ISC Stormcast For Monday, July 28th, 2025 https://isc.sans.edu/podcastdetail/9544, (Mon, Jul 28th) read file error: read notes: is a directory... 2025-7-28 02:0:2 | 阅读: 13 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security isc papers feeds vegassep

Sinkholing Suspicious Scripts or Executables on Linux, (Fri, Jul 25th) 文章介绍如何利用Linux的网络命名空间和虚拟以太网接口创建隔离环境分析可疑代码的方法。通过配置默认路由和使用tcpdump捕获流量实现网络隔离。此方法有效但仅限于网络流量隔离。... 2025-7-25 04:54:48 | 阅读: 23 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu remnux network veth1 veth0 forever

ISC Stormcast For Friday, July 25th, 2025 https://isc.sans.edu/podcastdetail/9542, (Fri, Jul 25th) ISC Stormcast 播客讨论网络威胁与安全趋势，值班员Xavier Mertens报告威胁等级为绿色。节目还介绍了即将举办的“应用安全：保护Web应用、API和微服务”课程，并提供导航链接及网站功能说明。... 2025-7-25 02:0:2 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security vegassep 27th 22nd papers

New Tool: ficheck.py, (Thu, Jul 24th) 作者介绍了自己长期使用文件完整性监控工具（FIM）的经验，并分享了自己开发的Python工具ficheck.py。该工具用于监控文件创建、删除及属性变化，并支持邮件通知。作者提供了安装脚本和配置示例，并强调其高效性和灵活性。... 2025-7-24 03:7:53 | 阅读: 18 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu github clausing fcheck perl ficheck

ISC Stormcast For Thursday, July 24th, 2025 https://isc.sans.edu/podcastdetail/9540, (Thu, Jul 24th) read file error: read notes: is a directory... 2025-7-24 02:0:2 | 阅读: 16 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security isc feeds papers

Analyzing Sharepoint Exploits (CVE-2025-53770, CVE-2025-53771), (Wed, Jul 23rd) read file error: read notes: is a directory... 2025-7-23 19:36:36 | 阅读: 29 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu payload cg xmlschema xsi xsd

ISC Stormcast For Wednesday, July 23rd, 2025 https://isc.sans.edu/podcastdetail/9538, (Wed, Jul 23rd) read file error: read notes: is a directory... 2025-7-23 02:0:2 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers vegassep security isc

WinRAR MoTW Propagation Privacy, (Tue, Jul 22nd) 自WinRAR 7.10起，提取文件时不再完整保留Mark-of-the-Web信息中的ReferredUrl和HostUrl字段，仅保留ZoneId字段以保护隐私，默认情况下该功能启用但可关闭。... 2025-7-22 04:5:56 | 阅读: 22 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu winrar referredurl propagated zoneid

Wireshark 4.4.8 Released, (Tue, Jul 22nd) Wireshark发布4.4.8版本，修复了9个已知问题。... 2025-7-22 04:5:15 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu didier stevens senior

ISC Stormcast For Tuesday, July 22nd, 2025 https://isc.sans.edu/podcastdetail/9536, (Tue, Jul 22nd) ISC Stormcast播客讨论网络安全威胁与防护，由Didier Stevens主持，当前威胁级别为绿色。... 2025-7-22 02:0:3 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 22nd isc 27th security papers

How quickly do we patch? A quick look from the global viewpoint, (Mon, Jul 21st) 文章分析了针对SharePoint服务器的“ToolShell”攻击活动，并通过Shodan数据研究CISA已知被利用漏洞的修复情况。结果显示多数漏洞修复缓慢且不完全，部分系统因支持结束而下线。整体来看，互联网暴露系统的漏洞修复速度仍不理想。... 2025-7-21 11:3:12 | 阅读: 19 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu microsoft exchange exploited decrease

ISC Stormcast For Monday, July 21st, 2025 https://isc.sans.edu/podcastdetail/9534, (Mon, Jul 21st) read file error: read notes: is a directory... 2025-7-21 02:0:3 | 阅读: 13 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security vegassep isc feeds

Critical Sharepoint 0-Day Vulnerablity Exploited CVE-2025-53770 (ToolShell), (Sun, Jul 20th) read file error: read notes: is a directory... 2025-7-20 17:32:7 | 阅读: 37 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu microsoft defender security originated remote

Veeam Phishing via Wav File, (Fri, Jul 18th) 一篇关于网络钓鱼的文章描述了一次看似来自Veeam Software的语音信箱通知邮件，附件包含一个WAV文件，内容涉及过期的备份许可证。尽管接收者与Veeam无关，该邮件仍可能构成非定向钓鱼攻击。... 2025-7-18 07:39:5 | 阅读: 21 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu veeam wav rootshell voicemsg software

ISC Stormcast For Friday, July 18th, 2025 https://isc.sans.edu/podcastdetail/9532, (Fri, Jul 18th) read file error: read notes: is a directory... 2025-7-18 02:0:2 | 阅读: 25 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers isc 27th 22nd

Hiding Payloads in Linux Extended File Attributes, (Thu, Jul 17th) 作者在SANSFIRE培训中学习了Linux文件系统中的扩展文件属性（xattr），并展示了如何利用该特性隐藏恶意代码（如反向shell），通过分割、加密和编码实现隐蔽存储，并提供检测方法。... 2025-7-17 06:54:56 | 阅读: 15 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu payload xattr remnux fileno dup2

ISC Stormcast For Thursday, July 17th, 2025 https://isc.sans.edu/podcastdetail/9530, (Thu, Jul 17th) read file error: read notes: is a directory... 2025-7-17 02:40:13 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc feeds 27th vegassep

More Free File Sharing Services Abuse, (Wed, Jul 16th) read file error: read notes: is a directory... 2025-7-16 13:0:28 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu catbox moe hxxps windows terminators

ISC Stormcast For Wednesday, July 16th, 2025 https://isc.sans.edu/podcastdetail/9528, (Wed, Jul 16th) read file error: read notes: is a directory... 2025-7-16 02:0:2 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu vegassep 22nd isc security

Keylogger Data Stored in an ADS, (Tue, Jul 15th) read file error: read notes: is a directory... 2025-7-15 07:32:44 | 阅读: 19 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu microsoft rem powershell