-
zipdump & Evasive ZIP Concatenation, (Sat, Nov 9th)
On Friday’s Stormcast, Johannes talks about Evasive ZIP Concatenation, a technique where 2 (or more) ZIP files are concatenated together to evade detection. This gives me a good opportunity to remind you that my zip analysis tool zipdump.py can handle this type of file. zipdump uses Python’s zipfile module (or pyzipper if you install it),…
-
SANS Holiday Hack Challenge 2024, (Sat, Nov 9th)
The SANS Holiday Hack Challenge is open early this year: Enjoy! 🙂 Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
2023 Top Routinely Exploited Vulnerabilities
Summary The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (hereafter collectively referred to as the authoring agencies): United States: The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and National Security Agency (NSA) Australia: Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) Canada: Canadian Centre for Cyber Security (CCCS) New…
-
ISC Stormcast For Friday, November 8th, 2024 https://isc.sans.edu/podcastdetail/9214, (Fri, Nov 8th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Steam Account Checker Poisoned with Infostealer, (Thu, Nov 7th)
I found an interesting script targeting Steam users. Steam[1] is a popular digital distribution platform for purchasing, downloading, and playing video games on personal computers. The script is called “steam-account-checker” and is available in Github[2]. Its description is: steam account checker ? check your steam log 2024 ? simple script that validates steam logins fast and easy. Updated…
-
ISC Stormcast For Thursday, November 7th, 2024 https://isc.sans.edu/podcastdetail/9212, (Thu, Nov 7th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
![[Guest Diary] Insights from August Web Traffic Surge, (Wed, Nov 6th)](/wp-content/uploads/2024/11/2024-11-02_figure1-LAEWq0.png)
[Guest Diary] Insights from August Web Traffic Surge, (Wed, Nov 6th)
[This is a Guest Diary by Trevor Coleman, an ISC intern as part of the SANS.edu Bachelor’s Degree in Applied Cybersecurity (BACS) program [1]. Figure 1: ISC Web Honeypot Log Overview Chart [2] The month of August brought with it a notable surge in web traffic log activities, catching my attention. As I delved into…
-
ISC Stormcast For Wednesday, November 6th, 2024 https://isc.sans.edu/podcastdetail/9210, (Wed, Nov 6th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Python RAT with a Nice Screensharing Feature, (Tue, Nov 5th)
While hunting, I found another interesting Python RAT in the wild. This is not brand new because the script was released two years ago[1]. The script I found is based on the same tool and still has a low VT score: 3/64 (SHA256:1281b7184278f2a4814b245b48256da32a6348b317b83c440008849a16682ccb)[2]. The RAT has a lot of features to control the victim’s computer: remnux@remnux:/MalwareZoo/20241021$…
-
ISC Stormcast For Tuesday, November 5th, 2024 https://isc.sans.edu/podcastdetail/9208, (Tue, Nov 5th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
