Tag: SANS Internet Storm Center, InfoCON: green

After reviewing the Top 10 Not So Common SSH Usernames and Passwords [1] published by Johannes 2 weeks ago, I noticed activity by one in his list that we don't really know what it is. Beginning 12 October 2024, my…

Read more →

RDP is one of the most prominent entry points into networks. Ransomware actors have taken down many large networks after initially entering via RDP. Credentials for RDP access are often traded by “initial access brokers”. This article has been indexed…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, October 30th, 2024…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, October 29th, 2024…

Read more →

Today, Apple released updates for all of its operating systems. These updates include new AI features. For iOS 18 users, the only upgrade path is iOS 18.1, which includes the AI features. Same for users of macOS 15 Sequoia. For…

Read more →

Phishing authors have long ago discovered that adding HTML attachments to the messages they send out can have significant benefits for them – especially since an HTML file can contain an entire credential-stealing web page and does not need to…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, October 28th, 2024…

Read more →

Ivanti products have given us a rich corpus of vulnerabilities in recent months (years). Of course, we do see occasional scans attempting to exploit them. Just today, I spotted two of them. None of them is particularly new, but a…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, October 25th, 2024…

Read more →

We do keep seeing attackers “poking around” looking for enabled development features. Developers often use these features and plugins to aid in debugging web applications. But if left behind, they may provide an attacker with inside to the application. In…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, October 24th, 2024…

Read more →

Today our “First Seen” page displayed a number of simple URLs: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Everybody Loves Bash Scripts. Including Attackers., (Wed, Oct 23rd)

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, October 23rd, 2024…

Read more →

Back in June of 2010, The Electronic Frontier Foundation (EFF) released the first beta release of the “HTTPS Everywhere” plugin [1]. Even then, most websites offered HTTPS. But unlike today, HTTP was often still the default, and HTTPS was not…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, October 22nd, 2024…

Read more →

Over the last month, two hurricanes barely missed me. Luckily, neither caused me any significant inconvenience. Sadly, others were not as lucky, and I think this is a good time to do a little “Lessons Learned” exercise. It made me…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, October 21st, 2024…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, October 18th, 2024…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, October 17th, 2024…

Read more →

I noticed in my logs 2 weeks ago regular probe from a subnet in the Amazone cloud only scanning for TCP/8080 capture by the iptables of my DShield sensor. The scanning started on the 15 Aug – 4 Oct 2024…

Read more →