Eskenzi PR Eskenzi PR
  • About Us
Monday, 19 April, 2021
IT Security Guru
Eskenzi PR
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

‘Twas the night before InfoSec

A festive cybersecurity poem

by Joel
December 24, 2020
in Featured, Guru's Picks, Media
Holiday phishing scam surge aimed at small business
Share on FacebookShare on Twitter
‘Twas the night before Christmas, and fresh off the LAN

The packets were coming fast out of the span. 

My wireshark was up with my templates in place, 

In hopes that I’d find an IP I could trace. 

The smart home was snug in its /28

With a meager allow-list, and a lock on the gate.

With a few hours to setup and wrap this year’s catches

I’d been charging them up, and applying their patches,

When down in the VLAN there’d been such a spike 

I’d opened the logs to see what it looked like.


Away to the dashboard I stumbled and flew; 

Most days I’m on Red, but tonight, I was Blue. 

The DST in the headers was a weird bogon range. 

“Two oh three... zero? You can’t route there... how strange.” 

When what, to my wondering eyes, should come back 

But a TCP handshake -- not a RST, but an ACK! 


A cool sweaty IR-like calm to me came, 

As the nightmares and malwares, I ruled out by name:

“The SPIDERs and PANDAs don’t care about me,

It’s not running Windows, so it’s not IcedID… 

Not Trickbot, not Ryuk, not Buer or Clop, 

Not Scarab or Locky, no second-stage drop.”


A session had opened on port 443, 

And a download began - not one started by me. 

I looked back to ensure that the capture was on,

And stood by to cut comms once the vandal was gone.

But the session closed up just as fast as it came

And the download just sat there - “GIFT.BIN” was its name.

I’d retrieved a live sample! And without any warning, 

Had got something fun to unwrap Christmas morning. 

I checked on the rulesets, configs, and permissions,

And rebooted each box for the sake of tradition.

I waited for more but there wasn’t a peep,

So I finished my wrapping and popped off to sleep. 


And after the coffee and presents and nog,

The matching pajamas, the pickle, the grog, 

Video calls with our family and friends,  

Things had settled, so I went to tie up the loose ends.

I ran strings right away and my jaw opened wide,

For there, unencrypted, a message I spied: 

“2020’s been awful, with so much that you’ve missed

Just to keep others healthy - so you made the Good List! 

And like all of your friends, I have had to stay distant,

But your record’s been stellar, so the elves were insistent.

You already have surplus gadgets that light up

So I got you this PoC, and a CVE writeup.

The binary is an iPhone zero-day,

And I’ve left enough out that you’ll have room to play.

And once you’ve dissected and filled in the blanks,

And disclosed it responsibly, you can cash in my thanks! 

Thanks for staying inside this year, hunkering down,

Thanks for wearing your mask, though you felt like a clown,

Thanks for not hoarding groceries, and for learning to cook,

Or for trying a language, or reading a book.

And following rules from your state and your county.

Now warm up your debugger, and cash in that bounty!”


This poem was written by J.R Parsons for AT&T Cybersecurity. You can read more of their blogs here 
5 1 vote
Article Rating
FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Millions stolen from online bank accounts following large-scale fraud operation

Next Post

Customers’ call records access in T-Mobile breach

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne

AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne

April 19, 2021
Dominos pizza

Domino’s India suffers data breach

April 19, 2021
whatsapp icon

Vulnerabilities found in older version of WhatsApp

April 19, 2021
Data Breach Cyber attack code

University of Hertfordshire suffers system outage due to cyberattack 

April 15, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept