ISC Stormcast For Thursday, May 30th, 2024 https://isc.sans.edu/podcastdetail/9002, (Thu, May 30th) 2024-5-30 10:0:2 | 阅读: 0 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers ssh

ISC Stormcast For Wednesday, May 29th, 2024 https://isc.sans.edu/podcastdetail/9000, (Wed, May 29th) 2024-5-29 10:0:2 | 阅读: 1 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers developers ssh

Is that It? Finding the Unknown: Correlations Between Honeypot Logs & PCAPs [Guest Diary], (Tue, May 28th) [This is a Guest Diary by Joshua Jobe, an ISC intern as part of the SANS.edu BACS program]Introdu... 2024-5-29 08:46:39 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu sensor sensors observation dshield pcaps

ISC Stormcast For Tuesday, May 28th, 2024 https://isc.sans.edu/podcastdetail/8998, (Tue, May 28th) 2024-5-28 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds diaries honeypot

Files with TXZ extension used as malspam attachments, (Mon, May 27th) Malicious e-mail attachments come in all shapes and sizes. In general, however, threat actors usual... 2024-5-27 14:38:59 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu txz malicious caught malspam traps

YARA 4.5.1 Release, (Sun, May 26th) YARA 4.5.0 was released with a small change to the regex syntax (allowing more whitespace) and many... 2024-5-26 19:59:10 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu mature considers dead aspects

csvkit, (Sat, May 25th) Published: 2024-05-25Last Updated: 2024-05-25 08:08:10 UTCby Didier Stevens (Version: 1)After r... 2024-5-25 16:8:10 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu didier diary csvkit stevens

ISC Stormcast For Friday, May 24th, 2024 https://isc.sans.edu/podcastdetail/8996, (Fri, May 24th) 2024-5-24 10:35:5 | 阅读: 1 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers weblogs developers

ISC Stormcast For Thursday, May 23rd, 2024 https://isc.sans.edu/podcastdetail/8994, (Thu, May 23rd) 2024-5-23 10:0:2 | 阅读: 2 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers feeds isc glossary 23rd

Analysis of ?redtail? File Uploads to ICS Honeypot, a Multi-Architecture Coin Miner [Guest Diary], (Wed, May 22nd) [This is a Guest Diary by Robert Riley, an ISC intern as part of the SANS.edu BACS program]Introd... 2024-5-23 08:5:28 | 阅读: 35 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu redtail ssh honeypot coin submissions

NMAP Scanning without Scanning (Part 2) - The ipinfo API, (Wed, May 22nd) Going back a year or so, I wrote a story on the passive recon, specifically the IPINFO API (https:/... 2024-5-22 20:3:42 | 阅读: 2 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu nmap ipinfo apikey github nse

ISC Stormcast For Wednesday, May 22nd, 2024 https://isc.sans.edu/podcastdetail/8992, (Wed, May 22nd) 2024-5-22 10:0:2 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds dshield podcasts

Scanning without Scanning with NMAP (APIs FTW), (Tue, May 21st) A year ago I wrote up using Shodan's API to collect info on open ports and services without actuall... 2024-5-21 20:58:39 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu nmap 152 akamaighost sn apikey

ISC Stormcast For Tuesday, May 21st, 2024 https://isc.sans.edu/podcastdetail/8990, (Tue, May 21st) 2024-5-21 10:0:1 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds papers isc glass

Analyzing MSG Files, (Mon, May 20th) .msg email files are ole files and can be analyzed with my tool oledump.py.They have a lot of str... 2024-5-20 18:34:39 | 阅读: 2 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu attachment malicious extracting seperate stevens

ISC Stormcast For Monday, May 20th, 2024 https://isc.sans.edu/podcastdetail/8988, (Mon, May 20th) 2024-5-20 10:0:2 | 阅读: 1 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds 8988 stevens

Wireshark 4.2.5 Released, (Sat, May 18th) Watch ISC TV. Great for NOCs, SOCs and Living Rooms:... 2024-5-18 22:25:51 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu stevens didier rooms nocs

Another PDF Streams Example: Extracting JPEGs, (Fri, May 17th) In my diary entry "Analyzing PDF Streams" I showed how to use my tools file-magic.py and myjson-fil... 2024-5-17 20:4:3 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu analysis myjson diary jsonoutput stevens

ISC Stormcast For Friday, May 17th, 2024 https://isc.sans.edu/podcastdetail/8986, (Fri, May 17th) 2024-5-17 10:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc papers feeds weblogs duty

Why yq? Adventures in XML, (Thu, May 16th) I was recently asked to <ahem> "recover" a RADIUS key from a Microsoft NPS server.  No problem I th... 2024-5-16 20:4:52 | 阅读: 1 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu microsoft datatypes yq urn xmllint