I published an introduction article on exploit kits on the blog at Ipswitch : An Introduction To Exploit Kits
.
The article covers why attackers use exploit kits, how they can select their targets, how users get infected through exploit kits and what you can do to improve your resilience against exploit kits.
I did an earlier post on gathering open source intelligence with SpiderFoot. This post is a small update to incorporate the new version of Spiderfoot that was released recently.
A new version of Spiderfoot was recently released, including some extra modules. In my earlier post I described how I adjusted and added some modules. The new release of Spiderfoot contains part of my changes to the XForce module.
My initial change to Spiderfoot included a … Read more.
I had a guest post published on Security Training for Incident Handling: What Else Is Out There?.
This post is a follow-up to an earlier post (Security Training for Incident Handlers: What’s Out There?) that points out some alternatives for training for incident handlers.
I had a guest post published on Using Geolocation Data to Benefit Security.
This post lists how you can enrich your information with geolocation data.
I had a guest post published on Sharing Encryption Keys: A Practical Example With GPG.
In 2015 I did a posting on the Security Intelligence blog on How to Stay Up-to-Date on Security Trends. The post describes how you can streamline the process of following different news and threat information channels, classify them and bring them to good use.
One of the tools that you can use is RSS feeds. I personally use a setup of fever to grab different RSS feeds and then have them delivered in one central … Read more.
I love MISP, Malware Information Sharing Platform & Threat Sharing. I did three earlier posts on how to use and setup MISP. part 1, part 2 and part 3.
One of the nice new features by MISP is including feeds from different open source intelligence feed providers.
How does it work? Basically the feeds are provided as a JSON feed, you can browse them within MISP, import them individually or subscribe to the feed to … Read more.
I had a guest post published on Security Training for Incident Handlers: The New Glibc Getaddrinfo Vulnerability: Is It GHOST 2.0?.
The post describes the critical issue found in glibc getaddrinfo (CVE-2015-7547) and gives you advice on patch management to deal with current (and future) issues in glibc.
I had a guest post published on Security Training for Incident Handlers: What’s Out There? on the blog of IBM’s Security Intelligence.
The post describes the different types of security trainings that are available for incident handlers, including vendor-specific training, general training and community driven training.
According to isc.org “Passive DNS” or “passive DNS replication” is a technique invented by Florian Weimer in 2004 to opportunistically reconstruct a partial view of the data available in the global Domain Name System into a central database where it can be indexed and queried.
In practical terms passive DNS describes an historical database of DNS resolutions. What does this all mean? It means that you can lookup to what IP address a domain resolved … Read more.
Graphs made with cudeso posts stats
By continuing to use the site, you agree to the use of cookies. more information
An HTTP cookie, is a small piece of text sent from a website and stored in your web browser. Cookies are a reliable mechanism for websites to remember your preferences and improve your browsing experience.
If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.