SANS Internet Storm Center, InfoCON: green

Use of X-Frame-Options and CSP frame-ancestors security headers on 1 million most popular domains

https://isc.sans.edu/diary.html?rss

In my last Diary[1 ], I shortly mentioned the need for correctly set Content Security Policy and/or the obsolete[2 ] X-Frame-Options HTTP security headers (not just) in order ...

https://isc.sans.edu/diary/rss/29698

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

https://isc.sans.edu/diary/rss/29694

Yesterday, I found a malicious PowerShell script that was heavily obfuscated. The filename is “B0A4.ps1"] (SHA256:b4814c8db16ecdd7904e81186715bf2a4b4ba28ef5853a41a8f59824f47f8f24), reported ...

https://isc.sans.edu/diary/rss/29692

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

https://isc.sans.edu/diary/rss/29690

Reader Martin asks us for some help extracting embedded content from a submitted malicious document .

https://isc.sans.edu/diary/rss/29688

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

https://isc.sans.edu/diary/rss/29686

A previous diary described processing some local PCAP data with Zeek. This data was collected using tcpdump on a DShield Honeypot. When looking at the Zeek connection logs, the connection state ...

https://isc.sans.edu/diary/rss/29664

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

https://isc.sans.edu/diary/rss/29684

Apple today released updates for all of its operating systems. The updates also apply for some of the older versions of iOS and macOS. For iOS/iPadOS 15, Apple now patched an already exploited vu...

https://isc.sans.edu/diary/rss/29682

In this series of diary entries, I will analyze an HTA file I found on MalwareBazaar .

https://isc.sans.edu/diary/rss/29674