10 Jan 22 CyberSafe-WP-Admin 
TShark & jq, (Sat, Jan 8th) TShark (Wireshark's command-line version) can output JSON data, as shown in diary entry "Quicktip: TShark's…
10 Jan 22 CyberSafe-WP-Admin Extracting Cobalt Strike Beacons from MSBuild Scripts, (Sun, Jan 9th) There is also a video of this analysis. Renato gives an extensive analysis of MSBuild…
10 Jan 22 CyberSafe-WP-Admin ISC Stormcast For Monday, January 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=7828, (Mon, Jan 10th) (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.