*
  
*
*
* *
Login 
  Sunday, April 18, 2021 Register 
Search For Domain
www. Go
Links
 
 
 





Welcome To Worldinfomall.com Portal

To View all of the contents please login. If you do not have a login, register and get one it is free and easy.

 

Internet Storm Center - News Feed
 

Decoding Cobalt Strike Traffic, (Sun, Apr 18th)
In diary entry "Example of Cleartext Cobalt Strike Traffic (Thanks Brad)" I share a capture file I found with unencrypted Cobalt Strike traffic. The traffic is unencrypted since the malicious actors used a trial version of Cobalt Strike.

Querying Spamhaus for IP reputation, (Fri, Apr 16th)
Way back in 2018 I posted a diary describing how I have been using the Neutrino API to do IP reputation checks. In the subsequent 2+ years that python script has evolved some which hopefully I can go over at some point in the future, but for now I would like to show you the most recent capability I added into that script.

HTTPS Support for All Internal Services, (Fri, Apr 16th)
SSL/TLS has been on stage for a while with deprecated protocols[1], free certificates for everybody[2]. The landscape is changing to force more and more people to switch to encrypted communications and this is good! Like Johannes explained yesterday[3], Chrome 90 will now append "https://" by default in the navigation bar. Yesterday diary covered the deployment of your own internal CA to generate certificates and switch everything to secure communications. This is a good point. Especially, by deploying your own root CA, you will add an extra string to your securitybow: SSL interception and inspection.

ISC Stormcast For Friday, April 16th, 2021 https://isc.sans.edu/podcastdetail.html?id=7460, (Fri, Apr 16th)


Why and How You Should be Using an Internal Certificate Authority, (Thu, Apr 15th)
Yesterday, Google released Chrome 90, and with that "HTTPS" is becoming the default protocol if you enter just a hostname into the URL bar without specifying the protocol &&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5b&#x3b;1&&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5d&#x3b;. This is the latest indication that the EFF&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;s "HTTPS Everywhere" initiative is succeeding &&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5b&#x3b;2&&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5d&#x3b;&&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5b&#x3b;3&&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5d&#x3b;. Browsers are more and more likely to push users to encrypted content. While I applaud this trend, it does have a downside for small internal sites that often make it difficult to configure proper certificates. In addition, browsers are becoming pickier as to what certificates they accept. For example, in the "good old days", I could set up internal certificates that were valid for 10 years, not having to worry about the expiring. Currently, browsers will reject certificates valid for more than 13 months (398 days) &&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5b&#x3b;4&&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5d&#x3b;. 

ISC Stormcast For Thursday, April 15th, 2021 https://isc.sans.edu/podcastdetail.html?id=7458, (Thu, Apr 15th)


ISC Stormcast For Wednesday, April 14th, 2021 https://isc.sans.edu/podcastdetail.html?id=7456, (Wed, Apr 14th)


April 2021 Forensic Quiz: Answers and Analysis, (Wed, Apr 14th)
Introduction

Microsoft April 2021 Patch Tuesday, (Tue, Apr 13th)
This month&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;s score includes 114 Vulnerabilities. There are 19 Criticals this month with 4 previously disclosed and 1 being exploited.

NMAP Announces release of nPcap 1.30, Raw Wifi + Better Performance. https://seclists.org/nmap-announce/2021/1, (Tue, Apr 13th)

 
 
Cnet.com 5 Most Recent Stories
 
News Feed Is Not Available At This Time. Error message: 'doctype' is an unexpected token. The expected token is 'DOCTYPE'. Line 1, position 3.

 
 
Warning About Dell Computers.. Think Long And Hard Before You Buy One
 
There was a time when I thought Dell Computers where a gone buy, but those days are long good. When you buy a computer from a large company you expect good service, well Dell does not have good service just and endless run around of transfer you from one department to another. To tell the story in complete,I will now go into detail, I stopped in the Dell Booth at COMDEX on Tuesday Nov. 18,2003 and asked a few questions which I could not get answer until someone said let me get the expert on the dimensions for you, I think she said he was the product manager. I waited and then told him my requires for the workstation I was looking for and wanted to purchase a Dell since I already have several and like them. I told him I wanted a small form factor PC with and internal 802.11G wireless network card , and if they did not have the card as long as I could add a PCI card to it that is find, and do not need an OS. The Dell rep said sure the 4600C can do that but had to get an OS so go XP home to save the money., I said that I could not find a option to have wireless built-in and he said that it did. Who was I to tell the guy about is product. He got on his company and price it up and I liked it so he placed the order right there for me. Nice I thought that I order from a mail order/online vendor without doing anything and in person. Boy was I wrong. The pc came, I tried to track it but it never would show the tracking info until after it was delivered by UPS, I went to re-install to Windows XP Pro so was getting all the driver cds and discovered that the wireless adapter was a USB external adapter not as was requested but I liked the PC and the 17-Inch LCD so would live with it. I thought it would be a snap to get the correct adapter. After 5 hours on the phone I finally had the correct adapter ordered and a something coming to return the other. The details of the my phone calls are to come, but to give an overview for now, I was transfered atleast 5 times within an hour and each time I had to start the story over, and this was after I had spent 4 hours before to get no where but have a case number that no one really cared to have and being told I called the wrong department even though I was transfered there. Tune back in for the specific details.

Michael Dell said this in an Interview I read that was linked to from on Dell's web site:
How will you keep evolving your structure? Will you have to become more like an IBM?
We don’t want to do that. We don’t want to act like a big company as we get bigger. Our structure is still very fast, very flexible. It doesn’t have a huge number of layers. Communication happens quickly. Our goal is to retain that as much as we can. ( the complete interview can be found here , http://www.chiefexecutive.net/mag/193/index.html

Well to late, you have already are acting like one.

 
 
Copyright 2002-2003 Worldinfomall
*
The Nerd Group   Terms Of Use   Privacy Statement
>