Tag: Bing
-
Getting XSOAR to read QRcodes
It became a sort of attack vector to simply include malicious qr codes in emails and documents to trick the victim into reading them The news items above are just a view I have been able to find. So what can we do? Well a good start would be to add the capability to XSOAR…
-
From zero to Process to XSOAR Playbook
XSOAR is a Security Orchestration, Automation and Response Platform, hence the name. Generally speaking this means that we perform the right Response, Orchestrated from a central platform, while automating the annoying and repeatable tasks which slow us down. Using the language of the commonly known and used Incident Response Cycle, XSOAR strives in the area…
-
(My) Key takeways from the Lapsus$ review
At the dn of July 2023, the Cyber Safety Review Board has published there “post mortem” on the Lapsus$ group https://www.cisa.gov/sites/default/files/2023-08/CSRB_Lapsus%24_508c.pdf Multi Factor Authentication yes – SMS no Highlighted through out the report, the “old” ways to do MFA are not even closly secure enough to withstand an targeted or sophisticated attack. SIM swapping has…
-
Just testing something
Well, you can ignore this post, I am just demontrating the fetching of an CSV file via the XSOAR !http command to one of my customers But as you are here, let me tell you a bit more. So basically the task is fetching an CSV file via an HTTP call. The command will look…
-
Fluent-bit, Opensearch and Nginx-Proxy-forwarder
As I managed to increase my home-server-farm with two new HP t630 ThinClients, I also have the space now to finally do more with Opensearch. The components Fluent-Bit In this blog post I want to focus on the fluent-bit part, honestly the Opensearch and Nginx setups are rather straight forward and I mainly struggled (for…
-
The State of Spam in April 2023: A 168% Increase in Unwanted Emails
In April 2023, we saw a significant increase in the number of spam emails being sent. According to our data, we received a total of 1970 spam emails, which is a 168% increase compared to the previous month. This is a worrying trend, as it suggests that spammers are becoming more aggressive in their tactics.…
-
Migrating Gmail to Roundcube
While I was migrating my data away from Google, basically I am using Gmail since 2009, I had the problem on how to get my mail data out. It is nice being able to get a data dump, but what if I want to access some of the really old emails or attachments? Well, I…
-
New wave of Google Drive Spam
Starting on the 9th of April there is a new uptick in Google Drive Spam. In this type of Spam, a Google Drive Folder is simply shared with the user, leading to a email which has the standard Google Drive invite we all may know I am really wondering if Google does a good job…
-
Spam analytics gone wrong, don’t let the system do the click
It is time to take my own medicine I suppose. There are a lot of things which can go wrong when you analyze Spam and Phishing emails and this one thing, I did wrong drives me nuts. I talk about this Somebody has been so kind to sign one of my email addresses up for…