Google Paid Ads for Fake Tesla Websites, (Sun, Aug 10th)
In recent media events, Tesla has demoed progressively more sophisticated versions of its Optimus...
Read More
Category: SANS ISC Bulletins
Legacy May Kill, (Sun, Aug 3rd)
Just saw something that I thought was long gone. The username “pop3user” is showing up in our telnet/ssh logs. I don’t know how long ago it was that I used POP3 to retrieve e-mail from one of my mail servers....
Read More
New Feature: Daily Trends Report, (Mon, Aug 4th)
I implemented a new report today, the “Daily Trends” report. It summarizes noteworthy...
Read More
Stealing Machine Keys for fun and profit (or riding the SharePoint wave), (Tue, Aug 5th)
About 10 days ago exploits for Microsoft SharePoint (CVE-2025-53770, CVE-2025-53771) started being...
Read More
Do sextortion scams still work in 2025?, (Wed, Aug 6th)
Sextortion e-mails have been with us for quite a while, and these days, most security...
Read More![Mass Internet Scanning from ASN 43350 [Guest Diary], (Thu, Aug 7th)](https://b923496.smushcdn.com/923496/wp-content/uploads/2025/08/Duncan_Woosley_pic1-483x376.png?lossy=1&strip=1&webp=1)
Mass Internet Scanning from ASN 43350 [Guest Diary], (Thu, Aug 7th)
[This is a Guest Diary by Duncan Woosley, an ISC intern as part of the SANS.edu BACS program]...
Read MoreZero Trust and Entra ID Conditional Access, (Sun, Jan 19th)
Microsoft Entra ID (Formerly Azure AD) Conditional Access (CA) policies are the key components to a Zero Trust strategy, as it provides the ability to function as the front door for users and devices. CA policies use attributes,...
Read MoreMore SSH Fun!, (Tue, Dec 24th)
A few days ago, I wrote a diary[1] about a link file that abused the ssh.exe tool present in modern versions of Microsoft Windows. At the end, I mentioned that I will hunt for more SSH-related files/scripts. Guess what? I...
Read More
Compiling Decompyle++ For Windows, (Wed, Dec 25th)
Occasionaly I decompile Python code, with decompilers written in Python. Recently I discovered...
Read More
Capturing Honeypot Data Beyond the Logs, (Thu, Dec 26th)
By default, DShield Honeypots [1] collect firewall, web and cowrie (telnet/ssh) [2] data and log...
Read More
Phishing for Banking Information, (Fri, Dec 27th)
It is again the time of the year when scammers are asking to verify banking information, whether...
Read More
Changes in SSL and TLS support in 2024, (Mon, Dec 30th)
With the end of the year quickly approaching, it is undoubtedly a good time to take a look at what...
Read More
- 1
- ...
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- ...
- 186