2020
Open ports statistics for Q3 2020
· β˜• 3 min read
If you've read any of my posts about open ports on public IP addresses either here or on the SANS Internet Storm Center website, you probably know that I'm interested in how the internet changes over time and I try to gain at least some understanding of it by analyzing data gathered over time from Shodan. Since I'm probably not the only one who finds the changes in numbers of different open ports interesting, I've decided to start publishing quarterly charts for the number of IPs, which have some of the more interesting ports open/services accessible from the internet...

SANS ISC Diary - Slightly broken overlay phishing
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at an interesting (and slightly broken) phishing campaign, which overlays legitimate pages with fake login prompts.

SANS ISC Diary - A blast from the past - XXEncoded VB6.0 Trojan
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a campaign in which the malicious actors decided to go reall “old school” when it comes to file formats they would use.

SANS ISC Diary - What pages do bad bots look for?
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at which interesting pages “bad” bots look for the most on web servers.

SANS ISC Diary - Couple of interesting Covid-19 related stats
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at how regional travel restrictions impact (or don’t) the number of IP addresses which expose remote access protocols to the internet.

SANS@MIC - Catch and Release: Phishing Techniques for the Good Guys
· β˜• 1 min read
I did a SANS@MIC talk yesterday, in which I discussed interesting phishing techniques (mainly) from the point of view of red teamers. Since the recording was published today, if you didn’t get the chance to join us live, you may take a look at how it went on YouTube.