In an earlier diary [1], I reviewed how using tools like DBSCAN [2] can be useful to group similar data. I used DBSCAN to try and group similar commands submitted to Cowrie [3] and URL paths
Continue ReadingCategory: SANS™ Internet Storm Center
ISC Stormcast For Friday, September 13th, 2024 https://isc.sans.edu/podcastdetail/9136, (Fri, Sep 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingHygiene, Hygiene, Hygiene! [Guest Diary], (Wed, Sep 11th)
[This is a Guest Diary by Paul Olson, an ISC intern as part of the SANS.edu BACS program] Introduction Starting my internship with SANs Internet Storm Center [1] was daunting from the aspect of being unsure
Continue ReadingPython Libraries Used for Malicious Purposes, (Wed, Sep 11th)
Since I’m interested in malicious Python scripts, I found multiple samples that rely on existing libraries. The most-known repository is probably pypi.org[1] that reports, as of today, 567,478 projects! Malware developers are like regular developers: They
Continue ReadingISC Stormcast For Wednesday, September 11th, 2024 https://isc.sans.edu/podcastdetail/9134, (Wed, Sep 11th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingMicrosoft September 2024 Patch Tuesday, (Tue, Sep 10th)
Today, Microsoft released its scheduled September set of patches. This update addresses 79 different vulnerabilities. Seven of these vulnerabilities are rated critical. Four vulnerabilities are already being exploited and have been made public. Noteworthy Vulnerabilities: CVE-2024-43491:
Continue ReadingISC Stormcast For Tuesday, September 10th, 2024 https://isc.sans.edu/podcastdetail/9132, (Tue, Sep 10th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingWireshark 4.4’s IP Address Functions, (Mon, Sep 9th)
New IP address functions have been added in Wireshark 4.4 (if you use Wireshark on Windows, there's a bug in release 4.4.0: the DLL with these functions is missing, it will be included in release 4.4.1;
Continue ReadingISC Stormcast For Monday, September 9th, 2024 https://isc.sans.edu/podcastdetail/9130, (Mon, Sep 9th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingPassword Cracking & Energy: More Dedails, (Sun, Sep 8th)
Here are more details on the power consumption of my desktop computer when I crack passwords (cfr diary entry "Quickie: Password Cracking & Energy"). The vertical scale of this chart is expressed in Watts: 0 Watt:
Continue Reading