Collaborate Disseminate
today morning I’ve received an email from Google reporting that my Compute Engine instance of my project was used to scan port 3389 of 144000 ip addresses.
I enabled compute engine some months ago for this project but recentl… Continue reading Google Cloud intrusion
I have some web server logs from a breach. Is there a tool in SecurityOnion where I can upload the log files in csv format and have some sort of behavior-driven, static IDS/IPS identify when a breach occurred?
There’s a spy movie – probably from the [James Bond] franchise – in which our hero is staying in a fancy hotel. It’s crawling with enemies, naturally, and eager to see if one has been snooping in his room while he’s out for martinis, he sticks a hair across the …read more
Continue reading See If Someone Has Been In Your Drawers With This Simple Alarm
Norton Security (software installed on the computer) supposedly blocked a fake website coming from my internet router.
(See the full alert details window screenshot).
My internet router is a BT Home Hub 5 and the IP addre… Continue reading Norton Security blocked "Fake Tech Support Website" within router?
How does a large corporation such as SpaceX or Samsung secure their information?
Do they use the same enterprise hardware that a small to mid-size company has access to? I imagine it’s mostly down to employee training.
I do… Continue reading How does a large corporation manage information security?
I am trying to pass good reputable malicious traffic from an IPS. There are several sources on internet to explore datasets like the oldest I think DARPA set (not available in pcap format and not that efficient for modern day… Continue reading Public Availability of a good Dataset in PCAP (TCPDUMP) format for IDS/IPS testing
I was working on a project, a private repo, and suddenly all the commits disappeared and were replaced with a single text file saying
To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin
(BTC) to our Bitcoin address 1… Continue reading GitLab account hacked and repo wiped
One of my repo’s was wiped today and just a message left in its place with a bitcoin ransom. I’ve no idea how they accessed my account, can’t really see anything on github security page.
The domain of the email they want me … Continue reading Github account hacked and repo wiped – Github Response
A private network (about 150 PCs) is connected to the internet through an edge router. According to the net admin, his network is scanned from the outside, at the edge router. I don’t have any more information.
What’s is the best method t… Continue reading Advice to detect suspicious activities on network [closed]
I noticed my desktop, that has never been used for anything related to google home or signed into the google account used to manage the Home Hub, that is on the same subnet was sending traffic to the device. Is anybody famil… Continue reading Google Home Hub Network Traffic on Port 8009