ISC Stormcast For Wednesday, August 28th, 2024 https://isc.sans.edu/podcastdetail/9116, (Wed, Aug 28th) 2024-8-28 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security vegassep 4th papers

Vega-Lite with Kibana to Parse and Display IP Activity over Time, (Tue, Aug 27th) I have been curious for a while looking at Kibana's Vega log parsing options to try to come up with... 2024-8-28 08:34:20 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu vega dshield github kibana cowrie

Why Is Python so Popular to Infect Windows Hosts?, (Tue, Aug 27th) It has been a while since I started to track how Python is used in the Windows eco-system[1]. Almos... 2024-8-27 18:24:42 | 阅读: 0 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu python windows environ userprofile powershell

ISC Stormcast For Tuesday, August 27th, 2024 https://isc.sans.edu/podcastdetail/9114, (Tue, Aug 27th) 2024-8-27 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security 4th 9th isc vegassep

From Highly Obfuscated Batch File to XWorm and Redline, (Mon, Aug 26th) If you follow my diaries, you probably already know that one of my favorite topics around malware i... 2024-8-26 15:1:14 | 阅读: 13 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu ans remnux argtypes restype malwarezoo

ISC Stormcast For Monday, August 26th, 2024 https://isc.sans.edu/podcastdetail/9112, (Mon, Aug 26th) 2024-8-26 10:0:2 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security papers 9th feeds

Pandas Errors: What encoding are my logs in?, (Fri, Aug 23rd) While trying to process some of my honeypot data, I ran into the following error in my Python scrip... 2024-8-23 20:26:15 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu cowrie pandas username ssh dates

ISC Stormcast For Friday, August 23rd, 2024 https://isc.sans.edu/podcastdetail/9110, (Fri, Aug 23rd) 2024-8-23 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security feeds 4th isc vegassep

OpenAI Scans for Honeypots. Artificially Malicious? Action Abuse?, (Thu, Aug 22nd) For a whille now, I have seen scans that contain the pattern "%%target%%" in the URL. For example,... 2024-8-23 01:1:37 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu openai stupid wordpress threatlist anthropic

ISC Stormcast For Thursday, August 22nd, 2024 https://isc.sans.edu/podcastdetail/9108, (Thu, Aug 22nd) 2024-8-22 09:23:0 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security 4th feeds papers

ISC Stormcast For Wednesday, August 21st, 2024 https://isc.sans.edu/podcastdetail/9106, (Wed, Aug 21st) 2024-8-21 10:0:1 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security papers 4th isc

Mapping Threats with DNSTwist and the Internet Storm Center [Guest Diary], (Tue, Aug 20th) [This is a Guest Diary by Michael Tigges, an ISC intern as part of the SANS.edu BACS program]On J... 2024-8-21 08:17:41 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu malicious microdicom software isc dnstwist

Where are we with CVE-2024-38063: Microsoft IPv6 Vulnerability, (Tue, Aug 20th) I recorded a quick live stream with a quick update on CVE-2024-38063. The video focuses on determin... 2024-8-20 22:6:39 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu icmp freebsd 38063 focuses bgmfl17aqwa

ISC Stormcast For Tuesday, August 20th, 2024 https://isc.sans.edu/podcastdetail/9104, (Tue, Aug 20th) 2024-8-20 10:0:2 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security 4th papers isc feeds

Do you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python, (Mon, Aug 19th) I found a tiny .bat file that looked not suspicious at all: 3650.bat (SHA256:bca5c30a413db21f2f85d7... 2024-8-19 14:17:21 | 阅读: 16 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu python hxxps bitbucket bich89hell

ISC Stormcast For Monday, August 19th, 2024 https://isc.sans.edu/podcastdetail/9102, (Mon, Aug 19th) 2024-8-19 10:0:2 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security papers 9th vegassep

ISC Stormcast For Friday, August 16th, 2024 https://isc.sans.edu/podcastdetail/9100, (Fri, Aug 16th) 2024-8-16 10:0:2 | 阅读: 6 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security vegassep feeds 4th

[Guest Diary] 7 minutes and 4 steps to a quick win: A write-up on custom tools, (Fri, Aug 16th) [This is a Guest Diary by Justin Leibach, an ISC intern as a part of the SANS.edu BACS [1] degree p... 2024-8-16 08:8:23 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu python github jq database justin

Wireshark 4.4.0rc1's Custom Columns, (Thu, Aug 15th) In diary entry "A Wireshark Lua Dissector for Fixed Field Length Protocols", I show how to use a pr... 2024-8-15 16:27:12 | 阅读: 1 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu dissector payload lua datalength hexadecimal

ISC Stormcast For Thursday, August 15th, 2024 https://isc.sans.edu/podcastdetail/9098, (Thu, Aug 15th) 2024-8-15 10:0:2 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security isc 9th vegassep