Using DFIR Techniques To Recover From Infrastructure Outages, (Fri, May 26th)
Recently, I was involved in a network outage caused by a defective pfSense firewall appliance.…
ISC Stormcast For Friday, May 26th, 2023, (Fri, May 26th)
https://isc.sans.edu/podcastdetail/8514 (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
ISC Stormcast For Thursday, May 25th, 2023, (Thu, May 25th)
https://isc.sans.edu/podcastdetail/8512 (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
IR Case/Alert Management, (Wed, May 24th)
Recently I was discussing Alert/Case management tools for SOCs. I started thinking about what were…
People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection
Summary The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA)…
More Data Enrichment for Cowrie Logs, (Wed, May 24th)
While reviewing cowrie [1] logs from my honeypot [2] and developing my cowrieprocessor python script…
ISC Stormcast For Wednesday, May 24th, 2023, (Wed, May 24th)
https://isc.sans.edu/podcastdetail/8510, (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Help us figure this out: Scans for Apache "Nifi", (Tue, May 23rd)
Please let me know if you have any idea what they are trying to do…
ISC Stormcast For Tuesday, May 23rd, 2023, (Tue, May 23rd)
https://isc.sans.edu/podcastdetail/8508 (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Probes for recent ABUS Security Camera Vulnerability: Attackers keep an eye on everything., (Mon, May 22nd)
ABUS is usually better known for its "old-fashioned" mechanical locks. But as part of its…