16th
-
MalBot October 16, 2024, 2:45am 1 Article Link: ISC Stormcast For Wednesday, October 16th, 2024 https://isc.sans.edu/podcastdetail/9182 – SANS Internet Storm Center
-
MalBot September 16, 2024, 3:50am 1 Article Link: ISC Stormcast For Monday, September 16th, 2024 https://isc.sans.edu/podcastdetail/9138 – SANS Internet Storm Center
-
ISC Stormcast For Friday, August 16th, 2024 https://isc.sans.edu/podcastdetail/9100, (Fri, Aug 16th)
·
MalBot August 16, 2024, 2:55am 1 Article Link: ISC Stormcast For Friday, August 16th, 2024 https://isc.sans.edu/podcastdetail/9100 – SANS Internet Storm Center
-
[This is a Guest Diary by Michael Gallant, an ISC intern as part of the SANS.edu BACS program]
-
ISC Stormcast For Tuesday, July 16th, 2024 https://isc.sans.edu/podcastdetail/9054, (Tue, Jul 16th)
·
MalBot July 16, 2024, 3:30am 1 Article Link: ISC Stormcast For Tuesday, July 16th, 2024 https://isc.sans.edu/podcastdetail/9054 – SANS Internet Storm Center
-
I was recently asked to <ahem> “recover” a RADIUS key from a Microsoft NPS server. No problem I think, just export the config and it’s all there in clear text right? … yes, sort of … The XML file that gets output is of course perfect XML, but that doesn’t mean it’s easy to read…
-
Author Written by Treadstone 71 @Treadstone71LLC Cognitive Warfare Training, Intelligence and Counterintelligence Tradecraft, Influence Operations, Cyber Operations, OSINT,OPSEC, Darknet, Deepweb, Clandestine Cyber HUMINT, customized training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, Disinformation detection, Analysis as…
-
ISC Stormcast For Thursday, May 16th, 2024 https://isc.sans.edu/podcastdetail/8984, (Thu, May 16th)
·
MalBot
-
Palo Alto Networks GlobalProtect exploit public and widely exploited CVE-2024-3400, (Tue, Apr 16th)
·
The Palo Alto Networks vulnerability has been analyzed in depth by various sources and exploits [1]. We have gotten several reports of exploits being attempted against GlobalProtect installs. In addition, we see scans for the GlobalProtect login page, but these scans predated the exploit. VPN gateways have always been the target of exploits like brute…
-
Package updates/upgrades by maintainers on the Linux platforms are always appreciated, as these updates are intended to offer new features/bug fixes. However, in rare circumstances, there is a need to downgrade the packages to a prior version due to unintended bugs or potential security issues, such as the recent xz-utils backdoor. Consistently backing up your data…
-
ISC Stormcast For Tuesday, April 16th, 2024 https://isc.sans.edu/podcastdetail/8940, (Tue, Apr 16th)
·
MalBot
-
Article Link: https://isc.sans.edu/diary/rss/30656
-
Last week, Volexity published a blog describing two vulnerabilities in Ivanti’s Connect “Secure” VPN [1]. These vulnerabilities have been exploited in limited, targeted attacks. At this point, Ivanti released a configuration workaround but no patch for this vulnerability. The configuration can be applied in the form of an encrypted XML file.
-
Article Link: https://isc.sans.edu/diary/rss/30560
-
If you ever had to acquire packets from a network, you probably used tcpdump. Other tools (Wireshark, dumpcap, snort…) can do the same thing, but none is as widely used as tcpdump. tcpdump is simple to use, fast, and universally available (and free!).
-
Article Link: https://isc.sans.edu/diary/rss/30406
-
For the latest discoveries in cyber research for the week of 9th October, please download our Threat_Intelligence Bulletin.