We’d just upgraded our glibc package from 2.32 to 2.33, when we noticed some peculiar behavior. Here's how we tracked down a glibc regression.
This blog will introduce a method of detecting the Pingback malware in which attackers often hide their communications in ping message payloads.
The CrowdStrike + Corelight partnership lets customers incorporate threat intelligence into Corelight Sensors to generate alerts and network evidence.
A very interesting Linux-based command-and-control (C2) malware was described by the research team at Intezer. Here are a few points about this...
Visibility is challenging in a cloud environment. Security teams have long relied on network monitoring to complement application level visibility.
Are you looking to threat hunt but lack sufficient network and IDS data? Maximize your Splunk ES investment with Corelight.
The new Microsoft Exchange vulnerabilities disclosed earlier this month highlight the importance of architecting for security visibility on the...
Sigma is an open-source project that provides a generic signature format for SIEMs. Here are the benefits of Sigma, and how to get these threat...
In this blog post, we’ll look at some tips and tricks for how you can get more out of your Network Intrusion Detection Systems (NIDS).