[SANS ISC] Collecting IOCs from IMAP Folder

I published the following diary on isc.sans.edu: “Collecting IOCs from IMAP Folder“:

I’ve plenty of subscriptions to “cyber security” mailing lists that generate a lot of traffic. Even if we try to get rid of emails, that’s a fact: email remains a key communication channel. Some mailing lists posts contain interesting indicators of compromize. So, I searched for a nice way to extract them in an automated way (and to correlate them with other data). I did not find a solution ready to use that matched my requirements… [Read more]

[The post [SANS ISC] Collecting IOCs from IMAP Folder has been first published on /dev/random]

Article Link: https://blog.rootshell.be/2020/04/30/sans-isc-collecting-iocs-from-imap-folder/