-
Steganography Challenge, (Sat, May 3rd)
If you are interested in experimenting with steganography and my tools, I propose the following challenge. This GitHub project is for a steganography tool. It has a PNG image of a stegosaurus with an encoded message. The challenge is to use my tools to decode the message. The steganographic algortihm is a bit different than…
-
ISC Stormcast For Friday, May 2nd, 2025 https://isc.sans.edu/podcastdetail/9434, (Fri, May 2nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Steganography Analysis With pngdump.py: Bitstreams, (Thu, May 1st)
A friend asked me if my pngdump.py tool can extract individual bits from an image (cfr. diary entry “Steganography Analysis With pngdump.py“). It can not. But another tool can: format-bytes.py. In the diary entry I mentioned, a PE file is embedded inside a PNG file according to a steganographic method: all the bytes of a…
-
ISC Stormcast For Thursday, May 1st, 2025 https://isc.sans.edu/podcastdetail/9432, (Thu, May 1st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Wednesday, April 30th, 2025 https://isc.sans.edu/podcastdetail/9430, (Wed, Apr 30th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Web Scanning Sonicwall for CVE-2021-20016, (Tue, Apr 29th)
There was a post initially published in January 2022 showing an exploitable “probable zero-day vulnerabilities”[1] for Sonicwall but looking back in what has been submitted in the past year to ISC, this past week was the first time we have been getting some reports. The activity occured on the 23 April 2025 between 18:00 –…
-
More Scans for SMS Gateways and APIs, (Tue, Apr 29th)
Last week, I wrote about scans for Teltonika Networks SMS Gateways. Attackers are always looking for cheap (free) ways to send SMS messages and gain access to not-blocklisted numbers. So, I took a closer look at similar scans we have seen. There are numerous ways to send SMS messages; using a hardware SMS gateway is…
-
ISC Stormcast For Tuesday, April 29th, 2025 https://isc.sans.edu/podcastdetail/9428, (Tue, Apr 29th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Monday, April 28th, 2025 https://isc.sans.edu/podcastdetail/9426, (Mon, Apr 28th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics, (Sun, Apr 27th)
SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics For digital forensics and incident response professionals, extracting precise evidence from Windows systems is critical to understanding and mitigating threats. I’m excited to introduce SRUM-DUMP Version 3, a powerful forensic tool I’ve developed to analyze the Windows System Resource Usage Monitor (SRUM) database. Available on GitHub at…
