Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC Internet Storm Center

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

ISC StormCast for Tuesday, October 6th 2015

Cyber Security Awareness Month: Protecting Your Network From "Dave"

Published: 2015-10-05
Last Updated: 2015-10-05 15:14:09 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

This cartoon by John Klossner really hit a nerve with many security professionals. It nicely illustrates how many of us see the futility of our jobs: We can buy all the greatest and latest equipment, but in the end, we are up against users clicking on links and installing software that they shouldn't. Cisco recently published a statistic that 40% of all users who hit one of the recent exploit kits landing pages are getting infected by one of the exploits delivered by the exploit kit. Brad keeps telling us about the various methods how to spot exploit kits, and how they evolve over time. In the end, any user we can keep away from an exploit kit page is a "win".

This October, like in years past, we "celebrate" cyber security awareness month. The idea is to use this month for some special security awareness activities. In the past, we used a specific theme for our diaries in October. This month, we will have a couple specific diaries about tips and tricks in awareness training. If you want to share any tips, please let us know.

Here are a couple of resources:

SANS Securing the Human: (in particular the "Ouch" newsletter)
SANS "Tip of the Day":
Past CSAM Diaries:

Phishing Tests:

Information about Cyber Security Awareness Month (and links to more resources):

And if you need more inspiration for your own campaign, here are more of John's security related cartoons:

Johannes B. Ullrich, Ph.D.

1 comment(s)
ISC StormCast for Monday, October 5th 2015

If you have more information or corrections regarding our diary, please share.

Recent Diaries

BizCN gate actor update
3 days ago by Brad Duncan (1 comment)

Recent trends in Nuclear Exploit Kit activity
5 days ago by Brad Duncan (0 comments)

Mistakenly-deployed test patch leads to suspicious Windows update
5 days ago by Brad Duncan (0 comments)

Tricks for DLL analysis
6 days ago by Pedro (2 comments)

View All Diaries →

Latest Discussions

Software to scan Cisco Network Devices
created 3 days ago by Anonymous (1 reply)

unicode test
created 5 days ago by Johannes (0 replies)

Good network security platform?
created 5 days ago by Anonymous (0 replies)

Cybersecurity Canon: a list of must-read books
created 1 week ago by Xme (1 reply)

Scammer Emails and Instant Domain Whois record Disappearance
created 2 weeks ago by Anonymous (1 reply)

View All Forums →

Latest News

View All News →