Security Bulletin

A SANS és a Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet közös kiadványának 2023. december havi számában az örökké erős jelmondatokkal foglalkozunk.

I am TA-ing for Taz for the new SANS FOR577 class again and I figured it was time to release some fixes to my le-hex-to-ip.py script that I wrote up last fall while doing the same. I still plan to make some additional updates to the script to be able...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The reason I extracted a PE file in my last diary entry, is that I discovered it was the dropper of a Cobalt Strike beacon @DebugPrivilege had pointed me to. My 1768.py tool crashed on the process memory dump. This is fixed now, but it...

Multiple attacks exploit vulnerabilities in an IT remote access tool to deliver a variety of different payloads into business environments.

The U.S.-led global guidance notes the need for vulnerability management and data protection.

Google Mandiant says APT29 targeted German politicians and is a threat to Western political parties.

How to gain the insights necessary to change security policies as active adversaries persist.

Any computer on which BIND will be running is likely to have several interfaces, each of which may have multiple IP addresses; both IPv4 and IPv6. When the named process is started it needs to know which of these addresses it should be using for the...

During FY23, the Americas Partner Organization (APO) launched an initiative known as "APO Giving Back Week." The intention was to align efforts and amplify impact by extending the initiative to include our external partner community. Together, they...

Artificial intelligence (AI) is changing the world. There has been a lot of discussion about the impact of AI on all areas of business over the past year. This post is about how AI impacts program management.

Delve into the world of Cisco XDR Playbooks, enhancing security operations with strategic guides and automation for robust incident response.