ISC Stormcast For Wednesday, November 19th, 2025 https://isc.sans.edu/podcastdetail/9706, (Wed, Nov 19th) 2025-11-19 02:0:3 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security feeds 1st papers 6th

KongTuke activity, (Tue, Nov 18th) IntroductionToday's diary is an example of KongTuke activity using fake CAPTCHA pages for a Click... 2025-11-18 07:10:17 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu malicious python windows 6655 hxxp

ISC Stormcast For Tuesday, November 18th, 2025 https://isc.sans.edu/podcastdetail/9704, (Tue, Nov 18th) 2025-11-18 02:0:2 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 1st papers isc feeds

Decoding Binary Numeric Expressions, (Mon, Nov 17th) In diary entry "Formbook Delivered Through Multiple Scripts", Xavier mentions that the following li... 2025-11-17 07:18:53 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu hexadecimal converted xavier powershell 4f

ISC Stormcast For Monday, November 17th, 2025 https://isc.sans.edu/podcastdetail/9702, (Mon, Nov 17th) 2025-11-17 02:0:3 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security feeds isc 1st papers

Finger.exe & ClickFix, (Sun, Nov 16th) The finger.exe command is used in ClickFix attacks.finger is a very old UNIX command, that was co... 2025-11-16 07:27:55 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu finger proxy windows clickfix malicious

SANS Holiday Hack Challenge 2025, (Sun, Nov 16th) 2025-11-16 07:15:45 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu stevens didier papers feeds

Honeypot: FortiWeb CVE-2025-64446 Exploits, (Sat, Nov 15th) Published: 2025-11-15. Last Updated: 2025-11-15 09:44:35 UTCby Didier Stevens (Version: 1)Like m... 2025-11-15 09:44:35 | 阅读: 31 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu didier stevens 64446 honeypots

Microsoft Office Russian Dolls, (Fri, Nov 14th) You probably know what are the Russian or Matryoshka dolls. It's a set of wooden dolls of decreas... 2025-11-14 13:42:55 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 1980 rels rtf remnux

ISC Stormcast For Friday, November 14th, 2025 https://isc.sans.edu/podcastdetail/9700, (Fri, Nov 14th) 2025-11-14 01:18:18 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security 6th 1st feeds

Formbook Delivered Through Multiple Scripts, (Thu, Nov 13th) When I’m teachning FOR610[1], I always say to my students that reverse engineering does not only ap... 2025-11-13 08:47:41 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu roastable11 powershell bletr

ISC Stormcast For Thursday, November 13th, 2025 https://isc.sans.edu/podcastdetail/9698, (Thu, Nov 13th) 2025-11-13 02:0:3 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 1st 6th isc security feeds

SmartApeSG campaign uses ClickFix page to push NetSupport RAT, (Wed, Nov 12th) IntroductionThis diary describes a NetSupport RAT infection I generated in my lab from the SmartA... 2025-11-12 21:49:32 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu netsupport smartapesg malicious hxxps clickfix

ISC Stormcast For Wednesday, November 12th, 2025 https://isc.sans.edu/podcastdetail/9696, (Wed, Nov 12th) ISC Stormcast For Wednesday, November 12th, 2025 https://isc.sans.edu/podcastdetail/9696... 2025-11-12 02:0:2 | 阅读: 8 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc stormcast wednesday 12th

Microsoft Patch Tuesday for November 2025, (Tue, Nov 11th) Today's Microsoft Patch Tuesday offers fixes for 80 different vulnerabilities. One of the vulnerabi... 2025-11-11 19:24:30 | 阅读: 17 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu windows elevation remote microsoft moderate

ISC Stormcast For Tuesday, November 11th, 2025 https://isc.sans.edu/podcastdetail/9694, (Tue, Nov 11th) ISC Stormcast 播客分析网络威胁及安全趋势，由值班处理员Johannes Ullrich主持，当前威胁级别为绿色。... 2025-11-11 02:0:3 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 6th feeds 1st isc

It isn't always defaults: Scans for 3CX usernames, (Mon, Nov 10th) 文章指出针对3CX电话系统备份使用的FTP服务器进行攻击活动，攻击者尝试使用特定用户名（如"FTP_3cx"）和密码（如"3CXBackup"）进行入侵。这些攻击可能利用了默认或常见配置来获取敏感信息。... 2025-11-10 15:23:31 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 3cx software backup3cx username 3cxbackups

ISC Stormcast For Monday, November 10th, 2025 https://isc.sans.edu/podcastdetail/9692, (Mon, Nov 10th) ISC Stormcast播客于2025年11月10日发布，值班处理员Didier Stevens报告威胁级别为绿色。课程安排在Dallas的Application Security班时间为12月1日至6日。链接包括DShield传感器、DNS查找玻璃和蜜罐工具等。... 2025-11-10 02:0:2 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 6th papers 1st feeds

Honeypot: Requests for (Code) Repositories, (Sat, Nov 8th) 好的，我现在需要帮用户总结一篇文章的内容，控制在100字以内。首先，我得仔细阅读用户提供的文章内容。 文章的作者是Didier Stevens，他提到在自己的honeypot（蜜罐）上发现了针对代码仓库的请求。具体来说，攻击者试图访问一些特定的文件和目录，比如.git/logs/refs/remotes/origin/main、.github/dependabot.yml等等。这些请求可能来自试图获取敏感信息或进行攻击的人。 用户的要求是用中文总结，不超过100字，并且不需要特定的开头。所以我要抓住重点：honeypot检测到针对代码仓库的恶意请求，提醒用户注意在线发布的内容安全。 接下来，我需要将这些信息浓缩成简洁的句子。确保涵盖主要点：honeypot、恶意请求、代码仓库、敏感文件、提醒安全。 最后检查字数，确保在限制内，并且表达清晰。 </think> 作者报告其蜜罐检测到针对代码仓库的恶意请求，涉及.git、.github、.gitlab等目录及文件，提醒用户注意在线发布内容的安全性。... 2025-11-8 06:9:22 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu github stevens gitlab didier backup

ISC Stormcast For Friday, November 7th, 2025 https://isc.sans.edu/podcastdetail/9690, (Fri, Nov 7th) 文章描述了值班人员Guy Bruneau及其负责的安全威胁级别为绿色。此外还提到了即将在Dallas举办的“Application Security: Securing Web Apps, APIs, and Microservices”课程的时间安排以及ISC Stormcast播客的相关信息。... 2025-11-7 02:0:2 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds papers isc security