This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, June 3rd, 2024…
Category: SANS Internet Storm Center, InfoCON: green
“K1w1” InfoStealer Uses gofile.io for Exfiltration, (Fri, May 31st)
Python remains a nice language for attackers and I keep finding interesting scripts that are usually not very well detected by antivirus solutions. The one I found has a VT score of 7/65! (SHA256:a6230d4d00a9d8ecaf5133b02d9b61fe78283ac4826a8346b72b4482d9aab54c[1]). I decided to call it “k1w1”…
ISC Stormcast For Friday, May 31st, 2024 https://isc.sans.edu/podcastdetail/9004, (Fri, May 31st)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, May 31st, 2024…
Feeding MISP with OSSEC, (Thu, May 30th)
I'm a big fan of OSSEC[1] for years. OSSEC (“Open Source Security Event Correlator”) is a comprehensive, open-source host-based intrusion detection system (HIDS). It is designed to monitor and analyze system logs, detect suspicious activities, and provide real-time alerts for…
ISC Stormcast For Thursday, May 30th, 2024 https://isc.sans.edu/podcastdetail/9002, (Thu, May 30th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, May 30th, 2024…

Is that It? Finding the Unknown: Correlations Between Honeypot Logs & PCAPs [Guest Diary], (Tue, May 28th)
[This is a Guest Diary by Joshua Jobe, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: 
Is that It? Finding the Unknown:…
ISC Stormcast For Wednesday, May 29th, 2024 https://isc.sans.edu/podcastdetail/9000, (Wed, May 29th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, May 29th, 2024…
Is that It? Finding the Unknown: Correlations Between Honeypot Logs & PCAPs [Guest Diary], (Tue, May 28th)
[This is a Guest Diary by Joshua Jobe, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Is that It? Finding the Unknown:…
ISC Stormcast For Tuesday, May 28th, 2024 https://isc.sans.edu/podcastdetail/8998, (Tue, May 28th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, May 28th, 2024…
Files with TXZ extension used as malspam attachments, (Mon, May 27th)
Malicious e-mail attachments come in all shapes and sizes. In general, however, threat actors usually either send out files, which themselves carry a malicious payload – such as different scripts, Office documents or PDFs – or they send out “containersâ€,…