SANS Internet Storm Center, InfoCON: green SANS Internet Storm Center - Cooperative Cyber Security Monitor
- Infocon: greenon 19 September 2024 at 6:14 am
ISC Stormcast For Thursday, September 19th, 2024 https://isc.sans.edu/podcastdetail/9144
- ISC Stormcast For Thursday, September 19th, 2024 https://isc.sans.edu/podcastdetail/9144, (Thu, Sep 19th)on 19 September 2024 at 2:00 am
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
- Time-to-Live Analysis of DShield Data with Vega-Lite, (Wed, Sep 18th)on 19 September 2024 at 12:20 am
Since posting a diary about Vega-Lite [1], I have "played" with other queries that might be interesting and the first one that I wanted to explore since the DShield SIEM [2] capture and parse the iptables logs and store the Time-to-Live (TTL) for analysis.
- Python Infostealer Patching Windows Exodus App, (Wed, Sep 18th)on 18 September 2024 at 7:43 am
A few months ago, I wrote a diary[1] about a Python script that replaced the Exodus[2] Wallet app with a rogue one on macOS. Infostealers are everywhere these days. They target mainly browsers (cookies, credentials) and classic applications that may handle sensitive information. Cryptocurrency wallets are another category of applications that are juicy for attackers. I spotted again an interesting malware that mimics an Exodus wallet by displaying a small GUI:
- ISC Stormcast For Wednesday, September 18th, 2024 https://isc.sans.edu/podcastdetail/9142, (Wed, Sep 18th)on 18 September 2024 at 2:00 am
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.