By Richard Bejtlich, Principal Security Strategist, Corelight On Tuesday, Jan. 14, 2020, the world learned of the vulnerability du jour, CVE-2020-0601. As explained by Microsoft, “a spoofing vulnerability exists in the way Windows CryptoAPI ( ... Read more
Zeek
Finding Truth in the Cloud: Google Cloud Packet Mirroring & Corelight Network Traffic Analysis
By Vijit Nair, Sr. Director Product Management, Corelight “Remember, all I’m offering is the truth” - Morpheus, from the movie Matrix (1999) There is a great scene at the end of Matrix where a fallen Neo resurrects himself and breaks past th ... Read more
Detecting OpenBSD CVE-2019-19521 SSH Exploit Attempts
By Anthony Kasza, Ben Reardon, Corelight Security Researchers On December 4, Qualys released a security advisory for an authentication bypass vulnerability in OpenBSD, CVE-2019-19521. The vulnerability affects multiple services in OpenBSD ... Read more
Light in the Darkness: New Corelight Encrypted Traffic Collection
By Vince Stoffer, Senior Director, Product Management, Corelight This week’s launch of version 18 of our software features the Encrypted Traffic Collection, our first collection of a series of detections and data enrichments created by the C ... Read more
New Corelight App for Splunk: Making network-based threat hunting easier
By Ed Smith, Senior Product Marketing Manager, Corelight Want to use Zeek (formerly Bro) network data in Splunk ES, but don’t know how to start or where to look? Need to quickly narrow down Zeek logs from a mountain, to a hill, to a h ... Read more