Open ports statistics for Q2 2021
· β 2 min read
The first half of 2020 is behind us, which means it's time for a look at how the internet as a whole changed during the past 3 months...
SANS ISC Diary - Phishing asking recipients not to report abuse
· β 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a phishing message that ended with an unusual request…
SANS ISC Diary - Architecture, compilers and black magic, or 'what else affects the ability of AVs to detect malicious files'
· β 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at how the use of a compiler affects the ability of anti-malware tools to detect malicious code…
SANS ISC Diary - All your Base are...nearly equal when it comes to AV evasion, but 64-bit executables are not
· β 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at the difference (or lack thereof) different binary-to-text encodings make when it comes to anti-malware evasion…
SANS ISC Diary - Number of industrial control systems on the internet is lower then in 2020...but still far from zero
· β 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at the number of Industrial Control Systems accessible from the internet…
SANS ISC Diary - Hunting phishing websites with favicon hashes
· β 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at how HTTP favicon hashes may be used to identify IP addresses hosting phishing websites…
SANS ISC Diary - Malspam with Lokibot vs. Outlook and RFCs
· β 1 min read
A Diary of mine was published today on the SANS Internet Storm Center website. In it, we’ll take a look at an interesting malspam message carrying the Lokibot infostealer and also causing quite unusual behavior in Outlook…
Open ports statistics for Q1 2021
· β 2 min read
The first quarter of 2020 is behind us, which means it's time for another look at some of the interesting ports accessible on public IPs. This time however, we will take a look at how the internet as a whole changed during the past 3 months, but also at specific changes related to support of different versions of SSL and TLS...
SANS ISC Diary - Old TLS versions - gone, but not forgotten... well, not really 'gone' either
· β 1 min read
A Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at changes in the number of web servers, which support TLS 1.0 and TLS 1.1…
SANS ISC Diary - 50 years of malware? Not really. 50 years of computer worms? That's a different story...
· β 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at Creeper, the first computer worm, which was created 50 years ago - according to some sources, on this very day in 1971…