Adding some Automation to the favicon.ico method of Host Recon, (Mon, Jun 29th) I'm in the throes of target host recon for another pentest, and thought I'd share some workflow / a... 2026-6-29 12:0:54 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu hostnames favicon jq nmap fav

ISC Stormcast For Monday, June 29th, 2026 https://isc.sans.edu/podcastdetail/9986, (Mon, Jun 29th) 2026-6-29 02:0:2 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc 2026 feeds teaching papers

YARA-X 1.18.0 and 1.19.0 Release, (Sun, Jun 28th) Published: 2026-06-28. Last Updated: 2026-06-28 07:56:44 UTCby Didier Stevens (Version: 1)YARA-X... 2026-6-28 07:56:44 | 阅读: 18 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 2026 didier stevens brings bugfixes

What do Ports Hear When Nobody's Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th) [This is a Guest Diary by Nicole Phillips, an ISC intern as part of the SANS.edu BACS program]"I... 2026-6-25 00:39:8 | 阅读: 19 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu hits payload staging kaizen terrabot

Linux Process Name Masquerading, (Wed, Jun 24th) In a previous diary, I talked about stack strings[1] with a practical example of them. Since my SEC... 2026-6-24 06:29:3 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu remnux kworker cmdline comm masquerade

ISC Stormcast For Wednesday, June 24th, 2026 https://isc.sans.edu/podcastdetail/9984, (Wed, Jun 24th) 2026-6-24 02:0:3 | 阅读: 16 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds 2026 papers isc johannes

CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd) In August 2024 SonicWall published advisory SNWLID-2024-0015 for CVE-2024-40766. It is an imprope... 2026-6-23 03:2:34 | 阅读: 22 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu sslvpn firmware attacker firewalls

ISC Stormcast For Tuesday, June 23rd, 2026 https://isc.sans.edu/podcastdetail/9982, (Tue, Jun 23rd) 2026-6-23 02:0:3 | 阅读: 16 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 2026 teaching isc papers feeds

Webshells Remain Popular, (Mon, Jun 22nd) Webshells have been popular for a long time. We already covered this topic across multiple diaries[... 2026-6-22 14:10:27 | 阅读: 15 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu gsocket github webshells isc

ISC Stormcast For Monday, June 22nd, 2026 https://isc.sans.edu/podcastdetail/9980, (Mon, Jun 22nd) 2026-6-22 02:0:2 | 阅读: 21 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu johannes teaching feeds papers 2026

eBanking Phishing Delivered Through IPv4-Mapped IPv6 Address, (Fri, Jun 19th) I detected an interesting phishing email this morning. It targets a major Belgian bank:The phis... 2026-6-19 08:37:34 | 阅读: 25 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 74be 5511 ffff phishing attacker

ISC Stormcast For Thursday, June 18th, 2026 https://isc.sans.edu/podcastdetail/9978, (Thu, Jun 18th) 2026-6-18 02:0:2 | 阅读: 22 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu johannes isc teaching thursday diary

The Behavior of Coordinated SSH Brute Force Attacks over the last three months [Guest Diary], (Wed, Jun 17th) [This is a Guest Diary by Adam Nason, an ISC intern as part of the SANS.edu BACS program]Brute fo... 2026-6-18 01:49:29 | 阅读: 35 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 2026 ssh iran honeypot security

The browser blind spot: Why your security tool may not be blocking what you think it is [Guest Diary], (Wed, Jun 17th) [This is a guest diary submitted by Varun Murdula]SUMMARYCASB block policies rely on inspecting... 2026-6-17 16:1:33 | 阅读: 23 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu casb security chrome inspection proxy

ISC Stormcast For Wednesday, June 17th, 2026 https://isc.sans.edu/podcastdetail/9976, (Wed, Jun 17th) 2026-6-17 02:0:4 | 阅读: 16 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds teaching papers 2026 isc

From a VHDX File to a Remcos RAT, (Tue, Jun 16th) Yesterday, a reader reported to us a malicious ZIP archive (SHA256: a0104921a2d37ab87482ac9a9f5c371... 2026-6-16 07:9:13 | 阅读: 24 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu powershell otidiform stage payload

ISC Stormcast For Tuesday, June 16th, 2026 https://isc.sans.edu/podcastdetail/9974, (Tue, Jun 16th) 2026-6-16 02:0:2 | 阅读: 29 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 2026 feeds isc teaching johannes

Evil MSI Background: BASE64 Statistical Analysis, (Mon, Jun 15th) I like it when a fellow handler posts a diary entry about images with malicious content. Last one i... 2026-6-15 07:16:0 | 阅读: 31 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu base64dump longest letter reversed encodings

ISC Stormcast For Monday, June 15th, 2026 https://isc.sans.edu/podcastdetail/9972, (Mon, Jun 15th) 2026-6-15 02:0:2 | 阅读: 25 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu johannes teaching isc diary 15th

ISC Stormcast For Friday, June 12th, 2026 https://isc.sans.edu/podcastdetail/9970, (Fri, Jun 12th) 2026-6-12 12:30:10 | 阅读: 30 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc teaching johannes 9970 kopriva