Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
11 résultats taggé SANS  ✕
Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440 https://isc.sans.edu/diary/rss/31782
21/03/2025 08:57:27
QRCode
archive.org
thumbnail

Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440, Author: Johannes Ullrich

sans EN 2025 CVE-2024-20439 CVE-2024-20440 Exploit attempts Cisco Smart-Licensing-Utility
Exploit attempts for unpatched Citrix vulnerability https://isc.sans.edu/diary/31446
20/11/2024 22:19:03
QRCode
archive.org
thumbnail

Exploit attempts for unpatched Citrix vulnerability, Author: Johannes Ullrich

sans EN 2024 Exploit unpatched Citrix vulnerability
From Perfctl to InfoStealer https://isc.sans.edu/diary/From%20Perfctl%20to%20InfoStealer/31334
09/10/2024 16:09:09
QRCode
archive.org
thumbnail

From Perfctl to InfoStealer, Author: Xavier Mertens

sans EN 2024 Perfctl infostealer analysis linux
Ransomware Cases Increased Greatly in 2023 https://www.sans.org/blog/ransomware-cases-increased-greatly-in-2023/
26/01/2024 17:44:22
QRCode
archive.org

As we move further into 2024, we must be cautious (maybe even fearful!) of ransomware cases increasing even more than in previous years. Though governments around the world are taking more interest in the worldwide threat, we can see from the increase of cases that our actions have not been enough to thwart the ransomware threat. As new groups continue to form, former groups continue to evolve into new brands, and the big players continue to ramp up their efforts, we must remain vigilant and focus on our preparation and early detection capabilities.

sans 2024 EN ransomware 2023 Stats
Redline Dropped Through MSIX Package https://isc.sans.edu/diary/Redline+Dropped+Through+MSIX+Package/30404/?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118
17/11/2023 08:39:15
QRCode
archive.org

Redline Dropped Through MSIX Package, Author&colon

isc.sans.edu SANS 2023 EN Redline MSIX Package analysis
Loader activity for Formbook "QM18" https://isc.sans.edu/diary/rss/30020
13/07/2023 00:17:50
QRCode
archive.org

Loader activity for Formbook "QM18", Author: Brad Duncan

SANS EN 2023 QM18 Formbook Loader
Kazakhstan - the world's last SSLv2 superpower... and a country with potentially vulnerable last-mile internet infrastructure https://isc.sans.edu/diary/29988
28/06/2023 11:46:14
QRCode
archive.org

Kazakhstan - the world's last SSLv2 superpower... and a country with potentially vulnerable last-mile internet infrastructure, Author: Jan Kopriva

sans EN 2023 Kazakhstan SSLv2 vulnerable internet
Microsoft February 2023 Patch Tuesday https://isc.sans.edu/diary/rss/29548
17/02/2023 13:58:27
QRCode
archive.org
thumbnail

Microsoft today patched 80 different vulnerabilities. This includes the Chromium vulnerabilities affecting Microsoft Edge. Nine vulnerabilities are rated as "Critical" by Microsoft.

Three of the vulnerabilities, all rated "important", are already being exploited

sans en 2023 February PatchTuesday vulnerabilities
A Backdoor with Smart Screenshot Capability https://isc.sans.edu/diary/rss/29534
09/02/2023 18:27:30
QRCode
archive.org

Today, everything is “smart” or “intelligent”. We have smartphones, smart cars, smart doorbells, etc. Being "smart" means performing actions depending on the context, the environment, or user actions.

For a while, backdoors and trojans have implemented screenshot capabilities. From an attacker’s point of view, it’s interesting to “see” what’s displayed on the victim’s computer.

sans EN 2023 python backdoor Screenshot
InfoSec Handlers Diary Blog - SANS Internet Storm Center https://isc.sans.edu/diary/29448
18/01/2023 13:37:13
QRCode
archive.org
thumbnail

Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware

SANS EN 2023 googleads Fake Notepad Aurora Stealer malware
Google ads lead to fake software pages pushing IcedID (Bokbot) https://isc.sans.edu/diary/Google+ads+lead+to+fake+software+pages+pushing+IcedID+Bokbot/29344
18/12/2022 12:00:59
QRCode
archive.org
thumbnail

Fake sites for popular software have occasionally been used by cyber criminal groups to push malware. Campaigns pushing IcedID malware (also known as Bokbot) also use this method as a distribution technique (we also commonly see IcedID sent through email).

SANS EN 2022 googleads bokbot fake software ads abusing delivery IceID
4252 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio