SANS Database 2024  2024()  2023(26)  2022(52)  2021(93)  2020(1197)  2019(572)  2018(627)  2017(632)  2016(647)  2015(692)  2014(796)  2013(0)  2012(0) 

DATE

NAME

Info

CATEG.

WEB

13.4.24

Critical Palo Alto GlobalProtect Vulnerability Exploited (CVE-2024-3400)

On Friday, Palo Alto Networks released an advisory warning users of Palo Alto's Global Protect product of a vulnerability that has been exploited since March

SANS

31.3.24

Quick Forensics Analysis of Apache logs

Sometimes, you’ve to quickly investigate a webserver logs for potential malicious activity. If you're lucky, logs are already indexed in real-time in a log management solution and you can automatically launch some hunting queries. If that's not the case, you can download all logs on a local system or a cloud instance and index them manually.

SANS

31.3.24

From JavaScript to AsyncRAT

It has been a while since I found an interesting piece of JavaScript. This one was pretty well obfuscated. It was called “_Rechnung_01941085434_PDF.js” (Invoice in German) with a low VT score (3/59)

SANS

31.3.24

Scans for Apache OfBiz

Today, I noticed in our "first seen URL" list, two URLs I didn't immediately recognize

SANS

26.3.24

Apple Updates for MacOS, iOS/iPadOS and visionOS

Last week, Apple published updates for iOS and iPadOS. At that time, Apple withheld details about the security content of the update.

SANS

25.3.24

Tool updates: le-hex-to-ip.py and sigs.py

I am TA-ing for Taz for the new SANS FOR577 class again and I figured it was time to release some fixes to my le-hex-to-ip.py script that I wrote up last fall while doing the same

SANS