Updated: 2024-05-31 10:40:46
Internet Storm Center Sign In Sign Up Handler on Duty : Xavier Mertens Threat Level : green previous K1w1 InfoStealer Uses gofile.io for Exfiltration Published 2024-05-31 Last Updated 2024-05-31 10:40:46 UTC by Xavier Mertens Version : 1 0 comment(s Python remains a nice language for attackers and I keep finding interesting scripts that are usually not very well detected by antivirus solutions . The one I found has a VT score of 7 65 SHA256:a6230d4d00a9d8ecaf5133b02d9b61fe78283ac4826a8346b72b4482d9aab54c[ 1 I decided to call it k1w1 infostealer because this string is referenced in many variable and function names . The script has classic infostealer capabilities to find interesting pieces of data on the victim's computer but has some interesting techniques . nbsp First , it uses gofile.io
Updated: 2024-05-31 02:00:02
, , : Internet Storm Center Sign In Sign Up Handler on Duty : Xavier Mertens Threat Level : green previous next ISC Stormcast For Friday , May 31st , 2024 https : isc.sans.edu podcastdetail 9004 previous next Comments Login here to join the . discussion Top of page Ø Diary Archives Homepage Diaries Podcasts Jobs Data TCP UDP Port Activity Port Trends SSH Telnet Scanning Activity Weblogs Threat Feeds Activity Threat Feeds Map Useful InfoSec Links Presentations Papers Research Papers API Tools DShield Sensor DNS Looking Glass Honeypot RPi AWS InfoSec Glossary Contact Us Contact Us About Us Handlers About Us Slack Channel Mastodon Bluesky X 2024 SANS™ Internet Storm Center Developers : We have an API for you Link To Us About Us Handlers Privacy Policy
Updated: 2024-05-30 06:56:44
Internet Storm Center Sign In Sign Up Watch ISC TV . Great for NOCs , SOCs and Living Rooms : https : isctv.sans.edu Handler on Duty : Xavier Mertens Threat Level : green previous next Feeding MISP with OSSEC Published 2024-05-30 Last Updated 2024-05-30 06:56:44 UTC by Xavier Mertens Version : 1 0 comment(s I'm a big fan of OSSEC[ 1 for years . nbsp OSSEC Open Source Security Event Correlator is a comprehensive , open-source host-based intrusion detection system HIDS It is designed to monitor and analyze system logs , detect suspicious activities , and provide real-time alerts for security incidents . OSSEC can perform log analysis , file integrity monitoring , rootkit detection , and active response to mitigate threats . It supports various platforms including Linux , Windows , and macOS
Updated: 2024-05-30 02:00:02
, , : Internet Storm Center Sign In Sign Up Handler on Duty : Xavier Mertens Threat Level : green previous next ISC Stormcast For Thursday , May 30th , 2024 https : isc.sans.edu podcastdetail 9002 previous next Comments Login here to join the . discussion Top of page Ø Diary Archives Homepage Diaries Podcasts Jobs Data TCP UDP Port Activity Port Trends SSH Telnet Scanning Activity Weblogs Threat Feeds Activity Threat Feeds Map Useful InfoSec Links Presentations Papers Research Papers API Tools DShield Sensor DNS Looking Glass Honeypot RPi AWS InfoSec Glossary Contact Us Contact Us About Us Handlers About Us Slack Channel Mastodon Bluesky X 2024 SANS™ Internet Storm Center Developers : We have an API for you Link To Us About Us Handlers Privacy Policy
Updated: 2024-05-28 02:00:02
[This is a Guest Diary by Joshua Jobe, an ISC intern as part of the SANS.edu BACS program]
Updated: 2024-05-25 08:08:10
After reading my diary entry "Checking CSV Files", a reader informed me that CSV toolkit csvkit also contains a command to check CSV files: csvstat.py.
