Palo Alto Networks‘ products offer unparalleled visibility into network traffic and malicious behavior, spanning across both network and endpoint environments. Integrating this visibility with Splunk enables us to correlate data and conduct analytics across various data types. Prerequisite Configuring Splunk We need to first install the two apps from the splunkbase repository. You need an…
In the constantly changing realm of cybersecurity risks, the FritzFrog botnet stands out as a formidable and adept opponent. Recent developments reveal a new variant of FritzFrog leveraging the Log4Shell vulnerability, marking a concerning shift in its tactics. This article explores the evolution of FritzFrog, its advanced techniques, and the imminent threats it poses to…
Let’s go through the process of creating an IAM role with read only permissions to IAM resources, and attaching that role to an EC2 instance. Screenshots for key steps are included. Prerequisites: Step 1 – Create IAM role Use your favorite text editor and create the file “ec2-trust-policy.json” with the content below: Use the create-role…
Amazon Simple Storage Service (S3) is a widely used object storage service, but ensuring the security of your S3 bucket is crucial to protect sensitive data. In this guide, we will walk through the steps to automatically detect unauthorized access to your S3 bucket when accessing our secrets in a special file ( secrets.txt )…
AWS VPC Flow Logs are a goldmine of network data, providing valuable insights into traffic patterns, security threats, and network performance within your Amazon Virtual Private Cloud (VPC). To effectively analyze this data, many choose to utilize Elasticsearch, an open-source search and analytics engine. In this blog post, we’ll walk you through the process of…
VMware PowerCLI is a command-line interface and scripting language that allows users to automate and manage VMware vSphere environments. It is built on top of Microsoft PowerShell ( which is a powerful and extensible scripting framework primarily used in Windows environments). PowerCLI provides cmdlets (PowerShell commands) that enable administrators and developers to interact with and…
Rsync is a great tool for transferring and synchronizing files between computers/servers. It is usually available on the most popular linux distribution. If not installed yet, you can typically use the package manager for installation. Rsync’s drawback lies in its sequential transfer over a single remote connection, resulting in lengthy transfer times for large amount…
In this series, we will retrieve the list of all the Virtual Machine (VMs) with snapshots inside our vCenter Cluster. You can refer to our previous post on how to install powercli on Rocky or Linux mint. Launching Powercli Login into vCenter In order to interact with the vCenter or ESXi, you will first need…
