Tag: SANS Internet Storm Center, InfoCON: green

Just like “Protected OOXML Spreadsheets”, Word documents can also be protected: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Protected OOXML Text Documents, (Mon, Sep 2nd)

Read more →

Display filters are used to define expressions that decide which packets get displayed, and which not in Wireshark's packet list. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Wireshark 4.4: Converting Display…

Read more →

This is the first 4.4 release. Many new features have been added, details are here. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Wireshark 4.4.0 is now available, (Sat, Aug 31st)

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, August 30th, 2024…

Read more →

It can be helpful to simulate different kinds of system activity. I had an instance where I wanted to generate logs to test a log forwarding agent. This agent was processing DNS logs. There are a variety of ways that…

Read more →

In my previous diary[1], I explained why Python became popular for attackers. One of the given reason was that, from Python scripts, it&#x27s possible to call any Windows API and, therefore, perform low-level activities on the system. In another script,…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, August 29th, 2024…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, August 28th, 2024…

Read more →

I have been curious for a while looking at Kibana's Vega log parsing options to try to come up with displays and layout that aren't standard in Kibana. A lot of the potential layouts already exists in Kibana but some…

Read more →

It has been a while since I started to track how Python is used in the Windows eco-system[1]. Almost every day I find new pieces of malicious Python scripts. The programming language itself is not malicious. There are plenty of…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, August 27th, 2024…

Read more →

If you follow my diaries, you probably already know that one of my favorite topics around malware is obfuscation. I'm often impressed by the crazy techniques attackers use to make reverse engineers' lives more difficult. Last week, I spotted a…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, August 26th, 2024…

Read more →

While trying to process some of my honeypot data, I ran into the following error in my Python script: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Pandas Errors: What encoding are…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, August 23rd, 2024…

Read more →

For a whille now, I have seen scans that contain the pattern “%%target%%” in the URL. For example, today this particular URL is popular: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article:…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, August 22nd, 2024…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, August 21st, 2024…

Read more →

[This is a Guest Diary by Michael Tigges, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Mapping Threats with DNSTwist and the…

Read more →

I recorded a quick live stream with a quick update on CVE-2024-38063. The video focuses on determining the exploitability, particularly whether your systems are reachable by IPv6. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read…

Read more →