Tag: AI

  • Getting XSOAR to read QRcodes

    Getting XSOAR to read QRcodes

    It became a sort of attack vector to simply include malicious qr codes in emails and documents to trick the victim into reading them The news items above are just a view I have been able to find. So what can we do? Well a good start would be to add the capability to XSOAR…

    Continue reading

  • From zero to Process to XSOAR Playbook

    XSOAR is a Security Orchestration, Automation and Response Platform, hence the name. Generally speaking this means that we perform the right Response, Orchestrated from a central platform, while automating the annoying and repeatable tasks which slow us down. Using the language of the commonly known and used Incident Response Cycle, XSOAR strives in the area…

    Continue reading

  • (My) Key takeways from the Lapsus$ review

    At the dn of July 2023, the Cyber Safety Review Board has published there “post mortem” on the Lapsus$ group https://www.cisa.gov/sites/default/files/2023-08/CSRB_Lapsus%24_508c.pdf Multi Factor Authentication yes – SMS no Highlighted through out the report, the “old” ways to do MFA are not even closly secure enough to withstand an targeted or sophisticated attack. SIM swapping has…

    Continue reading

  • Just testing something

    Well, you can ignore this post, I am just demontrating the fetching of an CSV file via the XSOAR !http command to one of my customers But as you are here, let me tell you a bit more. So basically the task is fetching an CSV file via an HTTP call. The command will look…

    Continue reading

  • Fluent-bit, Opensearch and Nginx-Proxy-forwarder

    As I managed to increase my home-server-farm with two new HP t630 ThinClients, I also have the space now to finally do more with Opensearch. The components Fluent-Bit In this blog post I want to focus on the fluent-bit part, honestly the Opensearch and Nginx setups are rather straight forward and I mainly struggled (for…

    Continue reading

  • The State of Spam in April 2023: A 168% Increase in Unwanted Emails

    In April 2023, we saw a significant increase in the number of spam emails being sent. According to our data, we received a total of 1970 spam emails, which is a 168% increase compared to the previous month. This is a worrying trend, as it suggests that spammers are becoming more aggressive in their tactics.…

    Continue reading

  • Migrating Gmail to Roundcube

    While I was migrating my data away from Google, basically I am using Gmail since 2009, I had the problem on how to get my mail data out. It is nice being able to get a data dump, but what if I want to access some of the really old emails or attachments? Well, I…

    Continue reading

  • New wave of Google Drive Spam

    Starting on the 9th of April there is a new uptick in Google Drive Spam. In this type of Spam, a Google Drive Folder is simply shared with the user, leading to a email which has the standard Google Drive invite we all may know I am really wondering if Google does a good job…

    Continue reading

  • Spam analytics gone wrong, don’t let the system do the click

    It is time to take my own medicine I suppose. There are a lot of things which can go wrong when you analyze Spam and Phishing emails and this one thing, I did wrong drives me nuts. I talk about this Somebody has been so kind to sign one of my email addresses up for…

    Continue reading