Dealing With False Positives when Scanning Memory Dumps for Cobalt Strike Beacons
https://isc.sans.edu/diary/Dealing+With+False+Positives+when+Scanning+Memory+Dumps+for+Cobalt+Strike+Beacons/28990
HTTP2 Packet Analysis with Wireshark
https://isc.sans.edu/diary/HTTP2+Packet+Analysis+with+Wireshark/28986
Paypal Phishing/Coinbase in One Image
https://isc.sans.edu/diary/Paypal+PhishingCoinbase+in+One+Image/28984
Sysinternals Updates: Sysmon v14.0 and ZoomIt v6.01
https://isc.sans.edu/diary/Sysinternals+Updates%3A+Sysmon+v14.0+and+ZoomIt+v6.01/28988
eth.link domain at risk
https://www.coindesk.com/tech/2022/08/26/web3-domain-name-service-could-lose-its-web-address-because-programmer-who-can-renew-it-sits-in-jail/
