DShield Traffic Analysis using ELK, (Thu, Mar 6th)
Using the Kibana interface, sometimes it can be difficult to find traffic of interest since there can be so much of it. The 3 logs used for traffic analysis are cowrie, webhoneypot and the firewall logs. Other options to add to the honeypot are packet capture, netflow and Zeek. Using the following steps, I was…
Explore MoreISC Stormcast For Thursday, March 6th, 2025 https://isc.sans.edu/podcastdetail/9352, (Thu, Mar 6th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Explore MoreISC Stormcast For Friday, March 7th, 2025 https://isc.sans.edu/podcastdetail/9354, (Fri, Mar 7th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Explore MoreCommonly Probed Webshell URLs, (Sun, Mar 9th)
Looking over some weblogs on my way back from class in Baltimore, I feel a reminder is appropriate that (a) weblogs are still a thing and (b) what some of the common webshells are that attackers are looking for. Attackers often deploy web shells via file upload or remote code execution vulnerabilities. Standard webshells are…
Explore MoreISC Stormcast For Monday, March 10th, 2025 https://isc.sans.edu/podcastdetail/9356, (Mon, Mar 10th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Explore More
Shellcode Encoded in UUIDs, (Mon, Mar 10th)
I returned from another FOR610[1] class last week in London. One key tip I give to my students is to keep an eye on “strange” API calls. In the Windows ecosystem, Microsoft offers tons of API calls to developers. The fact that an API is used in a program does not always mean we are…
Explore MoreISC Stormcast For Tuesday, March 11th, 2025 https://isc.sans.edu/podcastdetail/9358, (Tue, Mar 11th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Explore MoreMicrosoft Patch Tuesday: March 2025, (Tue, Mar 11th)
The March patch Tuesday looks like a fairly light affair, with only 51 vulnerabilities total and only six rated as critical. However, this patch Tuesday also includes six patches for already exploited, aka “0-Day” vulnerabilities. None of the already exploited vulnerabilities are rated as critical. Today’s most interesting vulnerability is a not-yet exploited critical vulnerability…
Explore MoreISC Stormcast For Wednesday, March 12th, 2025 https://isc.sans.edu/podcastdetail/9360, (Wed, Mar 12th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Explore MoreInfocon: green
ISC Stormcast For Wednesday, March 12th, 2025 https://isc.sans.edu/podcastdetail/9360
Explore More
GemCommerce: Customer Technical Support Associate (All Levels)
Headquarters: 5th Floor, Artemis Tower No. 3 Le Trong Tan, Khuong Mai, Thanh Xuan, Hanoi URL: https://gemcommerce.com/ Why we’re looking for you We are looking for an experienced Customer Success Associate in this high growth rate stage, who can work directly with our customers worldwide and provide technical support to corporate customers while ensuring ticket…
Explore MoreBrightOrder Inc.: Controller- The Financial Architect of Growth
Headquarters: Mississauga, Canada URL: http://www.brightorder.com (Only Apply if You’re Thinking “HELL YEAH!” Right Now) Fully remote! The World We Envision Imagine a world where logistics and fleet management don’t just run but thrive—where businesses make faster, smarter, and more profitable decisions because their financial systems are clear, efficient, and optimized. At BrightOrder, we are pioneering…
Explore More
Working Solutions: Customer Support Representative, Intuit TurboTax
Headquarters: Texas URL: https://jobs.workingsolutions.com/ Working Solutions seeks helpful and tech savvy independent contractors for a one-of-a-kind opportunity providing customer support to Intuit TurboTax’s customers – all from the comfort of home with the ability to create your own schedule. In this role, you will assist customers with software navigation, help customers locate prior returns and…
Explore MoreVolatus Health: Senior Backend Engineer
Headquarters: New Jersey, USA URL: https://www.linkedin.com/company/volatus-health-llc/ Volatus Health is a well-funded startup founded by top medical experts in the field of reproductive health along with tech entrepreneurs. We are building a next-generation software platform from the ground up for fertility clinics that will greatly improve outcomes for patients and medical staff. We are seeking a…
Explore More
Volatus Health: Senior Frontend Engineer
Headquarters: New Jersey, USA URL: https://www.linkedin.com/company/volatus-health-llc/ Volatus Health is a well-funded startup founded by top medical experts in the field of reproductive health along with tech entrepreneurs. We are building a next-generation software platform from the ground up for fertility clinics that will greatly improve outcomes for patients and medical staff. We are seeking a…
Explore More