Category: SANS™ Internet Storm Center

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

I like to enrich my honeypot data from a variety of sources to help understand a bit more about the context of the attack. This includes the types of networks the attacks are coming from or

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

[This is a Guest Diary by Joshua Tyrrell, an ISC intern as part of the SANS.edu BACS program] Managing the Attack Surface You’ve begun the journey of reviewing your IT infrastructure and attempting to figure out

On August 10th, the popular learning platform "Moodle" released an update fixing %%cve:2024-43425%%. RedTeam Pentesting found the vulnerability and published a detailed blog post late last week. The blog post demonstrates in detail how a user with

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Just like "Protected OOXML Spreadsheets", Word documents can also be protected: You have to look into the word/settings.xml file, and search for element w:documentProtection: The hash algorithm is the same as for OOXML spreadsheets. However, you

Display filters are used to define expressions that decide which packets get displayed, and which not in Wireshark's packet list. Berkeley Packet Filter (BPF) expressions decide which packets get captured, and which not when Wireshark is

This is the first 4.4 release. Many new features have been added, details are here. One feature I already highlighted are custom columns with field expressions: "Wireshark 4.4.0rc1's Custom Columns". Other new features I'll be looking