News
Malicious Content Delivered Through archive.org, (Thu, Jul 29th)
archive.org[1], also known as the “way back machine” is a very popular Internet site that allows you to travel back in time and browse old versions of a website (like the ISC website[2]). It works like regular search engines and continuously crawls the internet via bots. But there is another way to store content on archive.org: You […]
Read moreISC Stormcast For Thursday, July 29th, 2021 https://isc.sans.edu/podcastdetail.html?id=7606, (Thu, Jul 29th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.
Read moreA sextortion e-mail from…IT support?!, (Wed, Jul 28th)
E-mails claiming that their author has recorded the recipient through a webcam while they were “in flagrante delicto” enjoying a visit to some pornographic site, and will publish the recording unless the recipient pays them, have been with us for quite a while now. Over time, these messages haven’t changed much. It is no wonder […]
Read moreISC Stormcast For Wednesday, July 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7604, (Wed, Jul 28th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.
Read moreApple Patches for CVE-2021-30807, (Tue, Jul 27th)
Apple has released another update (previous update was only about 5 days ago) to address CVE-2021-30807 that was discovered by an anonymous researcher. This update resolves an issue with IOMobileFrameBuffer which could allow an application to execute arbitrary code with kernel privileges [1], [2]. This issue may have been actively exploited. As Apple has indicated […]
Read moreISC Stormcast For Tuesday, July 27th, 2021 https://isc.sans.edu/podcastdetail.html?id=7602, (Tue, Jul 27th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.
Read moreFailed Malspam: Recovering The Password, (Mon, Jul 26th)
Jan’s diary entry “One way to fail at malspam – give recipients the wrong password for an encrypted attachment” got my attention: it’s an opportunity for me to do some password cracking 🙂 I asked Jan for the sample. Just like Jan noticed, I saw that the sample is not actually a 7zip file, but […]
Read moreISC Stormcast For Monday, July 26th, 2021 https://isc.sans.edu/podcastdetail.html?id=7600, (Mon, Jul 26th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.
Read moreWireshark 3.4.7 Released, (Sun, Jul 25th)
Wireshark version 3.4.7 was released. There’s one vulnerability fix (DNP dissector crash) and 3 bug fixes. Didier Stevens Senior handler Microsoft MVP blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.
Read moreActive Directory Certificate Services (ADCS – PKI) domain admin vulnerability, (Sat, Jul 24th)
Phew, this was a really bad week for Microsoft (and a lot of reading for all of us). And just when we thought that the fiasco with the SAM hive was over, a new vulnerability popped up, which is much, much more dangerous unfortunately – it allows a user to completely take over a Windows […]
Read more
