ISC Stormcast For Tuesday, September 30th, 2025 https://isc.sans.edu/podcastdetail/9634, (Tue, Sep 30th) ISC Stormcast播客于2025年9月30日发布，由Johannes Ullrich主持，讨论网络安全相关话题。... 2025-9-30 02:0:3 | 阅读: 18 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc feeds 4th papers 9th

Apple Patches Single Vulnerability CVE-2025-43400, (Mon, Sep 29th) 苹果发布iOS 26.0.1等更新修复安全漏洞，影响多个操作系统版本及旧版系统。该漏洞涉及字体解析器，可能导致应用终止或内存损坏，尚未被利用。... 2025-9-29 20:28:54 | 阅读: 17 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu affects security visionos sonoma memory

Increase in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400), (Mon, Sep 29th) 文章描述了Palo Alto设备中CVE-2024-3400漏洞的利用方式，攻击者通过上传文件到特定路径并尝试执行代码。当前攻击主要集中在 honeypot 上的 /global-protect/portal/images 路径，上传成功返回 403 错误，失败则返回 404 错误。... 2025-9-29 18:42:46 | 阅读: 18 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu client chrome alto mozilla honeypot

ISC Stormcast For Monday, September 29th, 2025 https://isc.sans.edu/podcastdetail/9632, (Mon, Sep 29th) read file error: read notes: is a directory... 2025-9-29 02:5:18 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers security 9th feeds

New tool: convert-ts-bash-history.py, (Fri, Sep 26th) 作者介绍了自己开发的脚本 `convert-ts-bash-history.py`，用于解析 `.bash_history` 文件并生成包含文件路径、时间和命令的 PSV 格式输出。该工具适用于快速分析 Bash 历史记录，并支持通过排序按时间排列结果。作者还提到未来可能增加 CSV 格式输出和其他功能改进，并提醒用户注意 Bash 历史记录仅在 shell 退出时写入磁盘。... 2025-9-26 22:26:21 | 阅读: 17 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu clausing timestamps github miami psv

ISC Stormcast For Friday, September 26th, 2025 https://isc.sans.edu/podcastdetail/9630, (Fri, Sep 26th) read file error: read notes: is a directory... 2025-9-26 04:5:15 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds security 4th 9th

Webshells Hiding in .well-known Places, (Thu, Sep 25th) read file error: read notes: is a directory... 2025-9-25 14:24:49 | 阅读: 13 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu php acme honeypots webshells

ISC Stormcast For Thursday, September 25th, 2025 https://isc.sans.edu/podcastdetail/9628, (Thu, Sep 25th) read file error: read notes: is a directory... 2025-9-25 03:40:13 | 阅读: 17 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc stormcast thursday 25th

Exploit Attempts Against Older Hikvision Camera Vulnerability, (Wed, Sep 24th) read file error: read notes: is a directory... 2025-9-24 15:11:36 | 阅读: 20 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu hikvision cameras security 7921

ISC Stormcast For Wednesday, September 24th, 2025 https://isc.sans.edu/podcastdetail/9626, (Wed, Sep 24th) read file error: read notes: is a directory... 2025-9-24 03:15:14 | 阅读: 13 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers 9th security feeds

[Guest Diary] Distracting the Analyst for Fun and Profit, (Tue, Sep 23rd) 这篇文章记录了一次针对443端口的DDoS攻击事件，持续20天并发送238万多个TCP SYN包。分析显示攻击来自不同地区的ISP网络，并怀疑部分流量为伪造或由恶意工具生成。尽管规模较大但未对目标造成实质性影响。... 2025-9-23 12:55:18 | 阅读: 19 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu wave 1028 245 honeypot unlikely

ISC Stormcast For Tuesday, September 23rd, 2025 https://isc.sans.edu/podcastdetail/9624, (Tue, Sep 23rd) read file error: read notes: is a directory... 2025-9-23 03:50:13 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds papers isc 9th 4th

ISC Stormcast For Monday, September 22nd, 2025 https://isc.sans.edu/podcastdetail/9622, (Mon, Sep 22nd) read file error: read notes: is a directory... 2025-9-22 02:0:3 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 4th 9th feeds isc

Help Wanted: What are these odd reuqests about?, (Sun, Sep 21st) 作者在分析网络honeypot数据时发现了一个新的请求头"X-Forwarded-App"，怀疑其可能与代理服务器泄露信息有关。进一步研究发现该请求可能来自移动应用，并包含潜在API密钥等敏感信息。... 2025-9-21 17:18:9 | 阅读: 17 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu honeypot johannes mozilla trailer deviceinfo

ISC Stormcast For Friday, September 19th, 2025 https://isc.sans.edu/podcastdetail/9620, (Fri, Sep 19th) 文章描述了网络威胁监控平台的界面内容，包括值班人员信息、威胁级别状态、即将举办的网络安全课程安排以及播客链接等内容。... 2025-9-19 02:0:4 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security isc papers vegassep

ISC Stormcast For Thursday, September 18th, 2025 https://isc.sans.edu/podcastdetail/9618, (Thu, Sep 18th) ISC Stormcast 播客讨论周四网络威胁情况，值班处理员Guy Bruneau报告绿色威胁级别。用户即将参加拉斯维加斯的应用安全课程（9月22日至27日）。提供DShield传感器、DNS Looking Glass等工具及隐私政策链接。... 2025-9-18 02:0:3 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 27th vegassep papers isc security

Exploring Uploads in a Dshield Honeypot Environment [Guest Diary], (Thu, Sep 18th) 本文描述了通过分析上传到 honeypot 服务器的文件来识别恶意软件和攻击模式的过程。使用 upload-stats 工具枚举文件信息，并结合日志数据发现针对 IoT 设备的 botnet 蠕虫活动。研究揭示了攻击者利用默认密码（如 pi/raspberry）传播恶意软件，并通过 IRC 通道控制受感染设备的行为模式。... 2025-9-18 00:49:9 | 阅读: 19 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu cowrie payload analysis honeypot isc

CTRL-Z DLL Hooking, (Wed, Sep 17th) 文章讨论了调试恶意软件时使用的软件断点技术及其绕过方法。通过在API调用处插入INT3指令设置断点，但恶意软件可检测并绕过此技术。一种高级方法是从磁盘加载干净的DLL代码覆盖内存中的修改部分，从而清除所有软件断点。... 2025-9-17 08:2:44 | 阅读: 21 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu unpack memory breakpoints ctypes software

ISC Stormcast For Wednesday, September 17th, 2025 https://isc.sans.edu/podcastdetail/9616, (Wed, Sep 17th) 文章介绍了网络威胁监控情况及安全动态，值班处理员为Xavier Mertens，当前威胁级别为绿色。ISC Stormcast播客更新至2025年9月17日，并提供相关链接。此外，即将于2025年9月22日至27日在拉斯维加斯举办应用安全课程。... 2025-9-17 02:0:3 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security 27th vegassep feeds

Why You Need Phishing Resistant Authentication NOW., (Tue, Sep 16th) 文章讨论了近期针对NPM开发者的钓鱼攻击事件，并指出即使技术娴熟的用户也可能被骗。传统多因素认证无法有效防止此类攻击，而密码管理器和Passkeys等基于加密的技术才是更安全的解决方案。... 2025-9-16 18:4:16 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu phishing resistant passkeys