I spend a lot of time with clients, in training courses and on this blog, explaining the significance of the “zero day” issue and how every organisation (and individual) needs to have a plan to deal with it. This post from SANS Internet Storm looks at the life cycle of …
Fork bombs for example – why you have to have up to date anti-virus software, be turned on to patching and training UPDATED 11 May 2022
This post was first published on 9 May 2022 Here is yet another example of malware and it’s delivery system from SANS TA578 using thread-hijacked emails to push ISO files for Bumblebee malware – SANS Internet Storm Centre The rise of Bumblebee malware was first reported earlier this month: More …
Patch Tuesday – May 2022
Here is SANS’ excellent round-up of Microsoft’s Patch Tuesday: Microsoft May 2022 Patch Tuesday – SANS Internet Storm Centre There are the usual array of issues that Microsoft is fixing be they become an issue – one of the Windows patches fixes Windows LSA, this impacts the authentication of accounts …
Anatomy of a RAT attack using a password protected Excel attachment
This is the classic way a hacker gets their payload into your business – send you a spreadsheet that needs your immediate attention. Include the password in the email, this makes it more likely for you to open the file – make it look official and your cyber security threat …
Continue reading “Anatomy of a RAT attack using a password protected Excel attachment”
Anatomy of a phishing email attachment – this is why we are always running training
SANS Internet Storm Centre has a couple of blog posts looking at the mechanics of a Word document and a PDF both of which are malicious payloads in a phishing email. This is what you are up against! Analyzing a Phishing Word Document – SANS Internet Storm Centre Simple PDF …
