[This is a Guest Diary by Joshua Gilman, an ISC intern as part of the SANS.edu BACS program] Introduction Setting up a DShield honeypot is just the beginning. The real challenge lies in configuring all the
Continue ReadingCategory: SANS™ Internet Storm Center
Security related Docker containers, (Wed, Oct 2nd)
Over the last 9 months or so, I've been putting together some docker containers that I find useful in my day-to-day malware analysis and forensicating. I have been putting them up on hub.docker.com and decided, I might as
Continue ReadingISC Stormcast For Wednesday, October 2nd, 2024 https://isc.sans.edu/podcastdetail/9162, (Wed, Oct 2nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingHurricane Helene Aftermath – Cyber Security Awareness Month, (Tue, Oct 1st)
For a few years now, October has been "National Cyber Security Awareness Month". This year, it is a good opportunity for a refresher on some scams that tend to happen around disasters like Hurricane Helene. The
Continue ReadingISC Stormcast For Tuesday, October 1st, 2024 https://isc.sans.edu/podcastdetail/9160, (Tue, Oct 1st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingTool update: mac-robber.py and le-hex-to-ip.py, (Mon, Sep 30th)
One of the problems I've had since I originally wrote mac-robber.py [1][2][3] seven years ago is that because of the underlying os.stat python library we couldn't get file creation times (B-times). Since the release of GNU coreutils 8.32 (or
Continue ReadingISC Stormcast For Monday, September 30th, 2024 https://isc.sans.edu/podcastdetail/9158, (Mon, Sep 30th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingISC Stormcast For Friday, September 27th, 2024 https://isc.sans.edu/podcastdetail/9156, (Fri, Sep 27th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingPatch for Critical CUPS vulnerability: Don’t Panic, (Thu, Sep 26th)
These last two days, a lot has been talked about a "Doomsday 9.9 RCE bug'" in Linux [1]. We now have some additional details from Simone Margaritelli, who discovered and reported the vulnerabilities. BLUF: CUPS may use
Continue ReadingISC Stormcast For Thursday, September 26th, 2024 https://isc.sans.edu/podcastdetail/9154, (Thu, Sep 26th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Reading