-
ISC Stormcast For Wednesday, May 28th, 2025 https://isc.sans.edu/podcastdetail/9468, (Wed, May 28th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Securing Your SSH authorized_keys File, (Tue, May 27th)
This is nothing “amazingly new”, but more of a reminder to secure your “authorized_keys” file for SSH. One of the first things I see even simple bots do to obtain persistent access to a UNIX system is to add a key to the authorized_keys file of whatever account they are compromising. So here are a…
-
ISC Stormcast For Tuesday, May 27th, 2025 https://isc.sans.edu/podcastdetail/9466, (Tue, May 27th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
SVG Steganography, (Mon, May 26th)
Didier recently published several diaries related to steganography. I have to admit that steganography isn’t exactly my favorite topic. It is one of those “neat” infosec toys, but its applicability is limited. Data exfiltration usually does not require proper steganography, but just appending data to an image will usually work just fine. On the other…
-
ISC Stormcast For Friday, May 23rd, 2025 https://isc.sans.edu/podcastdetail/9464, (Fri, May 23rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Resilient Secure Backup Connectivity for SMB/Home Users, (Thu, May 22nd)
If you are reading this, you are probably someone who will not easily go without internet connectivity for an extended amount of time. You may also have various home systems that you would like to be able to reach in case of an outage of your primary internet connection. A typical setup would include a…
-
ISC Stormcast For Thursday, May 22nd, 2025 https://isc.sans.edu/podcastdetail/9462, (Thu, May 22nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
New Variant of Crypto Confidence Scam, (Wed, May 21st)
In February, we had a few diaries about crypto wallet scams. We saw these scams use YouTube comments, but they happened via other platforms and messaging systems, not just YouTube [1]. The scam was a bit convoluted: The scammer posted the secret key to their crypto wallet. Usually, this would put their crypto wallet at…
-
ISC Stormcast For Wednesday, May 21st, 2025 https://isc.sans.edu/podcastdetail/9460, (Wed, May 21st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with threat actors deploying the LummaC2 information stealer (infostealer) malware. LummaC2 malware is able to infiltrate victim computer networks and exfiltrate…
