SANS | Smart Thinking Solutions

5 April 2022

WordPress as a threat to a secure internet – this is why you need to attend our training course – social engineering attacks are everywhere

It is a long title but it explains exactly what this post is about. The instructions for setting up simple but profitable social engineering and phishing email campaigns are easily available across the ordinary internet, not just the dark web. The software required is free, both the malicious stuff and …

Continue reading “WordPress as a threat to a secure internet – this is why you need to attend our training course – social engineering attacks are everywhere”

25 March 2022

Do you know what an .xlsb file is? The hackers do and it is another way to obscure their malicious payloads

Here is yet another email attachment, examined by Xme, at SANS Internet Storm and for you to look out for: XLSB Files: Because Binary is Stealthier Than XML – Sans Internet Storm Centre For phishing attacks to succeed the hackers need to exploit your trust – for them to fail …

Continue reading “Do you know what an .xlsb file is? The hackers do and it is another way to obscure their malicious payloads”

24 March 2022

A question I am often asked…

I am frequently asked what I think of DropBox or other method for organisations to share files across the internet with other organisations, often after I have been speaking about Microsoft 365, OneDrive and SharePoint. Possibly after I have mentioned that these services that have, authentication, authorisation and accountability (AAA) …

Continue reading “A question I am often asked…”

19 March 2022

Active Mass Scanning for a Movable Type Vulnerability – If you do not know if this impacts you – then your business continuity documentation is not up to date!

SANS Internet Storm Diary is reporting a dramatic increase in the scanning for a vulnerability in the CMS Movable Type – software similar in function to WordPress for the development of web sites and web content. Scans for Movable Type Vulnerability (CVE-2021-20837) – SANS Internet Storm Centre National Vulnerability Database …

Continue reading “Active Mass Scanning for a Movable Type Vulnerability – If you do not know if this impacts you – then your business continuity documentation is not up to date!”

11 March 202210 March 2022

Credential leaks

It is always an issue when websites lose control of your credentials – it is a real worry when it is a site used by cyber security professionals. Credentials Leaks on VirusTotal – San Internet Storm Centre

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.