-
pdf-parser: All Streams, (Sun, Aug 31st)
A user reported a bug in pdf-parser: when dumping all filtered streams, an error would occur: The reason for the error, is that not all streams have filters applied to them, and thus dumping a filtered stream that has no filter caused a bug. I have fixed this: But I would like to point out…
-
Wireshark 4.4.9 Released, (Sun, Aug 31st)
Wireshark release 4.4.9 fixes 5 bugs. Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Friday, August 29th, 2025 https://isc.sans.edu/podcastdetail/9592, (Fri, Aug 29th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Increasing Searches for ZIP Files, (Thu, Aug 28th)
I noticed recently that we have more and more requests for ZIP files in our web honeypot logs. Over the last year, we have had a substantial increase in these requests. Here are some of the most common URLs requested so far this year: url c /backup.zip 10977 /web.zip 9701 /www.zip 9414 /html.zip 9361 /data.zip…
-
ISC Stormcast For Thursday, August 28th, 2025 https://isc.sans.edu/podcastdetail/9590, (Thu, Aug 28th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Interesting Technique to Launch a Shellcode, (Wed, Aug 27th)
In most attack scenarios, attackers have to perform a crucial operation: to load a shellcode in memory and execute it. This is often performed in a three-step process: Some memory must be allocated and flagged as “executable” with VirtualAlloc() (and sometimes combined with VirtualProtect()) The shellcode (often deobfuscated) is copied into this newly allocated memory…
-
ISC Stormcast For Wednesday, August 27th, 2025 https://isc.sans.edu/podcastdetail/9588, (Wed, Aug 27th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Getting a Better Handle on International Domain Names and Punycode, (Tue, Aug 26th)
International domain names (IDN) continue to be an interesting topic. For the most part, they are probably less of an issue than some people make them out to be, given that popular browsers like Google Chrome are pretty selective in displaying them. But on the other hand, they are still used legitimately or not, and…
-
ISC Stormcast For Tuesday, August 26th, 2025 https://isc.sans.edu/podcastdetail/9586, (Tue, Aug 26th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Monday, August 25th, 2025 https://isc.sans.edu/podcastdetail/9584, (Mon, Aug 25th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
