Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Followup to "What's going on..." SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Followup to "What's going on..."

During my last shift I posted a story where I noted increased traffic on ports 8800, 1100, and 5905 and asking if anyone had packets.  We didn't get any captures, but a week or so later, our friends over at MWcollect posted this story which I found very interesting/useful, so I wanted to point it out to the rest of you who may not follow their blog.  I haven't played much with libemu, but after reading this, I clearly need to spend some more time with it.

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Baltimore Fall 2020

Jim

416 Posts
ISC Handler
Jul 2nd 2008

Sign Up for Free or Log In to start participating in the conversation!