(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCategory: SANS™ Internet Storm Center
Development Features Enabled in Prodcution, (Thu, Oct 24th)
We do keep seeing attackers "poking around" looking for enabled development features. Developers often use these features and plugins to aid in debugging web applications. But if left behind, they may provide an attacker with inside
Continue ReadingISC Stormcast For Thursday, October 24th, 2024 https://isc.sans.edu/podcastdetail/9194, (Thu, Oct 24th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingEverybody Loves Bash Scripts. Including Attackers., (Wed, Oct 23rd)
Today our "First Seen" page displayed a number of simple URLs: /wp-backup.sh /submit.sh /stage-deploy.sh /scripts/driverenv.sh /s3.sh /run-deploy.sh /passwords.sh /m/index.php /library.sh /installer.sh /envvars.sh /driverenv.sh /driver.sh /docker/startup.sh /develop.sh /bucket.sh /aws_cli.sh /aws-env.sh These URLs are not associated with a
Continue ReadingISC Stormcast For Wednesday, October 23rd, 2024 https://isc.sans.edu/podcastdetail/9192, (Wed, Oct 23rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingHow much HTTP (not HTTPS) Traffic is Traversing Your Perimeter?, (Tue, Oct 22nd)
Back in June of 2010, The Electronic Frontier Foundation (EFF) released the first beta release of the "HTTPS Everywhere" plugin [1]. Even then, most websites offered HTTPS. But unlike today, HTTP was often still the default,
Continue ReadingISC Stormcast For Tuesday, October 22nd, 2024 https://isc.sans.edu/podcastdetail/9190, (Tue, Oct 22nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingA Network Nerd’s Take on Emergency Preparedness, (Tue, Oct 15th)
Over the last month, two hurricanes barely missed me. Luckily, neither caused me any significant inconvenience. Sadly, others were not as lucky, and I think this is a good time to do a little "Lessons Learned"
Continue ReadingISC Stormcast For Monday, October 21st, 2024 https://isc.sans.edu/podcastdetail/9188, (Mon, Oct 21st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingISC Stormcast For Friday, October 18th, 2024 https://isc.sans.edu/podcastdetail/9186, (Fri, Oct 18th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Reading