web analytics

socprime.com

socprime.com
JVM GC Monitor Service Overhead: Root Cause and Recommendations – Source: socprime.com
JVM GC Monitor Service Overhead: Root Cause and Recommendations – Source: socprime.com
Source: socprime.com - Author: Oleksandr L [post-views] December 17, 2024 · 3 min read Problem Description: The JvmGcMonitorService...
socprime.com
UAC-0099 Attack Detection: Cyber-Espionage Activity Against Ukrainian State Agencies Using WinRAR Exploit and LONEPAGE Malware – Source: socprime.com
UAC-0099 Attack Detection: Cyber-Espionage Activity Against Ukrainian State Agencies Using WinRAR Exploit and LONEPAGE Malware – Source: socprime.com
Source: socprime.com - Author: Veronika Telychko The UAC-0099 hacking collective, which has been launching targeted cyber-espionage...
socprime.com
How to Deal with the Warning: “No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic’” – Source: socprime.com
How to Deal with the Warning: “No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic’” – Source: socprime.com
Source: socprime.com - Author: Oleksii K. WRITTEN BY Oleksii K. DevOps Engineer [post-views] December 16, 2024...
socprime.com
Fluentd: How to Make Nested Hash from Dot-Separated Keys – Source: socprime.com
Fluentd: How to Make Nested Hash from Dot-Separated Keys – Source: socprime.com
Source: socprime.com - Author: Oleh P. When a log record has keys like test.test, you can...
socprime.com
How to Increase index.max_regex_length in OpenSearch – Source: socprime.com
How to Increase index.max_regex_length in OpenSearch – Source: socprime.com
Source: socprime.com - Author: Oleksii K. WRITTEN BY Oleksii K. DevOps Engineer [post-views] December 16, 2024...
socprime.com
Secret Blizzard Attack Detection: The russia-Linked APT Group Targets Ukraine via Amadey Malware to Deploy the Updated Kazuar Backdoor Version – Source: socprime.com
Secret Blizzard Attack Detection: The russia-Linked APT Group Targets Ukraine via Amadey Malware to Deploy the Updated Kazuar Backdoor Version – Source: socprime.com
Source: socprime.com - Author: Daryna Olyniychuk Hot on the heels of russia-linked BlueAlpha’s exploitation of Cloudflare...
socprime.com
Fluentd: How to Change Tags During Log Processing. – Source: socprime.com
Fluentd: How to Change Tags During Log Processing. – Source: socprime.com
Source: socprime.com - Author: Oleh P. I have a case where I need to drop unnecessary...
socprime.com
IBM QRadar: How to Create a Rule for Log Source Monitoring – Source: socprime.com
IBM QRadar: How to Create a Rule for Log Source Monitoring – Source: socprime.com
Source: socprime.com - Author: Oleh P. WRITTEN BY Oleh P. SOC Engineer [post-views] December 13, 2024...
socprime.com
Using Roles and Users for Data Access in Elasticsearch – Source: socprime.com
Using Roles and Users for Data Access in Elasticsearch – Source: socprime.com
Source: socprime.com - Author: Oleksandr L Elasticsearch uses a security model to control access to data...
socprime.com
CVE-2024-50623 Detection: Attackers Actively Exploit a RCE Vulnerability in Cleo Harmony, VLTrader, and LexiCom File Transfer Products – Source: socprime.com
CVE-2024-50623 Detection: Attackers Actively Exploit a RCE Vulnerability in Cleo Harmony, VLTrader, and LexiCom File Transfer Products – Source: socprime.com
Source: socprime.com - Author: Daryna Olyniychuk High-profile attacks often stem from the exploitation of RCE vulnerabilities...
socprime.com
OpenSearch: Cluster Blocks Read-Only – Source: socprime.com
OpenSearch: Cluster Blocks Read-Only – Source: socprime.com
Source: socprime.com - Author: Oleksii K. OpenSearch can enforce read-only states on clusters or indices to...
socprime.com
SOC Prime Threat Bounty Digest — November 2024 Results – Source: socprime.com
SOC Prime Threat Bounty Digest — November 2024 Results – Source: socprime.com
Source: socprime.com - Author: Alla Yurchenko Welcome to the new Threat Bounty monthly digest edition and...
socprime.com
How to Allow Verified Bots Using AWS WAF Bot Control – Source: socprime.com
How to Allow Verified Bots Using AWS WAF Bot Control – Source: socprime.com
Source: socprime.com - Author: Comrade H. WRITTEN BY Comrade H. WAF Engineer [post-views] December 12, 2024...
socprime.com
How to Convert Arrays of Hashes Into a Structured Key-Value Format During Log Processing – Source: socprime.com
How to Convert Arrays of Hashes Into a Structured Key-Value Format During Log Processing – Source: socprime.com
Source: socprime.com - Author: Oleh P. In some log formats, fields can be arrays of hashes,...
socprime.com
New Cyber-Espionage Campaign Detection: Suspected China-Backed Actors Target High-Profile Organizations in Southeast Asia – Source: socprime.com
New Cyber-Espionage Campaign Detection: Suspected China-Backed Actors Target High-Profile Organizations in Southeast Asia – Source: socprime.com
Source: socprime.com - Author: Daryna Olyniychuk Defenders observe increasing numbers of cyber-attacks linked to China-backed APT...
socprime.com
Designing Index Structure for Large Volumes of Data in Elasticsearch – Source: socprime.com
Designing Index Structure for Large Volumes of Data in Elasticsearch – Source: socprime.com
Source: socprime.com - Author: Oleksandr L Elasticsearch, a powerful distributed search and analytics engine, requires careful...
