s and cross-posting my SANS Internet Storm Center diaries. But today, I decided to write a quick post after spending a few hours to debug a problem with my mail server… It started with
[The post Wondering Why Security Keeps Failing? I’ve One Idea… has been first published on /dev/random]
Continue reading Wondering Why Security Keeps Failing? I’ve One Idea…