News

Malicious Content Delivered Through archive.org, (Thu, Jul 29th)

Published July 29, 2021

archive.org[1], also known as the “way back machine” is a very popular Internet site that allows you to travel back in time and browse old versions of a website (like the ISC website[2]). It works like regular search engines and continuously crawls the internet via bots. But there is another way to store content on archive.org: You […]

Read more

ISC Stormcast For Thursday, July 29th, 2021 https://isc.sans.edu/podcastdetail.html?id=7606, (Thu, Jul 29th)

Published July 28, 2021

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

A sextortion e-mail from…IT support?!, (Wed, Jul 28th)

Published July 28, 2021

E-mails claiming that their author has recorded the recipient through a webcam while they were “in flagrante delicto” enjoying a visit to some pornographic site, and will publish the recording unless the recipient pays them, have been with us for quite a while now. Over time, these messages haven’t changed much. It is no wonder […]

Read more

ISC Stormcast For Wednesday, July 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7604, (Wed, Jul 28th)

Published July 27, 2021

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Apple Patches for CVE-2021-30807, (Tue, Jul 27th)

Published July 26, 2021

Apple has released another update (previous update was only about 5 days ago) to address CVE-2021-30807 that was discovered by an anonymous researcher. This update resolves an issue with IOMobileFrameBuffer which could allow an application to execute arbitrary code with kernel privileges [1], [2]. This issue may have been actively exploited. As Apple has indicated […]

Read more

ISC Stormcast For Tuesday, July 27th, 2021 https://isc.sans.edu/podcastdetail.html?id=7602, (Tue, Jul 27th)

Published July 26, 2021

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Failed Malspam: Recovering The Password, (Mon, Jul 26th)

Published July 26, 2021

Jan’s diary entry “One way to fail at malspam – give recipients the wrong password for an encrypted attachment” got my attention: it’s an opportunity for me to do some password cracking 🙂 I asked Jan for the sample. Just like Jan noticed, I saw that the sample is not actually a 7zip file, but […]

Read more

ISC Stormcast For Monday, July 26th, 2021 https://isc.sans.edu/podcastdetail.html?id=7600, (Mon, Jul 26th)

Published July 25, 2021

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Wireshark 3.4.7 Released, (Sun, Jul 25th)

Published July 25, 2021

Wireshark version 3.4.7 was released. There’s one vulnerability fix (DNP dissector crash) and 3 bug fixes. Didier Stevens Senior handler Microsoft MVP blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Active Directory Certificate Services (ADCS – PKI) domain admin vulnerability, (Sat, Jul 24th)

Published July 24, 2021

Phew, this was a really bad week for Microsoft (and a lot of reading for all of us). And just when we thought that the fiasco with the SAM hive was over, a new vulnerability popped up, which is much, much more dangerous unfortunately – it allows a user to completely take over a Windows […]

Read more