E-mail scams, phishing and social engineering is something that we (security people) became really used to. Even from the penetration testing engagements I do, when we utilize social engineering, it width:550px” /> Of course, none of the users that receive this e-mail would have taken this trip so the phisher in this case is trying …
Google is everywhere and provides free services to everyone. Amongst the huge list of services publicly available, there are the Google DNS, well known as 8.8.8.8, 8.8.4.4 (IPv4) and 2001:4860:4860::8888, 2001:4860:4860::8844(IPv6). But Google is far from being a non-profit organisation and they collect a lot about you via their DNS[1]. Nothing is free and, when …
Read more “Systemd Could Fallback to Google DNS?, (Wed, Jun 14th)”
Google is everywhere and provides free services to everyone. Amongst the huge list of services publicly available, there are the Google DNS, well known as 8.8.8.8, 8.8.4.4 (IPv4) and 2001:4860:4860::8888, 2001:4860:4860::8844(IPv6). But Google is far from being a non-profit organisation and they collect a lot about you via their DNS[1]. Nothing is free and, when …
Read more “Systemd Could Fallback to Google DNS?, (Wed, Jun 14th)”
Today, Microsoft and Adobe released their usual monthly security updates. Microsoft patched a total of 96 different vulnerabilities. Three vulnerabilities have already been disclosed publicly, and two vulnerabilities stick out for being already exploited according to Microsoft: %%cve:2017-8464%% This vulnerability can be exploited when a user views a malicious shortcut file. Windows shortcuts use small …
Today, Microsoft and Adobe released their usual monthly security updates. Microsoft patched a total of 96 different vulnerabilities. Three vulnerabilities have already been disclosed publicly, and two vulnerabilities stick out for being already exploited according to Microsoft: %%cve:2017-8464%% This vulnerability can be exploited when a user views a malicious shortcut file. Windows shortcuts use small …
If you would like to practicememory forensics using Volatility but you dont like command line tools and you hate to remmber plugins then VolUtility is your friend. Volutility1 2 is a web frontend for Volatility framework. Installation In this dairy, I will install VolUtlity on Linux SIFT3 workstation. Update your SIFT workstation and install django …
If you would like to practicememory forensics using Volatility but you dont like command line tools and you hate to remmber plugins then VolUtility is your friend. Volutility1is a web frontend for Volatility framework. Installation In this dairy, I will install VolUtlity on Linux SIFT2workstation. Update your SIFT workstation and install django margin-right:210.0pt”>$ sudo apt-get …
With two new drivers in my home, I am training them to occasionally look in the rear view mirror of their car as an effective way to increase their situational awareness when driving. What if this principle were applied to the area of hardware and software inventory? Perhaps in the form of a quarterly reminder …
Read more “An Occasional Look in the Rear View Mirror, (Sat, Jun 10th)”
With two new drivers in my home, I am training them to occasionally look in the rear view mirror of their car as an effective way to increase their situational awareness when driving. What if this principle were applied to the area of hardware and software inventory? Perhaps in the form of a quarterly reminder …
Read more “An Occasional Look in the Rear View Mirror, (Sat, Jun 10th)”
Tom Webb (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.