This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, March 10th, 2025…
Tag: SANS Internet Storm Center, InfoCON: green
Commonly Probed Webshell URLs, (Sun, Mar 9th)
Looking over some weblogs on my way back from class in Baltimore, I feel a reminder is appropriate that (a) weblogs are still a thing and (b) what some of the common webshells are that attackers are looking for. This…
ISC Stormcast For Friday, March 7th, 2025 https://isc.sans.edu/podcastdetail/9354, (Fri, Mar 7th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, March 7th, 2025…
ISC Stormcast For Thursday, March 6th, 2025 https://isc.sans.edu/podcastdetail/9352, (Thu, Mar 6th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, March 6th, 2025…
DShield Traffic Analysis using ELK, (Thu, Mar 6th)
Using the Kibana interface, sometimes it can be difficult to find traffic of interest since there can be so much of it. The 3 logs used for traffic analysis are cowrie, webhoneypot and the firewall logs. Other options to add…
ISC Stormcast For Wednesday, March 5th, 2025 https://isc.sans.edu/podcastdetail/9350, (Wed, Mar 5th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, March 5th, 2025…
Romanian Distillery Scanning for SMTP Credentials, (Tue, Mar 4th)
Lately, attackers have gotten more creative and aggressive in trying to find various credential files on exposed web servers. Our “First Seen” page each day shows many new versions of scans for secrets files like “.env”. This article has…
Tool update: mac-robber.py, (Tue, Mar 4th)
Just a quick update. I fixed a big bug in my mac-robber.py script about 2 weeks ago, but realized I hadn't published a diary about it. I didn't go back and figure out how this one slipped in because I'm…
ISC Stormcast For Tuesday, March 4th, 2025 https://isc.sans.edu/podcastdetail/9348, (Tue, Mar 4th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, March 4th, 2025…
Mark of the Web: Some Technical Details, (Mon, Mar 3rd)
The Mark of the Web (MoTW) is file metadata in Windows that marks a file that was obtained from an untrusted source. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Mark of…