SANS ISC Handlers public
[search 0]
More

Download the App!

show episodes
Loading …
show series
 
Port Forwarding with Windows for the Win https://isc.sans.edu/forums/diary/PortForwarding+with+Windows+for+the+Win/27934/ Please Fix Your E-Mail Brute Forcing Tool https://isc.sans.edu/forums/diary/Please+fix+your+EMail+Brute+forcing+tool/27930/ Ad Blocker Injects Ads https://www.imperva.com/blog/the-ad-blocker-that-injects-ads/ Romance Scams Go Af…
 
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+October+2021+Patch+Tuesday/27928/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html PyPi Remove mitmproxy2 Module https://twitter.com/maximilianhils/status/1447525552370458625 https://web.archive.org/web/20211012105244/https://gist.github.com/mhils/7ff29d50b25a1…
 
Non HTTP Requests Hitting Web Server https://isc.sans.edu/forums/diary/Things+that+go+Bump+in+the+Night+Non+HTTP+Requests+Hitting+Web+Servers/27924/ Apple Updates iOS/iPadOS to 15.0.2 https://saaramar.github.io/IOMFB_integer_overflow_poc/ https://support.apple.com/en-us/HT212846 Weak SSH Keys Used with GitKraken https://github.blog/2021-10-11-githu…
 
Scanning for Previous Oracle WebLogic Vulnerabilities https://isc.sans.edu/forums/diary/Scanning+for+Previous+Oracle+WebLogic+Vulnerabilities/27918/ Sorting Things Out - Sorting Data by IP Address https://isc.sans.edu/forums/diary/Sorting+Things+Out+Sorting+Data+by+IP+Address/27916/ https://gitlab.com/slackermedia/bashcrawl Telegram Does Not Remove…
 
Who is Hunting For Your IPTV Set-Top Box? https://isc.sans.edu/forums/diary/Who+Is+Hunting+For+Your+IPTV+SetTop+Box/27912/ Another Update For Apache https://httpd.apache.org Font on Lake Rootkit https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/ osquery 5 with macOS Endpoint Security https://www.…
 
Apache 2.4.49 Directory Traversal Vulnerability https://isc.sans.edu/forums/diary/Apache+2449+Directory+Traversal+Vulnerability+CVE202141773/27908/ Python Ransomware Targeting ESXi Server https://www.sophos.com/en-us/press-office/press-releases/2021/10/sophos-researchers-uncover-new-python-ransomware-targeting-an-esxi-server-and-virtual-machines.as…
 
Looking Glass Sites https://isc.sans.edu/forums/diary/Looking+Glasses+Debugging+Network+Connectivity+Issues/27904/ Facebook Postmortem https://engineering.fb.com/2021/10/05/networking-traffic/outage-details/ Apache 2.4.49 Directory Traversal Vulnerability https://blog.sonatype.com/apache-servers-actively-exploited-in-wild-importance-of-prompt-patch…
 
Facebook Outage https://isc.sans.edu/forums/diary/Facebook+Outage+Yes+its+DNS+sort+of+A+super+quick+analysis+of+what+is+going+on/27900/ Boutique "Dark" Botnet Hunting for Crumbs https://isc.sans.edu/forums/diary/Boutique+Dark+Botnet+Hunting+for+Crumbs/27898/ Apache Airflow May Leak Credentials https://www.intezer.com/blog/cloud-security/misconfigur…
 
A New Tool To Add to Your LOLBAS List: cvtres.exe https://isc.sans.edu/forums/diary/New+Tool+to+Add+to+Your+LOLBAS+List+cvtresexe/27892/ Google Chrome Continuing Updates https://support.google.com/chrome/answer/95414?hl=en&co=GENIE.Platform%3DDesktop Cyber Security Awareness Month https://www.sans.org/security-awareness-training/resources/ https://…
 
Visa/Apple Express Transit Relay Attack https://www.bbc.com/news/technology-58719891 FluBot Offering Fake FlutBot Protection https://twitter.com/CERTNZ/status/1443701853665980440 Undetected Azure Active Directory Brute-Force Attacks https://www.secureworks.com/research/undetected-azure-active-directory-brute-force-attacks SANS.edu Student Christoph…
 
Keeping Track of Time: Network Time Protocol and GPSD Bug https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/ Apple Airtags Stored XSS https://medium.com/@bobbyrsec/zero-day-hijacking-icloud-credentials-with-apple-airtags-stored-xss-6997da43a216 CISA/NSA Guidance To Configure VPNs https://media.defens…
 
TLS 1.3 and SSL: The Current State of Affairs https://isc.sans.edu/forums/diary/TLS+13+and+SSL+the+current+state+of+affairs/27882/ EFF Discontinues HTTPS Everywhere Plugin https://www.eff.org/deeplinks/2021/09/https-actually-everywhere Malicious CryptoCoin Wallet https://discourse.mozilla.org/t/got-hacked-by-the-add-on-called-safepal-wallet/85797 M…
 
