I published the following diary on isc.sans.edu: “Pastebin.com Used As a Simple C2 Channel“: With the growing threat of ransomware attacks, they are other malicious activities that have less attention today but they remain active. Think about crypto-miners. Yes, attackers continue to mine Monero on compromised systems. I spotted an interesting
Pastebin.com is one of my favourite playground. I’m monitoring the content of all pasties posted on this website. My goal is to find juicy data like configurations, database dumps, leaks of credentials. Sometimes you can find also malicious binary files.
I published the following diary on isc.sans.org: “Analysis of a Suspicious Piece of JavaScript“. What to do on a cloudy lazy Sunday? You go hunting and review some alerts generated by your robots. Pastebin remains one of my favourite playground and you always find interesting stuff there. In a recent
I published the following diary on isc.sans.org: “Many Malware Samples Found on Pastebin“. pastebin.com is a wonderful website. I’m scrapping all posted pasties (not only from pastebin.com) and pass them to a bunch of regular expressions. As I said in a previous diary, it is a good way to perform
For a few months now, my toy leakedin.com is back online. When I brought the website up again, a question immediately popped up in my mind: “How to protect myself against angry users or organizations not happy to see potentially sensitive data disclosed?“. The website compiles interesting data like credit
In the process of extending my pastemon tool, I’ve a quick poll for you. At the moment, I’m monitoring pastebin.com (and soon another one) but what are your favorite paste sites? Please take a few seconds to answer the questions:
