Running Docker / Alpine Linux in an IPv6-only environment
Guest Post: By default, the Docker server configures container networks for IPv4-only. Learn how to run it in IPv6.
Tag: How to
How to: Installing an RPKI validator
[Updated] Step-by-step instructions to install RPKI validators required to validate ROAs.
How to: Detect and prevent common data exfiltration attacks
Guest Post: Mitigate for APT threats with these best practices for detecting and preventing data exfiltration attacks.
Threat hunting with Yara: The red pill approach
Guest Post: Learn how to combine Yara with other tools to have full control over the condition validation process.
How to properly interpret a traceroute or MTR
Guest Post: MTR is a useful tool for diagnosing packet loss.
Threat hunting with Yara: Dealing with wildcard hexadecimal patterns
Guest Post: Learn how to use Yara’s native hexadecimal pattern definition features to create fast rules with fewer false positives and no alarming nested loops.
Threat hunting with Yara: Measuring distance between any three elements
Guest Post: Learn how to use Yara’s math module and min/max functions to measure distance between patterns.
Threat hunting with Yara: The three body problem
Guest Post: Get to know how to use Yara with real-life research problems — detecting code evolution and shellcodes.
Publishing IPv6 NTP servers with DHCPv6
Guest Post: Learn how to navigate through the relevant RFCs associated with publishing IPv6 NTP servers with DHCPv6.
How to analyse a cyber attack chain: A cyber drill scenario from BGD e-GOV CIRT
Guest Post: BGD e-GOV CIRT takes us through the steps of a recent Exchange cyber drill run for local financial institutions in Bangladesh.