Corelight Bright Ideas Blog

Archives for Sep 2021

Detecting ​​CVE-2021-38647 OMIGOD

Researchers at recently found a series of vulnerabilities in Windows Open Management Infrastructure (OMI) software, which is widely installed on cloud-based Azure Linux Agents. We have open-sourced a Zeek package for the most severe of these... Read more »

Using Zeek to track communication state

One of Zeek's greatest strengths is its ability to deeply inspect packet streams that are fed into it. It is adept not only at identifying network protocols but also parsing them to extract large amounts of useful information. There is another... Read more »


    Recent Posts