Yee Ching
@poppopretn.bsky.social
Senior Consultant @ JT Consultancy & Management Pte. Ltd., Research Fellow @ ASSET Group, Singapore University of Technology and Design (SUTD), Handler @ SANS Internet Storm Center, bunch of other infosec stuff and amateur radio operator. Views are my own.
Pinned
Yee Ching
@poppopretn.bsky.social
· Feb 10
POP POP RETN
Information security research, reflections and events
poppopretn.com
Hello, World! Hopping onboard the Bluesky train, my personal site is located at poppopretn.com where you can find out more about my research and portfolios. New posts from my website will be posted here. I will be more active at infosec.exchange, but will check back here occasionally.
Reposted by Yee Ching
Online Services Again Abused to Exfiltrate Data https://isc.sans.edu/diary/31862
April 15, 2025 at 6:11 AM
Online Services Again Abused to Exfiltrate Data https://isc.sans.edu/diary/31862
Reposted by Yee Ching
Obfuscated Malicious Python Scripts with PyArmor https://isc.sans.edu/diary/31840
April 9, 2025 at 6:31 AM
Obfuscated Malicious Python Scripts with PyArmor https://isc.sans.edu/diary/31840
Reposted by Yee Ching
XORsearch: Searching With Regexes https://isc.sans.edu/diary/31834
April 7, 2025 at 12:36 PM
XORsearch: Searching With Regexes https://isc.sans.edu/diary/31834
Reposted by Yee Ching
New SSH Username Report https://isc.sans.edu/diary/31830
April 6, 2025 at 7:55 PM
New SSH Username Report https://isc.sans.edu/diary/31830
Reposted by Yee Ching
Surge in Scans for Juniper "t128" Default User https://isc.sans.edu/diary/31824
April 2, 2025 at 2:21 PM
Surge in Scans for Juniper "t128" Default User https://isc.sans.edu/diary/31824
Reposted by Yee Ching
Privacy Aware Bots https://isc.sans.edu/diary/31796
March 24, 2025 at 1:30 PM
Privacy Aware Bots https://isc.sans.edu/diary/31796
Reposted by Yee Ching
Let's Talk About HTTP Headers. https://isc.sans.edu/diary/31792
March 23, 2025 at 4:55 PM
Let's Talk About HTTP Headers. https://isc.sans.edu/diary/31792
Reposted by Yee Ching
Some new Data Feeds, and a little "incident". https://isc.sans.edu/diary/31786
March 20, 2025 at 6:01 PM
Some new Data Feeds, and a little "incident". https://isc.sans.edu/diary/31786
Reposted by Yee Ching
Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440 https://isc.sans.edu/diary/31782
March 19, 2025 at 1:31 PM
Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440 https://isc.sans.edu/diary/31782
Reposted by Yee Ching
Apple Fixes Exploited WebKit Vulnerability in iOS, MacOS, visionOS and Safari https://isc.sans.edu/diary/31758
March 11, 2025 at 7:25 PM
Apple Fixes Exploited WebKit Vulnerability in iOS, MacOS, visionOS and Safari https://isc.sans.edu/diary/31758
Reposted by Yee Ching
Microsoft Patch Tuesday: March 2025 https://isc.sans.edu/diary/31756
March 11, 2025 at 5:56 PM
Microsoft Patch Tuesday: March 2025 https://isc.sans.edu/diary/31756
Reposted by Yee Ching
Shellcode Encoded in UUID's https://isc.sans.edu/diary/31752
March 10, 2025 at 8:30 AM
Shellcode Encoded in UUID's https://isc.sans.edu/diary/31752
Reposted by Yee Ching
Tool update: mac-robber.py https://isc.sans.edu/diary/31738
March 4, 2025 at 2:16 PM
Tool update: mac-robber.py https://isc.sans.edu/diary/31738
Reposted by Yee Ching
Romanian Distillery Scanning for SMTP Credentials https://isc.sans.edu/diary/31736
March 4, 2025 at 3:55 PM
Romanian Distillery Scanning for SMTP Credentials https://isc.sans.edu/diary/31736
Reposted by Yee Ching
Mark of the Web: Some Technical Details https://isc.sans.edu/diary/31732
March 3, 2025 at 10:30 AM
Mark of the Web: Some Technical Details https://isc.sans.edu/diary/31732
Reposted by Yee Ching
Njrat Campaign Using Microsoft Dev Tunnels https://isc.sans.edu/diary/31724
February 27, 2025 at 8:18 AM
Njrat Campaign Using Microsoft Dev Tunnels https://isc.sans.edu/diary/31724
Reposted by Yee Ching
My Very Personal Guidance and Strategies to Protect Network Edge Devices https://isc.sans.edu/diary/31660
February 17, 2025 at 12:55 PM
My Very Personal Guidance and Strategies to Protect Network Edge Devices https://isc.sans.edu/diary/31660
Reposted by Yee Ching
The Danger of IP Volatility isc.sans.edu/diary/31688 #SANSISC
The Danger of IP Volatility - SANS Internet Storm Center
The Danger of IP Volatility, Author: Xavier Mertens
isc.sans.edu