Trend Micro ServerProtect Authentication Bypass Vulnerability https://www.zerodayinitiative.com/advisories/ZDI-21-1115/ Let's Encrypt Root CA Expiration https://community.letsencrypt.org/t/production-chain-changes/150739 ERMAC Android Malware https://www.threatfabric.com/blogs/ermac-another-cerberus-reborn.html QNAP Vulnerabilities https://www.qnap…
 
Mobile Device Inventory via Active Sync https://isc.sans.edu/forums/diary/Keep+an+Eye+on+Your+Users+Mobile+Devices+Simple+Inventory/27868/ Autodiscover Attacks https://autodiscover-vulnerable-tlds.com https://wiki.mozilla.org/Public_Suffix_List https://www.guardicore.com/labs/autodiscovering-the-great-leak/ Three More 0-Day Vulnerabilities in iOS h…
 
Excel Recipe: Some VBA Code with a Touch of Excel4 Macro https://isc.sans.edu/forums/diary/Excel+Recipe+Some+VBA+Code+with+a+Touch+of+Excel4+Macro/27864/ Windows Platform Binary Table Weakness https://eclypsium.com/2021/09/20/everyone-gets-a-rootkit/ Apple Patches Older iOS/MacOS Versions https://support.apple.com/en-us/HT201222 Broken Digital Sign…
 
An XML-Obfustcated Office Document (CVE-2021-40444) https://isc.sans.edu/forums/diary/An+XMLObfuscated+Office+Document+CVE202140444/27860/ Exchange Autodiscovering Leaks Credentials https://www.guardicore.com/labs/autodiscovering-the-great-leak/ Nagios Vulnerabilities https://claroty.com/2021/09/21/blog-research-securing-network-management-systems-…
 
A First Look at Apple's iOS 15 "Private Relay" feature https://isc.sans.edu/forums/diary/A+First+Look+at+Apples+iOS+15+Private+Relay+feature/27858/ macOS Finder Security Feature Bypass Leads to Possible RCE https://ssd-disclosure.com/ssd-advisory-macos-finder-rce/ VMWare vCenter Advisory https://blogs.vmware.com/vsphere/2021/09/vmsa-2021-0020-what-…
 
OMIGOD Exploits Captured in the Wild. https://isc.sans.edu/forums/diary/OMIGOD+Exploits+Captured+in+the+Wild+Researchers+responsible+for+half+of+scans+for+related+ports/27852/ Apple iOS/iPadOS/tvOS 15 Updates (and WatchOS, Xcode, Safari) https://support.apple.com/en-us/HT201222 ManageEngine ADSelfService Plus Exploited https://us-cert.cisa.gov/ncas…
 
Malicious Calendar Subscriptions Are Back https://isc.sans.edu/forums/diary/Malicious+Calendar+Subscriptions+Are+Back/27846/ Simple Analysis of a CVE-2021-40444 (MSHTML) Document https://isc.sans.edu/forums/diary/Simple+Analysis+Of+A+CVE202140444+docx+Document/27848/ Mirai Botnet Hunting OMIGOD https://twitter.com/1ZRR4H/status/1438580885142507528 …
 
Phishing 101: why depend on one suspicious message subject when you can use many https://isc.sans.edu/forums/diary/Phishing+101+why+depend+on+one+suspicious+message+subject+when+you+can+use+many/27842/ PrintNightmare Fix Breaks Network Printing https://www.bleepingcomputer.com/news/security/new-windows-security-updates-break-network-printing/ Malwa…
 
Hancitor Campaign Abusing Microsoft's OneDrive https://isc.sans.edu/forums/diary/Hancitor+campaign+abusing+Microsofts+OneDrive/27838/ "Secret"Agent Exposes Azure Customers To Unauthorized Code Execution https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-executionBy Johannes B. Ullrich, Ph.D.
 
Apple Updates Everything https://support.apple.com/en-us/HT201222 Citizenlab Discloses NSO Exploit Details https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/ Google Chrome Update https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop.html WooCommerce Multi Currency Plugin V…
 
Shipping Microsoft DNS Logs to Elasticsearch https://isc.sans.edu/forums/diary/Shipping+to+Elasticsearch+Microsoft+DNS+Logs/27828/ Exploit Generator for CVE-2021-40444 https://github.com/lockedbyte/CVE-2021-40444 Windows Lock Screen Bypass https://halove23.blogspot.com/2021/09/zdi-21-1053-bypassing-windows-lock.html Citrix Hypervisor Update https:/…
 
ISC/DShield API Updates https://isc.sans.edu/forums/diary/Updates+to+Our+DatafeedsAPI/27824/ Update on Windows MSHTML Vulnerability https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-defenses-bypassed-as-new-info-emerges/ GitHub Actions check-spelling community workflow GITHUB_TOKEN leakage https://github.com/justinsteven/advis…
 
Protonmail Correction https://protonmail.com/blog/climate-activist-arrest/ https://protonmail.com/privacy-policy "Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware https://isc.sans.edu/forums/diary/Stolen+Images+Evidence+Campaign+Continues+Pushing+BazarLoader+Malware/27816/ Thyotic Secret Server Critical Update https://docs.thy…
 
Loading …

Quick Reference Guide

Copyright 2021 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login