This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, June 6th, 2024…
Tag: SANS Internet Storm Center, InfoCON: green
Brute Force Attacks Against Watchguard VPN Endpoints, (Wed, Jun 5th)
If you have a pulse and work in information security (or are a new scraping script without a pulse), you have probably seen reports of attacks against VPN endpoints. Running any VPN without strong authentication has been negligent for years,…
ISC Stormcast For Wednesday, June 5th, 2024 https://isc.sans.edu/podcastdetail/9010, (Wed, Jun 5th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, June 5th, 2024…
No-Defender, Yes-Defender, (Tue, Jun 4th)
This is a guest diary by John Moutos This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: No-Defender, Yes-Defender, (Tue, Jun 4th)
ISC Stormcast For Tuesday, June 4th, 2024 https://isc.sans.edu/podcastdetail/9008, (Tue, Jun 4th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, June 4th, 2024…
A Wireshark Lua Dissector for Fixed Field Length Protocols, (Mon, Jun 3rd)
I developed a Wireshark dissector in Lua to parse binary protocols (over TCP) that are composed of fields with fixed lengths. I got this idea while taking a SANS ICS training: for protocol reversing, it would be useful to have…
ISC Stormcast For Monday, June 3rd, 2024 https://isc.sans.edu/podcastdetail/9006, (Mon, Jun 3rd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, June 3rd, 2024…
“K1w1” InfoStealer Uses gofile.io for Exfiltration, (Fri, May 31st)
Python remains a nice language for attackers and I keep finding interesting scripts that are usually not very well detected by antivirus solutions. The one I found has a VT score of 7/65! (SHA256:a6230d4d00a9d8ecaf5133b02d9b61fe78283ac4826a8346b72b4482d9aab54c[1]). I decided to call it “k1w1”…
ISC Stormcast For Friday, May 31st, 2024 https://isc.sans.edu/podcastdetail/9004, (Fri, May 31st)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, May 31st, 2024…
Feeding MISP with OSSEC, (Thu, May 30th)
I'm a big fan of OSSEC[1] for years. OSSEC (“Open Source Security Event Correlator”) is a comprehensive, open-source host-based intrusion detection system (HIDS). It is designed to monitor and analyze system logs, detect suspicious activities, and provide real-time alerts for…