Here is SANS’ excellent round-up of Microsoft’s Patch Tuesday: Microsoft May 2022 Patch Tuesday – SANS Internet Storm Centre There are the usual array of issues that Microsoft is fixing be they become an issue – one of the Windows patches fixes Windows LSA, this impacts the authentication of accounts …
Anatomy of a RAT attack using a password protected Excel attachment
This is the classic way a hacker gets their payload into your business – send you a spreadsheet that needs your immediate attention. Include the password in the email, this makes it more likely for you to open the file – make it look official and your cyber security threat …
Continue reading “Anatomy of a RAT attack using a password protected Excel attachment”
Anatomy of a phishing email attachment – this is why we are always running training
SANS Internet Storm Centre has a couple of blog posts looking at the mechanics of a Word document and a PDF both of which are malicious payloads in a phishing email. This is what you are up against! Analyzing a Phishing Word Document – SANS Internet Storm Centre Simple PDF …
Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022
This story was first published on 31 March 2022 and Updated on 5 April 2022 Update 26 April 2022 There has been a steady increase in the number of active attacks against this and related vulnerabilities: Hackers hammer SpringShell vulnerability in attempt to install cryptominers | Ars Technica This is …
Continue reading “Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022”
What can a hacker do? Swap your BTC address for theirs, when you copy and paste!
If you do not know what a BTC address is then this this particular demonstration of of a Python hack will not impact you. If you do use bitcoin or other cryptocurrency then have a look at this SANS blog by Xme: Multi-Cryptocurrency Clipboard Swapper – SANS Internet Storm Centre …
Continue reading “What can a hacker do? Swap your BTC address for theirs, when you copy and paste!”
