This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, May 1st, 2024…
Tag: SANS Internet Storm Center, InfoCON: green
Linux Trojan – Xorddos with Filename eyshcjdmzg, (Mon, Apr 29th)
I reviewed a filename I see regularly uploaded to my DShield sensor eyshcjdmzg that have been seeing since the 1 October 2023 which has multiple hashes and has been labeled as trojan.xorddos/ddos. These various files have only been uploaded to…
Another Day, Another NAS: Attacks against Zyxel NAS326 devices CVE-2023-4473, CVE-2023-4474, (Tue, Apr 30th)
Yesterday, I talked about attacks against a relatively recent D-Link NAS vulnerability. Today, scanning my honeypot logs, I found an odd URL that I didn't recognize. The vulnerability is a bit older but turns out to be targeting yet another…
ISC Stormcast For Tuesday, April 30th, 2024 https://isc.sans.edu/podcastdetail/8960, (Tue, Apr 30th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, April 30th, 2024…
D-Link NAS Device Backdoor Abused, (Mon, Apr 29th)
End of March, NetworkSecurityFish disclosed a vulnerability in various D-Link NAS devices [1]. The vulnerability allows access to the device using the user “messagebus” without credentials. The sample URL used by the PoC was: This article has been indexed from…
ISC Stormcast For Monday, April 29th, 2024 https://isc.sans.edu/podcastdetail/8958, (Mon, Apr 29th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, April 29th, 2024…
ISC Stormcast For Friday, April 26th, 2024 https://isc.sans.edu/podcastdetail/8956, (Fri, Apr 26th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, April 26th, 2024…
ISC Stormcast For Thursday, April 25th, 2024 https://isc.sans.edu/podcastdetail/8954, (Thu, Apr 25th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, April 25th, 2024…
Does it matter if iptables isn’t running on my honeypot?, (Thu, Apr 25th)
I've been working on comparing data from different DShield [1] honeypots to understand differences when the honeypots reside on different networks. One point of comparison is malware submitted to the honeypots. During a review of the summarized data, I noticed…
ISC Stormcast For Wednesday, April 24th, 2024 https://isc.sans.edu/podcastdetail/8952, (Wed, Apr 24th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, April 24th, 2024…