Obfuscated backdoor attack: Simple but Undetected PowerShell Backdoor – SANS This is a more complex read but if you are in the business it is a real help to see how these old school attacks still work.
You should know that Phishing is not always done by email
There is an article on the Sans Internet Storm Diary looking at a phishing attack/exploit that is running on Discord. Phishing Direct Messages via Discord (sans.edu) Now you may not know what Discord is, but your takeaway from this blog post is that phishing is not just something that attacks …
Continue reading “You should know that Phishing is not always done by email”
Malware Spam in the wild
The SANS Internet Storm Centre is reporting another spam email attack doing the rounds with a new payload. TA551 (Shathak) pushes IcedID (Bokbot) (sans.edu) The important things to take away from this are: In real world situations ransomware has been delivered to companies using these methods Keep your spam filters …
CCTV Camera vulnerabilities – are your IoT devices letting hackers into your house or office?
When did you last check your IoT devices? SANS Internet Storm Diary is reporting a cyber security issue with “Hikvision’s popular Internet of things (IoT) security camera”. Hikvision Security Cameras Potentially Exposed to Remote Code Execution (sans.edu) If you have any of these internet connected cameras, check them now. Even …
Octagon Technology and 365R deals with Shadow IT
Shadow IT is a term that refers to the use of un-authorised or unknown hardware and software in an organisation. Often the board through the IT Department has written a policy for for what can and cannot be used in an organisation for processing their information but when someone finds …
Continue reading “Octagon Technology and 365R deals with Shadow IT”