[SANS ISC] The story of the CFO and CEO…

I published the following diary on isc.sans.org: “The story of the CFO and CEO…“. I read an interesting article in a Belgian IT magazine[1]. Every year, they organise a big survey to collect feelings from people working in the IT field (not only security). It is very broad and covers their

[The post [SANS ISC] The story of the CFO and CEO… has been first published on /dev/random]

from [SANS ISC] The story of the CFO and CEO…

Who’s Visiting the Phishing Site?

Today, while hunting, I found a malicious HTML page in my spam trap. The page was a fake JP Morgan Chase bank. Nothing fancy. When I found such material, I usually search for “POST” HTTP requests to collect URLs and visit the websites that receive the victim’s data. As usual, the

[The post Who’s Visiting the Phishing Site? has been first published on /dev/random]

from Who’s Visiting the Phishing Site?

FIRST TC Amsterdam 2017 Wrap-Up

Here is my quick wrap-up of the FIRST Technical Colloquium hosted by Cisco in Amsterdam. This is my first participation to a FIRST event. FIRST is an organization helping in incident response as stated on their website: FIRST is a premier organization and recognized global leader in incident response. Membership

[The post FIRST TC Amsterdam 2017 Wrap-Up has been first published on /dev/random]

from FIRST TC Amsterdam 2017 Wrap-Up

Archive.org Abused to Deliver Phishing Pages

The Internet Archive is a well-known website and more precisely for its “WaybackMachine” service. It allows you to search for and display old versions of websites. The current Alexa ranking is 262 which makes it a “popular and trusted” website. Indeed, like I explained in a recent SANS ISC diary, whitelists

[The post Archive.org Abused to Deliver Phishing Pages has been first published on /dev/random]

from Archive.org Abused to Deliver Phishing Pages

HITB Amsterdam 2017 Day #2 Wrap-Up

After a nice evening with some beers and an excellent dinner with infosec peers, here is my wrap-up for the second day. Coffee? Check! Wireless? Check! Twitter? Check! As usual, the day started with a keynote. Window Snyder presented “All Fall Down: Interdependencies in the Cloud”. Window is the CSO

[The post HITB Amsterdam 2017 Day #2 Wrap-Up has been first published on /dev/random]

from HITB Amsterdam 2017 Day #2 Wrap-Up

HITB Amsterdam 2017 Day #1 Wrap-Up

I’m back in Amsterdam for the 8th edition of the security conference Hack in the Box. Last year, I was not able to attend but I’m attending it for a while (you can reread all my wrap-up’s here). What to say? It’s a very strong organisation, everything running fine, a

[The post HITB Amsterdam 2017 Day #1 Wrap-Up has been first published on /dev/random]

from HITB Amsterdam 2017 Day #1 Wrap-Up

[SANS ISC] Pro & Con of Outsourcing your SOC

I published the following diary on isc.sans.org: “Pro & Con of Outsourcing your SOC“. I’m involved in a project to deploy a SIEM (“Security Information &Event Management“) / SOC (“Security Operation Center“) for a customer. The current approach is to outsource the services to an external company also called a

[The post [SANS ISC] Pro & Con of Outsourcing your SOC has been first published on /dev/random]

from [SANS ISC] Pro & Con of Outsourcing your SOC

[SANS ISC] Nicely Obfuscated JavaScript Sample

I published the following diary on isc.sans.org: “Nicely Obfuscated JavaScript Sample“. One of our readers sent us an interesting sample that was captured by his anti-spam. The suspicious email had an HTML file attached to it. By having a look at the file manually, it is heavily obfuscated and the payload

[The post [SANS ISC] Nicely Obfuscated JavaScript Sample has been first published on /dev/random]

from [SANS ISC] Nicely Obfuscated JavaScript Sample

TROOPERS 2017 Day #3 Wrap-Up

The third day is already over! Today the regular talks were scheduled split in three tracks: offensive, defensive and a specific one dedicated to SAP. The first slot at 09:00 was, as usual, a keynote. Enno Rey presented ten years of TROOPERS. What happened during all those editions? The main

[The post TROOPERS 2017 Day #3 Wrap-Up has been first published on /dev/random]

from TROOPERS 2017 Day #3 Wrap-Up