ISC Stormcast For Wednesday, April 3rd, 2024 https://isc.sans.edu/podcastdetail/8922, (Wed, Apr 3rd) 2024-4-3 10:0:2 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc feeds papers dshield diary

ISC Stormcast For Tuesday, April 2nd, 2024 https://isc.sans.edu/podcastdetail/8920, (Tue, Apr 2nd) 2024-4-2 10:0:2 | 阅读: 0 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers stormcast

The amazingly scary xz sshd backdoor, (Mon, Apr 1st) Unless you took the whole weekend off, you must have seen by now that Andres Freund published an am... 2024-4-1 23:25:33 | 阅读: 6 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu radix endbr64 diary openwall fascinating

The xz-utils backdoor in security advisories by national CSIRTs, (Mon, Apr 1st) Errata: It turns out I have missed two advisories when going through the CSIRT sites the first time... 2024-4-1 21:7:30 | 阅读: 1 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu csirt security csirts ncsc

ISC Stormcast For Monday, April 1st, 2024 https://isc.sans.edu/podcastdetail/8918, (Mon, Apr 1st) 2024-4-1 10:0:2 | 阅读: 0 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers feeds isc mastodon

Checking CSV Files, (Sun, Mar 31st) Like Xavier (diary entry "Quick Forensics Analysis of Apache logs"), I too often have to analyze cl... 2024-4-1 01:41:9 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu diary xavier redact stevens analysis

Wireshark 4.2.4 Released, (Sun, Mar 31st) Published: 2024-03-31Last Updated: 2024-03-31 17:12:57 UTCby Didier Stevens (Version: 1)Wiresha... 2024-4-1 01:12:57 | 阅读: 2 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu didier stevens 2955 cves rejected

Quick Forensics Analysis of Apache logs, (Fri, Mar 29th) Sometimes, you’ve to quickly investigate a webserver logs for potential malicious activity. If you'... 2024-3-29 14:31:27 | 阅读: 6 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu mal2csv formatted phpids detects php

ISC Stormcast For Friday, March 29th, 2024 https://isc.sans.edu/podcastdetail/8916, (Fri, Mar 29th) 2024-3-29 10:0:2 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers isc feeds rpi 29th

From JavaScript to AsyncRAT, (Thu, Mar 28th) It has been a while since I found an interesting piece of JavaScript. This one was pretty well ob... 2024-3-28 18:22:40 | 阅读: 18 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu payload lira remnux powershell chapter

ISC Stormcast For Thursday, March 28th, 2024 https://isc.sans.edu/podcastdetail/8914, (Thu, Mar 28th) 2024-3-28 10:0:2 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds sensor honeypot

Scans for Apache OfBiz, (Wed, Mar 27th) Today, I noticed in our "first seen URL" list, two URLs I didn't immediately recognize:/webtools... 2024-3-27 20:8:56 | 阅读: 15 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu ofbiz webtools win3zz

ISC Stormcast For Wednesday, March 27th, 2024 https://isc.sans.edu/podcastdetail/8912, (Wed, Mar 27th) 2024-3-27 10:0:2 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds papers isc duty ssh

New tool: linux-pkgs.sh, (Sun, Mar 24th) During a recent Linux forensic engagement, a colleague asked if there was anyway to tell what packa... 2024-3-26 20:48:15 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu dnf clausing github dpkg vast

ISC Stormcast For Tuesday, March 26th, 2024 https://isc.sans.edu/podcastdetail/8910, (Tue, Mar 26th) 2024-3-26 10:0:1 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers diary ssh

Apple Updates for MacOS, iOS/iPadOS and visionOS, (Mon, Mar 25th) Last week, Apple published updates for iOS and iPadOS. At that time, Apple withheld details about t... 2024-3-26 02:38:35 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security 1580 loaded dean

Tool updates: le-hex-to-ip.py and sigs.py, (Sun, Mar 24th) I am TA-ing for Taz for the new SANS FOR577 class again and I figured it was time to release some f... 2024-3-25 11:24:49 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu clausing github sigs figured mapped

ISC Stormcast For Monday, March 25th, 2024 https://isc.sans.edu/podcastdetail/8908, (Mon, Mar 25th) 2024-3-25 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc feeds papers weblogs developers

1768.py's Experimental Mode, (Sat, Mar 23rd) The reason I extracted a PE file in my last diary entry, is that I discovered it was the dropper of... 2024-3-23 17:15:52 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu cobalt 1768 memory decoders beacon

ISC Stormcast For Friday, March 22nd, 2024 https://isc.sans.edu/podcastdetail/8906, (Fri, Mar 22nd) 2024-3-22 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers johannes duty