Menu

Internet Storm Center

Traffic

News Feeds (RSS) Internet Storm Center

Sat, 24 Jun 2017 22:55:17 -0600

Fake DDoS Extortions Continue. Please Forward Us Any Threats You Have Received.

Fri, 23 Jun 2017 11:24:50 -0600

We do continue to receive reports about DDoS extortion e-mail. These e-mails are essentially spammed to the owners of domains based on whois records. They claim to originate from well-known hacker groups like Anonymous who have been known to launch DDoS attacks in the past. These e-mails essentially use the notoriety of the groups name to make the threat sound more plausible. But there is no evidence that these threats originate from these groups, and so far we have not seen a single case of a DDoS being launched after a victim received these e-mails. So no reason to pay :)

Fri, 23 Jun 2017 01:35:03 -0600

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Thu, 22 Jun 2017 11:17:13 -0600

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Thu, 22 Jun 2017 06:48:54 -0600

Malicious files are generated and spread over the wild Internet daily (read: hourly). The goal of the attackers is to use files that are:

Wed, 21 Jun 2017 13:57:33 -0600

Last months entertainment for many of us was of course the wannacray ms17-010 update. For some of you it was a relaxing time just like any other month. Unfortunately for the rest of us it was a rather busy period trying to patch systems that in some cases had not been patched in months or even years. Others discovered that whilst security teams have been saying you want to open what port to the internet? firewall rules were approved allowing port 445 and in other cases even 139. Another group of users discovered that the firewall that used to be enabled on their laptop was no longer enabled whilst connected to the internet. Anyway, that was last month. On the back of it we all made improvements to our vulnerability management processes. You did, right?

Wed, 21 Jun 2017 01:40:02 -0600

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Tue, 20 Jun 2017 13:00:48 -0600

This please let us know.

Tue, 20 Jun 2017 00:45:04 -0600

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Tue, 20 Jun 2017 00:40:41 -0600

One of our readers (thanks Gebhard) mailed us a link to an article on what the press is apparently now calling a Revenge Wipe - a system administrator who has left the organization, and as a last hurrah, deletes or locks out various system or infrastructure components.

Mon, 19 Jun 2017 22:19:33 -0600

=============== Rob VandenBrink Metafore