streaming services

Cybersecurity Challenges Streaming Providers Face

| | api, http, ott, streaming services, waf
The global video streaming services industry is a multi-billion-dollar market that includes renowned brands such as Disney and Netflix alongside smaller, more niche players. Due to the pandemic, many of these services ...
Security Boulevard
Finding SolarWinds / SUNBURST backdoors with Zeek, Suricata, & Corelight

Detecting CVE-2021-31166 – HTTP vulnerability

By Ben Reardon, Corelight Security Researcher In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced ...
Detect C2 ‘RedXOR’ with state-based functionality

Detect C2 ‘RedXOR’ with state-based functionality

By Ben Reardon, Corelight Security Researcher Recently a very interesting Linux-based command-and-control (C2) malware was described by the research team at Intezer. As usual there is a set of simple network-based IOCs ...
Finding SUNBURST Backdoor with Zeek Logs & Corelight

Finding SUNBURST Backdoor with Zeek Logs & Corelight

John Gamble, Director of Product Marketing, Corelight FireEye’s threat research team has discovered a troubling new supply chain attack targeting SolarWind’s Orion IT monitoring and management platform. The attack trojanizes Orion software ...
HTTP/3: Ready to Land

HTTP/3: Ready to Land

Hi, my name is Mike Bishop; I'm the editor of the newest version of HTTP, HTTP/3. I'm part of Foundry, a team at Akamai that focuses on new and emerging technologies that ...
Beating alert fatigue with integrated data

Beating alert fatigue with integrated data

By Alex Kirk, Corelight Global Principal for Suricata More than 15 years after Gartner declared that “IDS is dead” because it was too noisy to be effectively managed, alert fatigue continues to ...
NetworkMiner 2.6

NetworkMiner 2.6 Released

We are happy to announce the release of NetworkMiner 2.6 today! The network forensic tool is now even better at extracting emails, password hashes, FTP transfers and artifacts from HTTP and HTTP/2 ...
NetworkMiner 2.6

NetworkMiner 2.6 Released

We are happy to announce the release of NetworkMiner 2.6 today! The network forensic tool is now even better at extracting emails, password hashes, FTP transfers and artifacts from HTTP and HTTP/2 ...

Zeek in it’s sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

By Ben Reardon, Corelight Security Researcher Having a CVE 10 unauthenticated Remote Code Execution vulnerability on a central load balancing device? That’s bad… Not being able to detect when a threat actor ...

Chocolate and Peanut Butter, Zeek and Suricata

By Brian Dye, Chief Product Officer, Corelight Some things just go well together. A privilege of working with very sophisticated defenders in the open source community is seeing the design patterns they ...