ISC Stormcast For Thursday, January 4th, 2024 https://isc.sans.edu/podcastdetail/8796, (Thu, Jan 4th) 2024-1-4 10:0:2 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers isc feeds duty honeypot

Interesting large and small malspam attachments from 2023, (Wed, Jan 3rd) At the end of a year, or at the beginning of a new one, I like to go over all malicious attachments... 2024-1-3 21:17:51 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu vbe malicious chrw malspam smallest

ISC Stormcast For Wednesday, January 3rd, 2024 https://isc.sans.edu/podcastdetail/8794, (Wed, Jan 3rd) 2024-1-3 10:0:2 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds duty bluesky

Fingerprinting SSH Identification Strings, (Tue, Jan 2nd) For HTTP, logging and fingerprinting browser user agents is standard practice. Many anti-automation... 2024-1-3 02:29:10 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu ssh openssh putty paramiko

ISC Stormcast For Tuesday, January 2nd, 2024 https://isc.sans.edu/podcastdetail/8792, (Tue, Jan 2nd) 2024-1-2 10:0:1 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers diary webb

Pi-Hole Pi4 Docker Deployment, (Sun, Dec 31st) During the holiday season, I've tried many different self-hosting solutions. But one of the most ba... 2024-1-1 04:58:25 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu hole backup dhcp dockers tk

Unveiling the Mirai: Insights into Recent DShield Honeypot Activity [Guest Diary], (Wed, Dec 27th) [This is a Guest Diary by Elias Bou Zeid, an ISC intern as part of the SANS.edu BACS program]Intr... 2023-12-28 09:3:42 | 阅读: 13 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security threats analysis network

Python Keylogger Using Mailtrap.io, (Sat, Dec 23rd) I found another Python keylogger... This is pretty common because Python has plenty of modules to i... 2023-12-23 15:7:7 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu mailtrap receiver malicious 2525

Shall We Play a Game?, (Fri, Dec 22nd) Our youngest readers won’t probably not get the point with this quote, it’s from the 1983 movie “Wa... 2023-12-22 14:5:22 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu python roaming leveldb avatar

ISC Stormcast For Friday, December 22nd, 2023 https://isc.sans.edu/podcastdetail/8790, (Fri, Dec 22nd) 2023-12-22 10:0:1 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds papers isc xavier ssh

How to Protect your Webserver from Directory Enumeration Attack ? Apache2 [Guest Diary], (Wed, Dec 20th) [This is a Guest Diary by David Thomson, an ISC intern as part of the SANS.edu BACS program]This... 2023-12-21 10:44:10 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu modsecurity robots download honeypot appending

ISC Stormcast For Thursday, December 21st, 2023 https://isc.sans.edu/podcastdetail/8788, (Thu, Dec 21st) 2023-12-21 10:0:2 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc feeds papers guy

Increase in Exploit Attempts for Atlassian Confluence Server (CVE-2023-22518), (Wed, Dec 20th) Today, exploit attempts for CVE-2023-22518 cross the "significant" threshold for our "First Seen UR... 2023-12-20 23:31:5 | 阅读: 25 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu attacker bypass walnut 22518 dean

ISC Stormcast For Wednesday, December 20th, 2023 https://isc.sans.edu/podcastdetail/8786, (Wed, Dec 20th) ISC Stormcast For Wednesday, December 20th, 2023 https://isc.sans.edu/podcastdetail/8786... 2023-12-20 10:0:2 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc 20th 8786 stormcast

What are they looking for? Scans for OpenID Connect Configuration, (Tue, Dec 19th) One of our honeypots received unusually many requests for an OpenID connect configuration file. Thi... 2023-12-19 21:7:1 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu openid honeypots honeypot network facilitate

ISC Stormcast For Tuesday, December 19th, 2023 https://isc.sans.edu/podcastdetail/8784, (Tue, Dec 19th) 2023-12-19 10:0:2 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds papers isc developers

ISC Stormcast For Monday, December 18th, 2023 https://isc.sans.edu/podcastdetail/8782, (Mon, Dec 18th) 2023-12-18 10:0:2 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers diary 8782

An Example of RocketMQ Exploit Scanner, (Sat, Dec 16th) A few months ago, RocketMQ[1], a real-time message queue platform, suffered of a nasty vulnerabilit... 2023-12-16 14:31:5 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu masscan lpath rocketmq pwd zzzzmodule

CSharp Payload Phoning to a CobaltStrike Server, (Fri, Dec 15th) I found an interesting CSharp source code on VT a few days ago. Its score is only 3/59 (SHA256:5aeb... 2023-12-15 17:8:24 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu hf dllimport payload

ISC Stormcast For Friday, December 15th, 2023 https://isc.sans.edu/podcastdetail/8780, (Fri, Dec 15th) 2023-12-15 10:0:2 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds diaries sensor