socprime.com
How to prevent BufferOverflowError – Source: socprime.com
How to prevent BufferOverflowError – Source: socprime.com
Source: socprime.com - Author: Oleh P. In this guide, I will tell you how to prevent...
socprime.com
Adaptive Replica Selection in OpenSearch – Source: socprime.com
Adaptive Replica Selection in OpenSearch – Source: socprime.com
Source: socprime.com - Author: Oleksii K. WRITTEN BY Oleksii K. DevOps Engineer [post-views] December 11, 2024...
socprime.com
How to Enable and Manage AWS WAF Logging with CloudWatch Logs – Source: socprime.com
How to Enable and Manage AWS WAF Logging with CloudWatch Logs – Source: socprime.com
Source: socprime.com - Author: Comrade H. WRITTEN BY Comrade H. WAF Engineer [post-views] December 10, 2024...
socprime.com
Optimizing Elasticsearch Master Node for Cluster Stability – Source: socprime.com
Optimizing Elasticsearch Master Node for Cluster Stability – Source: socprime.com
Source: socprime.com - Author: Oleksandr L The master node is responsible for lightweight cluster-wide actions such...
socprime.com
Standard Logstash Template for Event Processing (Gold Template) – Source: socprime.com
Standard Logstash Template for Event Processing (Gold Template) – Source: socprime.com
Source: socprime.com - Author: Oleksandr L [post-views] December 10, 2024 · 3 min read This standard...
socprime.com
Configuring Disk Allocation Thresholds in Elasticsearch and OpenSearch – Source: socprime.com
Configuring Disk Allocation Thresholds in Elasticsearch and OpenSearch – Source: socprime.com
Source: socprime.com - Author: Oleksii K. WRITTEN BY Oleksii K. DevOps Engineer [post-views] December 10, 2024...
socprime.com
Understanding index.mapping.total_fields.limit in OpenSearch/ElasticSearch – Source: socprime.com
Understanding index.mapping.total_fields.limit in OpenSearch/ElasticSearch – Source: socprime.com
Source: socprime.com - Author: Oleh P. WRITTEN BY Oleh P. SOC Engineer [post-views] December 10, 2024...
socprime.com
UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex – Source: socprime.com
UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex – Source: socprime.com
Source: socprime.com - Author: Veronika Telychko Since russia launched its full-scale invasion of Ukraine, defense organizations...
socprime.com
Monitoring Elasticsearch Cluster With Metricbeat – Source: socprime.com
Monitoring Elasticsearch Cluster With Metricbeat – Source: socprime.com
Source: socprime.com - Author: Comrade H. WRITTEN BY Comrade H. WAF Engineer [post-views] December 09, 2024...
socprime.com
Understanding indices.query.bool.max_clause_count in OpenSearch – Source: socprime.com
Understanding indices.query.bool.max_clause_count in OpenSearch – Source: socprime.com
Source: socprime.com - Author: Oleksii K. WRITTEN BY Oleksii K. DevOps Engineer [post-views] December 09, 2024...
socprime.com
Decoding the PROCTITLE Field in Auditd Event Streams with Logstash – Source: socprime.com
Decoding the PROCTITLE Field in Auditd Event Streams with Logstash – Source: socprime.com
Source: socprime.com - Author: Oleksandr L [post-views] December 09, 2024 · 2 min read By default,...
socprime.com
BlueAlpha Attack Detection: russia-affiliated Hacking Collective Abuses Cloudflare Tunnels to Distribute GammaDrop Malware – Source: socprime.com
BlueAlpha Attack Detection: russia-affiliated Hacking Collective Abuses Cloudflare Tunnels to Distribute GammaDrop Malware – Source: socprime.com
Source: socprime.com - Author: Daryna Olyniychuk The russian state-sponsored threat actor BlueAlpha (aka Gamaredon, Hive0051, Shuckworm,...
socprime.com
Interesting URL Schema Abuse Patterns (Merry Phishmas) – Source: socprime.com
Interesting URL Schema Abuse Patterns (Merry Phishmas) – Source: socprime.com
Source: socprime.com - Author: John Stevens [post-views] December 06, 2024 · 2 min read One interesting...
socprime.com
Migrating Dashboards Between OpenSearch Instances – Source: socprime.com
Migrating Dashboards Between OpenSearch Instances – Source: socprime.com
Source: socprime.com - Author: Rosty H. [post-views] December 06, 2024 · 1 min read If you...

Latest News

CSO - Online
Ransomware upstart ‘The Gentlemen’ raises the stakes for OT‑heavy sectors – Source: www.csoonline.com
Ransomware upstart ‘The Gentlemen’ raises the stakes for OT‑heavy sectors – Source: www.csoonline.com
CSO - Online
What the Salesloft Drift breaches reveal about 4th-party risk – Source: www.csoonline.com
What the Salesloft Drift breaches reveal about 4th-party risk – Source: www.csoonline.com
CSO - Online
6 hot cybersecurity trends – Source: www.csoonline.com
6 hot cybersecurity trends – Source: www.csoonline.com
securelist.com
Notes of cyber inspector: three clusters of threat in cyberspace – Source: securelist.com
Notes of cyber inspector: three clusters of threat in cyberspace – Source: securelist.com
securityweek.com
Adobe Patches Critical ColdFusion and Commerce Vulnerabilities – Source: www.securityweek.com
Adobe Patches Critical ColdFusion and Commerce Vulnerabilities – Source: www.securityweek.com
securityweek.com
Exposed Docker APIs Likely Exploited to Build Botnet – Source: www.securityweek.com
Exposed Docker APIs Likely Exploited to Build Botnet – Source: www.securityweek.com