Subscribe: SANS Internet Storm Center, InfoCON: green
http://isc.sans.org/rssfeed.xml
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
cis controls  cis  controls  feb  february https  https isc  https  isc sans  isc stormcast  isc  sans podcastdetail  sans  stormcast february 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: SANS Internet Storm Center, InfoCON: green

SANS Internet Storm Center, InfoCON: green



SANS Internet Storm Center - Cooperative Cyber Security Monitor



Published: Fri, 23 Feb 2018 03:05:06 GMT

Last Build Date: Sun, 25 Feb 2018 11:20:09 +0000

Copyright: (C) SANS Institute 2018
 






CIS Controls Version 7, (Fri, Feb 23rd)

Fri, 23 Feb 2018 00:37:24 GMT

The Center for Internet Security (CIS) has been working diligently to update the CIS Controls (formerly known as the Critical Security Controls). A compelling feature of the CIS Controls is their regular updates that reflect the current cyber threats that face organizations, both small and large. The CIS Controls are the product of a truly global collaboration effort. “The CIS Controls have always been the product of a global community of adopters, vendors, and supporters, and V7 will be no exception,” said Tony Sager, CIS Senior Vice President and Chief Evangelist for the CIS Controls.






Passwords Part 2 - Passwords off the Wire using LLMNR, (Thu, Feb 22nd)

Thu, 22 Feb 2018 17:00:40 GMT

We ended yesterday's story with what we hope was a successful password spray. Let's assume that we can then use one of the accounts we harvested in that exercise to VPN in and RDP to a host on the inside network.









Should We Call it Quits for Passwords? Or, "Password Spraying for the Win!", (Wed, Feb 21st)

Wed, 21 Feb 2018 15:01:12 GMT

Ok, maybe that's a bit dramatic. But for most companies with web services, the answer is a serious "yes" for ditching passwords for those services. Why is that? Let's talk about how the typical external pentest might go.






Statically Unpacking a Brazilian Banker Malware, (Tue, Feb 20th)

Tue, 20 Feb 2018 17:30:49 GMT

After going through an almost endless amount of encoded droppers and loader scripts while analyzing a Brazilian banker, I finally managed to reach the actual payload, an interestingly packed/encrypted banking malware. How I statically unpacked this payload is the subject of today's diary and I hope it will help you in your future analysis.