This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, March 6th, 2024…
Category: SANS Internet Storm Center, InfoCON: green
Apple Releases iOS/iPadOS Updates with Zero Day Fixes., (Tue, Mar 5th)
Apple today released iOS 17.4 as well as iOS 16.7.6 (and the respective iPadOS versions). These updates fix a total of four vulnerabilities. Two of the vulnerabilities are already being exploited. CVE-2024-23225 is a privilege escalation issue and only affects…
Why Your Firewall Will Kill You, (Tue, Mar 5th)
The last few years have been great for attackers exploiting basic web application vulnerabilities. Usually, home and small business products from companies like Linksys, D-Link, and Ubiquity are known to be favorite targets. But over the last couple of years,…
ISC Stormcast For Tuesday, March 5th, 2024 https://isc.sans.edu/podcastdetail/8880, (Tue, Mar 5th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, March 5th, 2024…
ISC Stormcast For Monday, March 4th, 2024 https://isc.sans.edu/podcastdetail/8878, (Mon, Mar 4th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, March 4th, 2024…
Capturing DShield Packets with a LAN Tap [Guest Diary], (Sun, Mar 3rd)
[This is a Guest Diary by Christopher Von Reybyton, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Capturing DShield Packets with a…
ISC Stormcast For Friday, March 1st, 2024 https://isc.sans.edu/podcastdetail/8876, (Fri, Mar 1st)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, March 1st, 2024…
Scanning for Confluence CVE-2022-26134, (Fri, Mar 1st)
I have added daemonlogger [1] for packet capture and Arkime [2] to visualize the packets captured by my DShield sensor and started noticing this activity that so far only gone to TCP/8090 which is URL and base64 encoded. The DShield…
[Guest Diary] Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service., (Thu, Feb 29th)
[This is a Guest Diary by John Moutos, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program [1]. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article:…
ISC Stormcast For Thursday, February 29th, 2024 https://isc.sans.edu/podcastdetail/8874, (Thu, Feb 29th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, February 29th, 2024…
Exploit Attempts for Unknown Password Reset Vulnerability, (Wed, Feb 28th)
My Google skills let me down this morning, attempting to figure out which vulnerability is exactly being exploited by these “forgotuserpassword.action” scans. Maybe someone else can help me out here. Based on the scans, I do not believe this is…
ISC Stormcast For Wednesday, February 28th, 2024 https://isc.sans.edu/podcastdetail/8872, (Wed, Feb 28th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, February 28th, 2024…
Take Downs and the Rest of Us: Do they matter?, (Tue, Feb 27th)
Last week, the US Department of Justice published a press release entitled “Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation's Main Intelligence Directorate of the General Staff (GRU)” [1]. The disruption targeted a botnet built using…
Takes Downs and the Rest of Us: Do they matter?, (Tue, Feb 27th)
Last week, the US Department of Justice published a press release entitled “Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation's Main Intelligence Directorate of the General Staff (GRU)” [1]. The disruption targeted a botnet built using…
ISC Stormcast For Tuesday, February 27th, 2024 https://isc.sans.edu/podcastdetail/8870, (Tue, Feb 27th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, February 27th, 2024…
Update: MGLNDD_* Scans, (Sat, Feb 24th)
Almost 2 years ago, a reader asked us about TCP connections they observed. The data of these TCP connections starts with “MGLNDD_”: “MGLNDD_* Scans”. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article:…
Utilizing the VirusTotal API to Query Files Uploaded to DShield Honeypot [Guest Diary], (Sun, Feb 25th)
[This is a Guest Diary by Keegan Hamlin, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Utilizing the VirusTotal API to Query…
ISC Stormcast For Monday, February 26th, 2024 https://isc.sans.edu/podcastdetail/8868, (Mon, Feb 26th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, February 26th, 2024…