PacketCrypt Classic Cryptocurrency Miner on PHP Servers, (Tue, Jan 7th) The SANS DShield project receives a wide variety of logs submitted by participants of the DShield p... 2025-1-7 04:25:1 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu php pktc pkt dr0p packetcrypt

ISC Stormcast For Tuesday, January 7th, 2025 https://isc.sans.edu/podcastdetail/9268, (Tue, Jan 7th) 2025-1-7 01:26:19 | 阅读: 6 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security isc easternjan 1st

Make Malware Happy, (Mon, Jan 6th) When I teach FOR610[1], I like to use a funny quotation with my students: “Make malware happy!” Wha... 2025-1-6 07:10:28 | 阅读: 3 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu aslr aslrpolicy respect startuppath username

ISC Stormcast For Monday, January 6th, 2025 https://isc.sans.edu/podcastdetail/9266, (Mon, Jan 6th) 2025-1-6 02:37:57 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds isc papers 1st

SwaetRAT Delivery Through Python, (Fri, Jan 3rd) We entered a new year, but attack scenarios have not changed (yet). I found a Python script with an... 2025-1-3 06:41:54 | 阅读: 6 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu ctypes etw wshshortcut

Goodware Hash Sets, (Thu, Jan 2nd) In the cybersecurity landscape, we all need hashes! A hash is the result of applying a special math... 2025-1-2 12:57:28 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu nsrl software lu 12m library

No Holiday Season for Attackers, (Tue, Dec 31st) While most of us are preparing the switch to a new year (If it’s already the case for you: Happy Ne... 2024-12-31 07:9:10 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security remnux malwarezoo 20241231 carefully

Changes in SSL and TLS support in 2024, (Mon, Dec 30th) With the end of the year quickly approaching, it is undoubtedly a good time to take a look at what... 2024-12-30 11:21:15 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security deserves discussing foreseeable

Phishing for Banking Information, (Fri, Dec 27th) It is again the time of the year when scammers are asking to verify banking information, whether it... 2024-12-27 10:25:2 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu bmo security montreal letter

Capturing Honeypot Data Beyond the Logs, (Thu, Dec 26th) By default, DShield Honeypots [1] collect firewall, web and cowrie (telnet/ssh) [2] data and log th... 2024-12-26 00:14:28 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu onvif wsdl ver10 pkt honeypot

Compiling Decompyle++ For Windows, (Wed, Dec 25th) Occasionaly I decompile Python code, with decompilers written in Python. Recently I discovered Deco... 2024-12-25 07:58:25 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu python pycdc decompyle decompile

More SSH Fun!, (Tue, Dec 24th) A few days ago, I wrote a diary[1] about a link file that abused the ssh.exe tool present in modern... 2024-12-24 06:51:8 | 阅读: 9 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu ssh microsoft windows remote malicious

Modiloader From Obfuscated Batch File, (Mon, Dec 23rd) My last investigation is a file called “Albertsons_payment.GZ”, received via email. The file looks... 2024-12-23 06:25:57 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu windows spoolsv albertsons remnux payload

Christmas "Gift" Delivered Through SSH, (Fri, Dec 20th) Christmas is at our doors and Attackers use the holiday season to deliver always more and more gift... 2024-12-20 11:1:29 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu ssh christmas windows slab malicious

ISC Stormcast For Friday, December 20th, 2024 https://isc.sans.edu/podcastdetail/9264, (Fri, Dec 20th) 2024-12-20 02:0:2 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers 1st easternjan security

Command Injection Exploit For PHPUnit before 4.8.28 and 5.x before 5.6.3 [Guest Diary], (Tue, Dec 17th) [This is a Guest Diary by Sahil Shaikh, an ISC intern as part of the SANS.edu BACS program]Introd... 2024-12-19 11:58:9 | 阅读: 10 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu phpunit php androxgh0st attacker network

ISC Stormcast For Thursday, December 19th, 2024 https://isc.sans.edu/podcastdetail/9262, (Thu, Dec 19th) 2024-12-19 02:0:2 | 阅读: 4 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers 27th easternjan feeds 1st

ISC Stormcast For Wednesday, December 18th, 2024 https://isc.sans.edu/podcastdetail/9260, (Wed, Dec 18th) 2024-12-18 02:0:2 | 阅读: 5 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 27th isc papers 1st

[Guest Diary] A Deep Dive into TeamTNT and Spinning YARN, (Wed, Dec 18th) [This is a Guest Diary by James Levija, an ISC intern as part of the SANS.edu Bachelor's Degree in... 2024-12-18 00:4:50 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu teamtnt github analysis attacker brysj

Python Delivering AnyDesk Client as RAT, (Tue, Dec 17th) RATs or “Remote Access Tools” are very popular these days. From an attacker’s point of view, it’s a... 2024-12-17 07:57:4 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu anynet remote salt victim pwd