Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 1 October, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

‘Twas the night before InfoSec

A festive cybersecurity poem

by Joel
December 24, 2020
in Featured, Guru's Picks, Media
Holiday phishing scam surge aimed at small business
Share on FacebookShare on Twitter
‘Twas the night before Christmas, and fresh off the LAN

The packets were coming fast out of the span. 

My wireshark was up with my templates in place, 

In hopes that I’d find an IP I could trace. 

The smart home was snug in its /28

With a meager allow-list, and a lock on the gate.

With a few hours to setup and wrap this year’s catches

I’d been charging them up, and applying their patches,

When down in the VLAN there’d been such a spike 

I’d opened the logs to see what it looked like.


Away to the dashboard I stumbled and flew; 

Most days I’m on Red, but tonight, I was Blue. 

The DST in the headers was a weird bogon range. 

“Two oh three... zero? You can’t route there... how strange.” 

When what, to my wondering eyes, should come back 

But a TCP handshake -- not a RST, but an ACK! 


A cool sweaty IR-like calm to me came, 

As the nightmares and malwares, I ruled out by name:

“The SPIDERs and PANDAs don’t care about me,

It’s not running Windows, so it’s not IcedID… 

Not Trickbot, not Ryuk, not Buer or Clop, 

Not Scarab or Locky, no second-stage drop.”


A session had opened on port 443, 

And a download began - not one started by me. 

I looked back to ensure that the capture was on,

And stood by to cut comms once the vandal was gone.

But the session closed up just as fast as it came

And the download just sat there - “GIFT.BIN” was its name.

I’d retrieved a live sample! And without any warning, 

Had got something fun to unwrap Christmas morning. 

I checked on the rulesets, configs, and permissions,

And rebooted each box for the sake of tradition.

I waited for more but there wasn’t a peep,

So I finished my wrapping and popped off to sleep. 


And after the coffee and presents and nog,

The matching pajamas, the pickle, the grog, 

Video calls with our family and friends,  

Things had settled, so I went to tie up the loose ends.

I ran strings right away and my jaw opened wide,

For there, unencrypted, a message I spied: 

“2020’s been awful, with so much that you’ve missed

Just to keep others healthy - so you made the Good List! 

And like all of your friends, I have had to stay distant,

But your record’s been stellar, so the elves were insistent.

You already have surplus gadgets that light up

So I got you this PoC, and a CVE writeup.

The binary is an iPhone zero-day,

And I’ve left enough out that you’ll have room to play.

And once you’ve dissected and filled in the blanks,

And disclosed it responsibly, you can cash in my thanks! 

Thanks for staying inside this year, hunkering down,

Thanks for wearing your mask, though you felt like a clown,

Thanks for not hoarding groceries, and for learning to cook,

Or for trying a language, or reading a book.

And following rules from your state and your county.

Now warm up your debugger, and cash in that bounty!”


This poem was written by J.R Parsons for AT&T Cybersecurity. You can read more of their blogs here 
FacebookTweetLinkedIn
ShareTweet
Previous Post

Millions stolen from online bank accounts following large-scale fraud operation

Next Post

Customers’ call records access in T-Mobile breach

Recent News

Guide to ransomware and how to detect it

Guide to ransomware and how to detect it

September 28, 2023
software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information