* *
  Monday, November 23, 2020 Register 
Search For Domain
www. Go

Welcome To Worldinfomall.com Portal

To View all of the contents please login. If you do not have a login, register and get one it is free and easy.


Internet Storm Center - News Feed

Quick Tip: Cobalt Strike Beacon Analysis, (Mon, Nov 23rd)
Several of our handlers, like Brad and Renato, have written diary entries about malware infections that involved the red team framework Cobalt Strike.

ISC Stormcast For Monday, November 23rd 2020 https://isc.sans.edu/podcastdetail.html?id=7264, (Mon, Nov 23rd)

Quick Tip: Extracting all VBA Code from a Maldoc - JSON Format, (Sun, Nov 22nd)
In diary entry "Quick Tip: Extracting all VBA Code from a Maldoc" I explain which options to use with oledump.py to extract all VBA code with a single command.

VMware privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005) - https://www.vmware.com/security/advisories/VMSA-2020-0026.html, (Sat, Nov 21st)

Malicious Python Code and LittleSnitch Detection, (Fri, Nov 20th)
We all run plenty of security tools on our endpoints. Their goal is to protect us by preventing infection (or trying to prevent it). But all those security tools are present on our devices like normal applications and are, therefore, easy to detect. Techniques to detect the presence of such security tools are multiple:

ISC Stormcast For Friday, November 20th 2020 https://isc.sans.edu/podcastdetail.html?id=7262, (Fri, Nov 20th)

PowerShell Dropper Delivering Formbook, (Thu, Nov 19th)
Here is an interesting PowerShell dropper&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xc2&#x3b;&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xa0&#x3b;that is nicely obfuscated and has anti-VM detection. I spotted this file yesterday, called &&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;ad.jpg&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xc2&#x3b;&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xa0&#x3b;(SHA256:b243e807ed22359a3940ab16539ba59910714f051034a8a155cc2aff28a85088). Of course, it&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;s not a picture but a huge text file with Base64-encoded data. The VT score is therefore interesting: 0/61![1].&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xc2&#x3b;&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xa0&#x3b;Once decoded, we discover the obfuscated PowerShell code. Let&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;s review the techniques implemented by the attacker.

ISC Stormcast For Thursday, November 19th 2020 https://isc.sans.edu/podcastdetail.html?id=7260, (Thu, Nov 19th)

When Security Controls Lead to Security Issues, (Wed, Nov 18th)
The job of security professionals is to protect customers&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b; assets and, even more, today, customers&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b; data. The security landscape is full of solutions that help to improve security by detecting (and blocking) threats knocking on the organizations&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b; doors. Sometimes, such solutions have side effects that go to the opposite direction and make customers more vulnerable to attacks.

ISC Stormcast For Wednesday, November 18th 2020 https://isc.sans.edu/podcastdetail.html?id=7258, (Wed, Nov 18th)

Cnet.com 5 Most Recent Stories
News Feed Is Not Available At This Time. Error message: 'doctype' is an unexpected token. The expected token is 'DOCTYPE'. Line 1, position 3.

Warning About Dell Computers.. Think Long And Hard Before You Buy One
There was a time when I thought Dell Computers where a gone buy, but those days are long good. When you buy a computer from a large company you expect good service, well Dell does not have good service just and endless run around of transfer you from one department to another. To tell the story in complete,I will now go into detail, I stopped in the Dell Booth at COMDEX on Tuesday Nov. 18,2003 and asked a few questions which I could not get answer until someone said let me get the expert on the dimensions for you, I think she said he was the product manager. I waited and then told him my requires for the workstation I was looking for and wanted to purchase a Dell since I already have several and like them. I told him I wanted a small form factor PC with and internal 802.11G wireless network card , and if they did not have the card as long as I could add a PCI card to it that is find, and do not need an OS. The Dell rep said sure the 4600C can do that but had to get an OS so go XP home to save the money., I said that I could not find a option to have wireless built-in and he said that it did. Who was I to tell the guy about is product. He got on his company and price it up and I liked it so he placed the order right there for me. Nice I thought that I order from a mail order/online vendor without doing anything and in person. Boy was I wrong. The pc came, I tried to track it but it never would show the tracking info until after it was delivered by UPS, I went to re-install to Windows XP Pro so was getting all the driver cds and discovered that the wireless adapter was a USB external adapter not as was requested but I liked the PC and the 17-Inch LCD so would live with it. I thought it would be a snap to get the correct adapter. After 5 hours on the phone I finally had the correct adapter ordered and a something coming to return the other. The details of the my phone calls are to come, but to give an overview for now, I was transfered atleast 5 times within an hour and each time I had to start the story over, and this was after I had spent 4 hours before to get no where but have a case number that no one really cared to have and being told I called the wrong department even though I was transfered there. Tune back in for the specific details.

Michael Dell said this in an Interview I read that was linked to from on Dell's web site:
How will you keep evolving your structure? Will you have to become more like an IBM?
We don’t want to do that. We don’t want to act like a big company as we get bigger. Our structure is still very fast, very flexible. It doesn’t have a huge number of layers. Communication happens quickly. Our goal is to retain that as much as we can. ( the complete interview can be found here , http://www.chiefexecutive.net/mag/193/index.html

Well to late, you have already are acting like one.

Copyright 2002-2003 Worldinfomall
The Nerd Group   Terms Of Use   Privacy Statement