Detecting CVE-2020-0601 with Zeek

CVE-2020-0601 is a major security issue affecting recent versions of Microsoft Windows. In a nutshell, NSA found a vulnerability in core Windows libraries that perform certificate validation. This vulnerability can be used to craft certificates that are accepted as...

Zeek Community Resources

 Or – How can I get involved in the community? One of the questions that we commonly get is “How do I get help,” or “How can I get involved into the Zeek community?” The goal of this blog post is to make you aware of the community resources that...

Bro 2.5.3 released (security update)

We announce the release of Bro v2.5.3. The new version is now available for download at https://bro.org/download/index.html or directly at https://www.bro.org/downloads/bro-2.5.3.tar.gz.Binary packages for the new version are currently building and will be availablein...

Bro 2.5.2 & 2.4.2 release (security update)

We announce the release of Bro v2.5.2. The new version is now available for download at https://bro.org/download/index.html or directly at https://www.bro.org/downloads/bro-2.5.2.tar.gz. Binary packages for the new version are currently building and will be available...

Bro 2.5.1 released

We are very happy to announce the release of Bro v2.5.1. The new version is now available for download! This release contains a number of bug fixes. Fixes include:  Better file analysis memory management  Less cluster node communication  Correct...