You may find links to new content I've published on https://t.co/mkRumnLeWW at @UntrustedNet.

The strange case of disappearing Russian servers https://t.co/sCpjfUb6nb

Dnes jsem byl pozván do vysílání odpoledního Studia ČT 24, kde jsem odpovídal na otázky spojené s aktuálními výpadky spojenými s chybnou aktualizací pro senzory CrowdStrike Falcon pro Windows... https://t.co/rF7GFHceXB

Few weeks ago, I came across a somewhat unusual phishing message that used a slight twist on the "reply-chain" theme to make it through e-mail filters. It is not new, but since I didn't find any write-ups of it anywhere, I wrote a short article, which you may find bellow...

Support of SSL 2.0 on web servers in 2024

It appears that the number of ICS accessible from the internet has risen by 30 thousand over 3 years

It occurred to me that the current situation surrounding the xz-utils backdoor might present a good opportunity for a quick analysis to see if national or governmental CSIRTs/their host organizations/similar entities publish security advisories during holidays...

An open redirect vulnerability exists in what remains of the Google Web Light service, and it is being actively exploited by threat actors in multiple phishing campaigns... #phishing #Google #vulnerable https://t.co/JzdNQusSPN

Threat actors generally like to use legitimate third-party online services to host malicious content, since it makes their job significantly easier. And - unfortunately - even the Internet Archive is no exception in this regard...

Computer viruses are celebrating their 40th birthday (well, 54th, really)

The smallest and largest #malware samples that were "caught" by my e-mail trap in 2023 were a small (<2 kB) VBScript file and a very large (350 MB) EXE... And what might come as a surprise is, that these two samples were pretty much functionally identical.

Phishing page with trivial anti-analysis features

I was recently asked whether typos were still a useful indicator for identifying phishing messages. To answer this question, I wrote a short post, which was just published on the Internet Storm Center website...

Co se stalo v září?🤔 Novinkami a událostmi z kyberprostoru vás tradičně provedou @StanleyNovo a @jk0pr. Tentokrát se věnovali novinkám, jako: 👉Ransomware Útok na MGM a Caesars 👉Severokorejští Hackeři a Kyberloupež 👉Čína vs USA 👉Microsoftu Unikly Desítky TB Dat

Last week, I came across an interesting phishing, in which a text with zero font size was used in quite a novel way in order to make the message appear more trustworthy. You may find details in the article linked below...

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a simple phishing which demonstrates quite well that the cost of committing cybercrime can unfortunately be extremely low…

One doesn't often find malware with 0 detections on VirusTotal, especially if it isn't completely new... Nevertheless, it seems I was “lucky” - a malicious batch file, which was used in a last week's phishing campaign I came across is still at zero… https://t.co/dUDYI2DTj1

It can be quite surprising to find out what devices accessible from the internet still support SSLv2. It seems that in Kazakhstan, where such devices are most common, over 166 thousand SSLv2-enabled devices are last-mile network boxes used by the largest national ISP...

Although SSLv2 is not completely "dead" yet, support for it seems to be dying off at a reasonable rate... Hopefully, this trend will continue in the futre.

I’m looking forward to this very much - if everything goes well, it should be a fun, relaxing talk for the attendees, even though we’re going to be talking about security… :)

I came across a Facebook phishing campaign recently, which turned out to be quite interesting - one unusual aspect of it was that due to an incorrectly set "From" field, it appeared as if the sender didn't have an e-mail address...