Quick Forensics Analysis of Apache logs, (Fri, Mar 29th) Sometimes, you’ve to quickly investigate a webserver logs for potential malicious activity. If you'... 2024-3-29 14:31:27 | 阅读: 6 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu mal2csv formatted phpids detects php

ISC Stormcast For Friday, March 29th, 2024 https://isc.sans.edu/podcastdetail/8916, (Fri, Mar 29th) 2024-3-29 10:0:2 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers isc feeds rpi 29th

From JavaScript to AsyncRAT, (Thu, Mar 28th) It has been a while since I found an interesting piece of JavaScript. This one was pretty well ob... 2024-3-28 18:22:40 | 阅读: 18 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu payload lira remnux powershell chapter

ISC Stormcast For Thursday, March 28th, 2024 https://isc.sans.edu/podcastdetail/8914, (Thu, Mar 28th) 2024-3-28 10:0:2 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds sensor honeypot

Scans for Apache OfBiz, (Wed, Mar 27th) Today, I noticed in our "first seen URL" list, two URLs I didn't immediately recognize:/webtools... 2024-3-27 20:8:56 | 阅读: 15 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu ofbiz webtools win3zz

ISC Stormcast For Wednesday, March 27th, 2024 https://isc.sans.edu/podcastdetail/8912, (Wed, Mar 27th) 2024-3-27 10:0:2 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds papers isc duty ssh

New tool: linux-pkgs.sh, (Sun, Mar 24th) During a recent Linux forensic engagement, a colleague asked if there was anyway to tell what packa... 2024-3-26 20:48:15 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu dnf clausing github dpkg vast

ISC Stormcast For Tuesday, March 26th, 2024 https://isc.sans.edu/podcastdetail/8910, (Tue, Mar 26th) 2024-3-26 10:0:1 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers diary ssh

Apple Updates for MacOS, iOS/iPadOS and visionOS, (Mon, Mar 25th) Last week, Apple published updates for iOS and iPadOS. At that time, Apple withheld details about t... 2024-3-26 02:38:35 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security 1580 loaded dean

Tool updates: le-hex-to-ip.py and sigs.py, (Sun, Mar 24th) I am TA-ing for Taz for the new SANS FOR577 class again and I figured it was time to release some f... 2024-3-25 11:24:49 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu clausing github sigs figured mapped

ISC Stormcast For Monday, March 25th, 2024 https://isc.sans.edu/podcastdetail/8908, (Mon, Mar 25th) 2024-3-25 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc feeds papers weblogs developers

1768.py's Experimental Mode, (Sat, Mar 23rd) The reason I extracted a PE file in my last diary entry, is that I discovered it was the dropper of... 2024-3-23 17:15:52 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu cobalt 1768 memory decoders beacon

ISC Stormcast For Friday, March 22nd, 2024 https://isc.sans.edu/podcastdetail/8906, (Fri, Mar 22nd) 2024-3-22 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers johannes duty

Whois "geofeed" Data, (Thu, Mar 21st) Attributing a particular IP address to a specific location is hard and often fails miserably. There... 2024-3-22 00:5:17 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu nl geofeed eygelshoven 2a05 b0c6

ISC Stormcast For Thursday, March 21st, 2024 https://isc.sans.edu/podcastdetail/8904, (Thu, Mar 21st) 2024-3-21 10:0:2 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers feeds isc stormcast ssh

Scans for Fortinet FortiOS and the CVE-2024-21762 vulnerability, (Wed, Mar 20th) Late last week, an exploit surfaced on GitHub for CVE-2024-21762 [1]. This vulnerability affects Fo... 2024-3-20 21:5:39 | 阅读: 17 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu hostcheck remote github chunked

ISC Stormcast For Wednesday, March 20th, 2024 https://isc.sans.edu/podcastdetail/8902, (Wed, Mar 20th) 2024-3-20 10:0:2 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds 8902 rpi

Attacker Hunting Firewalls, (Tue, Mar 19th) Firewalls and other perimeter devices are a huge target these days. Ivanti, Forigate, Citrix, and o... 2024-3-19 21:29:9 | 阅读: 6 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu ransomware perimeter broker firewalls

ISC Stormcast For Tuesday, March 19th, 2024 https://isc.sans.edu/podcastdetail/8900, (Tue, Mar 19th) 2024-3-19 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds rpi

ISC Stormcast For Monday, March 18th, 2024 https://isc.sans.edu/podcastdetail/8898, (Mon, Mar 18th) 2024-3-18 10:0:2 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers duty 18th