Tag: SANS Internet Storm Center, InfoCON: green

Over the last 9 months or so, I've been putting together some docker containers that I find useful in my day-to-day malware analysis and forensicating. I have been putting them up on hub.docker.com and decided, I might as well let…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, October 2nd, 2024…

Read more →

For a few years now, October has been “National Cyber Security Awareness Month”. This year, it is a good opportunity for a refresher on some scams that tend to happen around disasters like Hurricane Helene. The bigger the disaster, the…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, October 1st, 2024…

Read more →

One of the problems I've had since I originally wrote mac-robber.py [1][2][3] seven years ago is that because of the underlying os.stat python library we couldn't get file creation times (B-times). Since the release of GNU coreutils 8.32 (or so),…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, September 30th, 2024…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, September 27th, 2024…

Read more →

These last two days, a lot has been talked about a “Doomsday 9.9 RCE bug'” in Linux [1]. We now have some additional details from Simone Margaritelli, who discovered and reported the vulnerabilities. This article has been indexed from SANS…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, September 26th, 2024…

Read more →

[This is a Guest Diary by Thomas Spangler, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: OSINT – Image Analysis or More…

Read more →

Occasionally, I tend to check in on what reflective DNS denial of service attacks are doing. We usually see steady levels of attacks. Usually, they attempt to use spoofed requests for ANY records to achieve the highest possible amplification. Currently,…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, September 25th, 2024…

Read more →

Late in July, a researcher using the alias “NETSECFISH” published a blog post revealing a vulnerability in RASIECOM gateway devices [1]. The vulnerability affects the “vpn/list_base_Config.php” endpoint and allows for unauthenticated remote code execution. According to Shodan, about 25,000 vulnerable…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, September 24th, 2024…

Read more →

While going over a batch of phishing e-mails that were delivered to us here at the Internet Storm Center during the first half of September, I noticed one message which was somewhat unusual. Not because it was untypically sophisticated or…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, September 23rd, 2024…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, September 20th, 2024…

Read more →

Our reader “RoseSecurity” forwarded received the following malicious email: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Fake GitHub Site Targeting Developers, (Thu, Sep 19th)

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, September 19th, 2024…

Read more →

Since posting a diary about Vega-Lite [1], I have “played” with other queries that might be interesting and the first one that I wanted to explore since the DShield SIEM [2] capture and parse the iptables logs and store the…

Read more →