I have been experimenting with creating backups for the raspberry pi. My backup philosophy is to backup everything on these little machines as I have a tendency to install packages…
More American Express phishing. Clicking the link takes you to a fake login screen hosted on hxxp://www[dot]pilates-fitness-luzern[dot]ch/images/amex/amex/index.php you know, because I would totally enter my AmEx creds into a site…
Malicious link takes you to a Google drive document. Document was removed before it could be analyzed. From: IT DESK (via Google Drive) <itdesk109@gmail.com> Sent: Monday, May 4, 2020 11:35…
Link will take you to a fake login page asking for credentials. ——– Original Message ——– Subject: Online Banking Security Update Notice Date: 2019-12-27 08:58 From: Santander Bank To: REDACTED…
Message preys on fears, current events, and mentions large sums of money. ——– Original Message ——– Subject: I am COVID-19 POSITIVE (I need urgent assistance, info) Date: 2020-04-07 22:53 From:…
Today’s phishing expedition involves an email from hkr.glbi@hotmail[dot]com. Subject line reads “IT. Desk shared “Fwd; I shared School-Transcript-April-2020″ with you.” This email is a rather lame phishing attempt, but none…
I have been working on a malware investigation for a few weeks. A compromised system was suspected of participating in an attack on another system on the internet. Having identified…
I have added a few pages to archive documents related to large breaches from 2018. You can find links in the Documents menu above. I am sure I will be…
Author’s Note: This article was inspired by a blog posting over at the SANS Storm Center Infosec Forums. The article, Tracking Newly Registered Domains by Xavier Mertens details ways to…
This is going to be a quick post about using Splunk to look for anomalous activity in your O365 instance. I occasionally have the need to look for abnormal logins…