When performing triage on a Linux system you suspect might be compromised, there are many aspects of the system that you may want to look at. In SANS FOR577, we talk about some existing tools and even writing your own…
Category: SANS Internet Storm Center, InfoCON: green
Leveraging Honeypot Data for Offensive Security Operations [Guest Diary], (Fri, Jan 17th)
[This is a Guest Diary by Alex Sanders, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Leveraging Honeypot Data for Offensive Security…
ISC Stormcast For Friday, January 17th, 2025 https://isc.sans.edu/podcastdetail/9284, (Fri, Jan 17th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, January 17th, 2025…
Extracting Practical Observations from Impractical Datasets, (Thu, Jan 16th)
[This is a Guest Diary by Curtis Dibble, an ISC intern as part of the SANS.edu BACS [1] program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Extracting Practical Observations from Impractical…
PacketCrypt Classic Cryptocurrency Miner on PHP Servers, (Tue, Jan 7th)
The SANS DShield project receives a wide variety of logs submitted by participants of the DShield project. Looking at the “First Seen†URLs page, I observed an interesting URL and dived deeper to investigate. The URL recorded is as follows: …
The Curious Case of a 12-Year-Old Netgear Router Vulnerability, (Wed, Jan 15th)
Routers play an essential role in networking and are one of the key components that allow users to have internet connectivity. Vulnerabilities in routers could result in reduced speeds or the possibility of vulnerable equipment being compromised and turned into…
Microsoft January 2025 Patch Tuesday, (Tue, Jan 14th)
This month's Microsoft patch update addresses a total of 209 vulnerabilities, including 12 classified as critical. Among these, 3 vulnerabilities have been actively exploited in the wild, and 5 have been disclosed prior to the patch release, marking them as…
ISC Stormcast For Tuesday, January 14th, 2025 https://isc.sans.edu/podcastdetail/9278, (Mon, Jan 13th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, January 14th, 2025…
Hikvision Password Reset Brute Forcing, (Mon, Jan 13th)
One common pattern in password resets is sending a one-time password to the user to enable them to reset their password. The flow usually looks like: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the…
ISC Stormcast For Monday, January 13th, 2025 https://isc.sans.edu/podcastdetail/9276, (Mon, Jan 13th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, January 13th, 2025…