You might be interested in …

[SANS ISC] Video: Cobalt Strike & DNS – Part 1, (Sun, May 30th)

All posts, Sans-ISC

One of the Cobalt Strike servers reported by Brad Duncan also communicates over DNS. This can be tested with a simple DNS TXT query: The content of this TXT record contains the start of a Cobalt Strike beacon, encoded with Netbios Name encoding. I recently published an update to my base64dump.py tool to handle this […]

Read More

[SANS ISC] Sorting Things Out – Sorting Data by IP Address, (Fri, Oct 8th)

All posts, Sans-ISC

One thing that is huge in making sense of large volumes of data is sorting.  Which makes having good sorting tools and methods a big deal when you are working through findings in a security assessment of pentest.  Or – just as importantly – in day-to-day system administration. I stumbled into a Twitter thread last […]

Read More

Daily NCSC-FI news followup 2020-01-07

Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad www.us-cert.gov/ncas/alerts/aa20-006a The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nations critical infrastructure in light of the current tensions between the Islamic Republic of Iran and the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.