Today, I noticed in our “first seen URL” list, two URLs I didn't immediately recognize: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Scans for Apache OfBiz, (Wed, Mar 27th)
Category: SANS Internet Storm Center, InfoCON: green
ISC Stormcast For Wednesday, March 27th, 2024 https://isc.sans.edu/podcastdetail/8912, (Wed, Mar 27th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, March 27th, 2024…
New tool: linux-pkgs.sh, (Sun, Mar 24th)
During a recent Linux forensic engagement, a colleague asked if there was anyway to tell what packages were installed on a victim image. As we talk about in FOR577, depending on which tool you run on a live system and…
ISC Stormcast For Tuesday, March 26th, 2024 https://isc.sans.edu/podcastdetail/8910, (Tue, Mar 26th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, March 26th, 2024…
Apple Updates for MacOS, iOS/iPadOS and visionOS, (Mon, Mar 25th)
Last week, Apple published updates for iOS and iPadOS. At that time, Apple withheld details about the security content of the update. This is typical if future updates for other operating systems will fix the same vulnerability. Apple's operating systems…
Tool updates: le-hex-to-ip.py and sigs.py, (Sun, Mar 24th)
I am TA-ing for Taz for the new SANS FOR577 class again and I figured it was time to release some fixes to my le-hex-to-ip.py script that I wrote up last fall while doing the same. I still plan to…
ISC Stormcast For Monday, March 25th, 2024 https://isc.sans.edu/podcastdetail/8908, (Mon, Mar 25th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, March 25th, 2024…
1768.py’s Experimental Mode, (Sat, Mar 23rd)
The reason I extracted a PE file in my last diary entry, is that I discovered it was the dropper of a Cobalt Strike beacon @DebugPrivilege had pointed me to. My 1768.py tool crashed on the process memory dump. This…
ISC Stormcast For Friday, March 22nd, 2024 https://isc.sans.edu/podcastdetail/8906, (Fri, Mar 22nd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, March 22nd, 2024…
Whois “geofeed” Data, (Thu, Mar 21st)
Attributing a particular IP address to a specific location is hard and often fails miserably. There are several difficulties that I have talked about before: Out-of-date whois data, data that is outright fake, or was never correct in the first…