SANS Internet Storm Center, InfoCON: green

ISC Stormcast For Monday, November 30th 2020 https://isc.sans.edu/podcastdetail.html?id=7270, (Mon, Nov 30th)

about 3 hours ago

Quick Tip: Using JARM With a SOCKS Proxy, (Sun, Nov 29th)

about 17 hours ago

Rik talked about JARM yesterday "Threat Hunting with JARM".

Threat Hunting with JARM, (Fri, Nov 27th)

2 days ago

Recently I have been testing a new tool created by the people...

Live Patching Windows API Calls Using PowerShell, (Wed, Nov 25th)

5 days ago

It's amazing how attackers can be imaginative when it comes to protecting...

ISC Stormcast For Wednesday, November 25th 2020 https://isc.sans.edu/podcastdetail.html?id=7268, (Wed, Nov 25th)

5 days ago

The special case of TCP RST, (Tue, Nov 24th)

6 days ago

In TCP, packets with the "Reset" (RST or R) flag are sent...

ISC Stormcast For Tuesday, November 24th 2020 https://isc.sans.edu/podcastdetail.html?id=7266, (Tue, Nov 24th)

6 days ago

Quick Tip: Cobalt Strike Beacon Analysis, (Mon, Nov 23rd)

7 days ago

Several of our handlers, like Brad and Renato, have written diary entries...

ISC Stormcast For Monday, November 23rd 2020 https://isc.sans.edu/podcastdetail.html?id=7264, (Mon, Nov 23rd)

7 days ago

Quick Tip: Extracting all VBA Code from a Maldoc - JSON Format, (Sun, Nov 22nd)

7 days ago

In diary entry "Quick Tip: Extracting all VBA Code from a Maldoc"...

VMware privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005) - https://www.vmware.com/security/advisories/VMSA-2020-0026.html, (Sat, Nov 21st)

9 days ago

-----------

Malicious Python Code and LittleSnitch Detection, (Fri, Nov 20th)

10 days ago

We all run plenty of security tools on our endpoints. Their goal...