SANS ISC

[SANS ISC] Extending Hunting Capabilities in Your Network

I published the following diary on isc.sans.org: “Extending Hunting Capabilities in Your Network“: Today’s diary is an extension to the one I posted yesterday about hunting for malicious files crossing your network. Searching for new IOCs is nice but there are risks of missing important pieces of information! Indeed, the first

SANS ISC

[SANS ISC Diary] How your pictures may affect your website reputation

I published the following diary on isc.sans.org: “How your pictures may affect your website reputation“. In a previous diary, I explained why the automatic processing of IOC’s (“Indicator of Compromise”) could lead to false positives. Here is a practical example found yesterday. I captured the following malicious HTML page (MD5:

1 2