February 15, 2025 at 7:28 AM
The Danger of IP Volatility isc.sans.edu/diary/31688 #SANSISC
Reposted by Yee Ching
Fake BSOD Delivered by Malicious Python Script https://isc.sans.edu/diary/31686
February 14, 2025 at 12:31 PM
Fake BSOD Delivered by Malicious Python Script https://isc.sans.edu/diary/31686
Reposted by Yee Ching
SANS Stormcast Feb 13th 2025: Smart City Threats; Advanced Social Engineering Attacks; Wazuh Vulnerability; PAM Vulnerability; Ivanti Patches
https://isc.sans.edu/podcastdetail/9322
https://isc.sans.edu/podcastdetail/9322
February 13, 2025 at 1:30 AM
SANS Stormcast Feb 13th 2025: Smart City Threats; Advanced Social Engineering Attacks; Wazuh Vulnerability; PAM Vulnerability; Ivanti Patches
https://isc.sans.edu/podcastdetail/9322
https://isc.sans.edu/podcastdetail/9322
Reposted by Yee Ching
DShield SIEM Docker Updates https://isc.sans.edu/diary/31680
February 13, 2025 at 1:26 AM
DShield SIEM Docker Updates https://isc.sans.edu/diary/31680
A Smart City Infrastructure ontology for threats, cybercrime and digital forensic investigation
Introduction Cybercrime and the market for cyber-related compromises are becoming attractive revenue sources for state-sponsored actors, cybercriminals and technical individuals affected by financial…
Introduction Cybercrime and the market for cyber-related compromises are becoming attractive revenue sources for state-sponsored actors, cybercriminals and technical individuals affected by financial…
A Smart City Infrastructure ontology for threats, cybercrime and digital forensic investigation
Introduction Cybercrime and the market for cyber-related compromises are becoming attractive revenue sources for state-sponsored actors, cybercriminals and technical individuals affected by financial hardships. Cyber-attacks on future technological advancements such as smart city infrastructure (SCI) will introduce new challenges to digital forensic investigators and law enforcement agencies. These challenges include a lack of standardised SCI contexts, information sharing, collaboration and tool interoperability.
poppopretn.com
February 12, 2025 at 2:05 AM
A Smart City Infrastructure ontology for threats, cybercrime and digital forensic investigation
Introduction Cybercrime and the market for cyber-related compromises are becoming attractive revenue sources for state-sponsored actors, cybercriminals and technical individuals affected by financial…
Introduction Cybercrime and the market for cyber-related compromises are becoming attractive revenue sources for state-sponsored actors, cybercriminals and technical individuals affected by financial…
Reposted by Yee Ching
16 years ago, I started the daily SANS Internet Storm Center Stormcast. Over 16 years, I recorded about 3,900 episodes and 26,000 minutes of content (sounds more impressive than 16 days :) ).
Subscribe to it wherever you find podcasts. (or Alexa Flash Briefings, YouTube)
isc.sans.edu/podcast.html
Subscribe to it wherever you find podcasts. (or Alexa Flash Briefings, YouTube)
isc.sans.edu/podcast.html
February 10, 2025 at 2:02 PM
16 years ago, I started the daily SANS Internet Storm Center Stormcast. Over 16 years, I recorded about 3,900 episodes and 26,000 minutes of content (sounds more impressive than 16 days :) ).
Subscribe to it wherever you find podcasts. (or Alexa Flash Briefings, YouTube)
isc.sans.edu/podcast.html
Subscribe to it wherever you find podcasts. (or Alexa Flash Briefings, YouTube)
isc.sans.edu/podcast.html
Reposted by Yee Ching
Reminder: 7-Zip & MoW https://isc.sans.edu/diary/31668
February 10, 2025 at 7:31 AM
Reminder: 7-Zip & MoW https://isc.sans.edu/diary/31668
Hello, World! Hopping onboard the Bluesky train, my personal site is located at poppopretn.com where you can find out more about my research and portfolios. New posts from my website will be posted here. I will be more active at infosec.exchange, but will check back here occasionally.
POP POP RETN
Information security research, reflections and events
poppopretn.com
February 10, 2025 at 2:50 AM
Hello, World! Hopping onboard the Bluesky train, my personal site is located at poppopretn.com where you can find out more about my research and portfolios. New posts from my website will be posted here. I will be more active at infosec.exchange, but will check back here occasionally.