http
HTTP security headers: An easy way to harden your web applications
Modern browsers support a wide array of HTTP headers that can improve web application security to protect against clickjacking, cross-site scripting, and other common attacks. This post provides an overview of best-practice ...
Cybersecurity Challenges Streaming Providers Face
The global video streaming services industry is a multi-billion-dollar market that includes renowned brands such as Disney and Netflix alongside smaller, more niche players. Due to the pandemic, many of these services ...
Detecting CVE-2021-31166 – HTTP vulnerability
By Ben Reardon, Corelight Security Researcher In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced ...
Detect C2 ‘RedXOR’ with state-based functionality
By Ben Reardon, Corelight Security Researcher Recently a very interesting Linux-based command-and-control (C2) malware was described by the research team at Intezer. As usual there is a set of simple network-based IOCs ...
Finding SUNBURST Backdoor with Zeek Logs & Corelight
John Gamble, Director of Product Marketing, Corelight FireEye’s threat research team has discovered a troubling new supply chain attack targeting SolarWind’s Orion IT monitoring and management platform. The attack trojanizes Orion software ...
HTTP/3: Ready to Land
Hi, my name is Mike Bishop; I'm the editor of the newest version of HTTP, HTTP/3. I'm part of Foundry, a team at Akamai that focuses on new and emerging technologies that ...
Beating alert fatigue with integrated data
By Alex Kirk, Corelight Global Principal for Suricata More than 15 years after Gartner declared that “IDS is dead” because it was too noisy to be effectively managed, alert fatigue continues to ...
NetworkMiner 2.6 Released
We are happy to announce the release of NetworkMiner 2.6 today! The network forensic tool is now even better at extracting emails, password hashes, FTP transfers and artifacts from HTTP and HTTP/2 ...
NetworkMiner 2.6 Released
We are happy to announce the release of NetworkMiner 2.6 today! The network forensic tool is now even better at extracting emails, password hashes, FTP transfers and artifacts from HTTP and HTTP/2 ...
Zeek in it’s sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)
By Ben Reardon, Corelight Security Researcher Having a CVE 10 unauthenticated Remote Code Execution vulnerability on a central load balancing device? That’s bad… Not being able to detect when a threat actor ...
