Weathering the internet storm.
Research Saturday · N2K Networks
Audio is streamed directly from the publisher (pdst.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Johannes Ullrich from SANS talking about the Internet Storm Center and how they do research. Internet Storm Center was created as a mix of manual reports submitted by security analysts during Y2K and automated firewall collection started by DShield.
The research shares how SANS used their "agile honeypots" to "zoom in" on events to more effectively collect data targeting specific vulnerabilities. Internet Storm Center has been noted on three separate attacks that were observed.
The research can be found here:
- Jenkins Brute Force Scans
- Scans for Ivanti Connect "Secure" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887)
- Scans/Exploit Attempts for Atlassian Confluence RCE Vulnerability CVE-2023-22527
Learn more about your ad choices. Visit megaphone.fm/adchoices