SANS™ Internet Storm Center – Page 13

Video: Same Origin, CORS, DNS Rebinding and Localhost, (Mon, Aug 12th)

August 12, 2024

Trying something a bit different. A video demo to illustrate some concepts around "Origin" in web applications. Let me know if this is something you would like to see more of. Some references to go with

ISC Stormcast For Friday, August 9th, 2024 https://isc.sans.edu/podcastdetail/9090, (Fri, Aug 9th)

August 9, 2024

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

ISC Stormcast For Thursday, August 8th, 2024 https://isc.sans.edu/podcastdetail/9088, (Thu, Aug 8th)

August 8, 2024

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

ISC Stormcast For Wednesday, August 7th, 2024 https://isc.sans.edu/podcastdetail/9086, (Wed, Aug 7th)

August 7, 2024

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Same Scripts, Different Day: What My DShield Honeypot Taught Me About the Importance of Security Fundamentals [Guest Diary], (Wed, Aug 7th)

August 7, 2024

[This is a Guest Diary by Riché Wiley, an ISC intern as part of the SANS.edu BACS program] I first set up a DShield honeypot as part of my internship with SANS Internet Storm Center, I

A Survey of Scans for GeoServer Vulnerabilities, (Tue, Aug 6th)

August 6, 2024

A little bit over a year ago, I wrote about scans for GeoServer [1][2]. GeoServer is a platform to process geographic data [3]. It makes it easy to share geospatial data in various common standard formats.

ISC Stormcast For Tuesday, August 6th, 2024 https://isc.sans.edu/podcastdetail/9084, (Tue, Aug 6th)

August 6, 2024

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Script obfuscation using multiple instances of the same function, (Mon, Aug 5th)

August 5, 2024

Threat actors like to make detection and analysis of any malicious code they create as difficult as possible – for obvious reasons. There are any number of techniques which they may employ in this area, nevertheless,

ISC Stormcast For Monday, August 5th, 2024 https://isc.sans.edu/podcastdetail/9082, (Mon, Aug 5th)

August 5, 2024

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

OOXML Spreadsheets Protected By Verifier Hashes, (Sat, Aug 3rd)

August 4, 2024

When I wrote about the internal file format of protected spreadsheets, I mentioned a simple 16-bit hash for .xls files in diary entry "16-bit Hash Collisions in .xls Spreadsheets" and a complex hash based on SHA256

Category: SANS™ Internet Storm Center

Video: Same Origin, CORS, DNS Rebinding and Localhost, (Mon, Aug 12th)

ISC Stormcast For Friday, August 9th, 2024 https://isc.sans.edu/podcastdetail/9090, (Fri, Aug 9th)

ISC Stormcast For Thursday, August 8th, 2024 https://isc.sans.edu/podcastdetail/9088, (Thu, Aug 8th)

ISC Stormcast For Wednesday, August 7th, 2024 https://isc.sans.edu/podcastdetail/9086, (Wed, Aug 7th)

Same Scripts, Different Day: What My DShield Honeypot Taught Me About the Importance of Security Fundamentals [Guest Diary], (Wed, Aug 7th)

A Survey of Scans for GeoServer Vulnerabilities, (Tue, Aug 6th)

ISC Stormcast For Tuesday, August 6th, 2024 https://isc.sans.edu/podcastdetail/9084, (Tue, Aug 6th)

Script obfuscation using multiple instances of the same function, (Mon, Aug 5th)

ISC Stormcast For Monday, August 5th, 2024 https://isc.sans.edu/podcastdetail/9082, (Mon, Aug 5th)

OOXML Spreadsheets Protected By Verifier Hashes, (Sat, Aug 3rd)

Need Cybersecurity & GRC Services?

Company

Quick Link

Contact Us