Apple Updates; JunOS OpenSSH Issues; Malicious Go in PyPi; Apple Updates Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20macOS%2C%20iOS%2C%20iPadOS%2C%20watchOS%2C%20tvOS%20updated./30916 Juniper OpenSSH Update https://s

Network Security News Summary for Monday May 13th, 2024

1 day ago 5m 36s

Windows DNS Suffixes; Black Basta Ransomware; Arcserve UDP Exploits; Chrome 0-day; SolarWinds ARM Vuln; DNS Suffixes on Windows https://isc.sans.edu/diary/DNS%20Suffixes%20on%20Windows/30912 Black Basta Ransomware Advisory https://www.cisa.gov/

Network Security News Summary for Friday May 10th, 2024

4 days ago 5m 54s

PDF Streams; F5 Central Manager Vuln; Veeam Patches; XenCenter Putty Update; Analyzing PDF Streams https://isc.sans.edu/diary/Analyzing%20PDF%20Streams/30908 F5 Next Central Manager Vulnerabilities https://eclypsium.com/blog/big-vulnerabilities

Network Security News Summary for Thursday May 09th, 2024

5 days ago 6m 10s

Analyzing Synology Disks; RSA Panel; SANS.edu Research Journal Analzying Synology Disks https://isc.sans.edu/diary/Analyzing%20Synology%20Disks%20on%20Linux/30904 RSA Panel https://www.rsaconference.com/usa/agenda/session/The%20Five%20Most%20Da

Network Security News Summary for Wednesday May 08th, 2024

6 days ago 8m 14s

ISP DNS Spoofing; Weblogic PoC; PDF.js / React PDF Vuln; Tinyproxy Detecting XFinity/Comcast DNS Spoofing https://isc.sans.edu/diary/Detecting%20XFinity%20Comcast%20DNS%20Spoofing/30898 Weblogic PoC CVE-2024-21006 https://pwnull.github.io/2024/

Network Security News Summary for Wednesday May 08th, 2024

7 days ago 6m 28s

VPN Routing Leaks; Mullvad VPN Traffic Leak; Tiny Proxy unpatches RCE Vuln; DHCP Based VPN Routing Leaks https://www.leviathansecurity.com/blog/tunnelvision Mullvad VPN DNS Traffic Leak https://mullvad.net/en/blog/dns-traffic-can-leak-outside-t

Network Security News Summary for Monday May 06th, 2024

8 days ago 5m 33s

DNS Debugging; MSFT Zero Trust DNS; MSFT Graph API Abuse DNS Debugging with nslookup https://isc.sans.edu/diary/nslookups+Debug+Options/30894/ Microsoft Plans DNS Lockdown https://techcommunity.microsoft.com/t5/networking-blog/announcing-zero-t

Network Security News Summary for Friday May 03th, 2024

11 days ago 5m 34s

Scans for Stupid Router Vuln; npm xml-crypt Vuln; Cuddlefish; ArubaOS Vuln; https://isc.sans.edu/diary/Scans%20Probing%20for%20LB-Link%20and%20Vinga%20WR-AC1200%20routers%20CVE-2023-24796/30890 Scans Probing for LB-Link and Vinga WR-AC1200 rout

Network Security News Summary for Thursday May 02th, 2024

12 days ago 6m 51s

Linux Trojan; Denial of Wallet Attack; EU iOS Appstore User Tracking; BentoML Vuln; Linux Trojan - Xorddos with Filename eyshcjdmzg https://isc.sans.edu/diary/Linux%20Trojan%20-%20Xorddos%20with%20Filename%20eyshcjdmzg/30880 AWS S3 Denial of Wa

Network Security News Summary for Thursday May 02th, 2024

13 days ago 6m 39s

Zyxel NAS Attacks; R Vulnerability; Malicious Containers; NVMe-oF/TCP Vulns; Another Day, Another NAS: Attacks against Zyxel NAS326 Devices CVE-2023-4473, CVE-2023-4474 https://isc.sans.edu/diary/Another%20Day%2C%20Another%20NAS%3A%20Attacks%20

Network Security News Summary for Tuesday April 30th, 2024

14 days ago 6m 55s

DLink NAS Exploit Variation; DNS and Great Firewall of China; Android TV Data Leakage DLink NAS Exploit Variation https://www.qnap.com/en/security-advisory/qsa-24-09 Muddling Meerkat DNS Abuse https://blogs.infoblox.com/threat-intelligence/a-cu

Network Security News Summary for Monday April 29th, 2024

15 days ago 6m 36s

Credential Stuffing Increase; Fake Payment Cards; USPS Phishing; Chrome Post Quantum TLS Issues; Okta warns of increase in credential stuffing https://sec.okta.com/blockanonymizers Fake payment cards used by Police in Japan https://twitter.com/

Network Security News Summary for Friday April 26th, 2024

18 days ago 20m 28s

Honeypot Firewalls; Unplugging PlugX; pfsense and GitLab Updates; Blocking LOLBins @sans_edu Does it matter if iptables isn't running on my honeypot? https://isc.sans.edu/forums/diary/Does%20it%20matter%20if%20iptables%20isn't%20running%20on%20

Network Security News Summary for Thursday April 25th, 2024

19 days ago 6m 10s

NVD API Updates; Cisco Patches and Backdoor; Keyboard App Vulns; node-mysql2 vulns; API Rug Pull - The NIST NVD Database and API https://isc.sans.edu/diary/API%20Rug%20Pull%20-%20The%20NIST%20NVD%20Database%20and%20API%20%28Part%204%20of%203%29

Network Security News Summary for Wednesday April 24th, 2024

20 days ago 6m 22s

struts2 devmode scans; Russian PrinterNightmare; Exchange Server Fix; Flowmon Exploit; GuptiMiner; Struts2 devmode Still a Problem Ten Years Later https://isc.sans.edu/forums/diary/Struts%20%22devmode%22%3A%20Still%20a%20problem%20ten%20years%2

Network Security News Summary for Tuesday April 23th, 2024

21 days ago 6m 6s

Exposed ICS; Evil XDR; GitLab Comment Bug; Number of Industrial Devices Accessible From Internet Up 30 Thousand over three years https://isc.sans.edu/diary/It%20appears%20that%20the%20number%20of%20industrial%20devices%20accessible%20from%20the

Network Security News Summary for Monday April 22th, 2024

22 days ago 5m 36s

CVE Changes; CrushFTP 0-Day; GitHub Comment Bug; YubiKey Manager Bug; PAN GlobalProtect Update The CVE's They are A-Changing https://isc.sans.edu/diary/The%20CVE%27s%20They%20are%20A-Changing!/30850 CrushFTP 0-Day Vulnerability https://www.crus

Network Security News Summary for Friday April 19th, 2024

25 days ago 5m 7s

Delinea PoC; Ivanti Avalanche PoC; Advanced Phishing Campaign; go-getter update; OfflRouter Virus Delinea Secret Server Authn Authz Bypass https://straightblast.medium.com/all-your-secrets-are-belong-to-us-a-delinea-secret-server-authn-authz-by

Network Security News Summary for Thursday April 18th, 2024

26 days ago 5m 20s

AgentTesla via PDF; GlobalProtect Updates; Open Source Takeovers; OpenMetaData Attacks Malicious PDF File As Delivery Mechanism https://isc.sans.edu/diary/Malicious%20PDF%20File%20Used%20As%20Delivery%20Mechanism/30848 Updated Palo Alto Network

Network Security News Summary for Wednesday April 17th, 2024

27 days ago 5m 34s

GlobalProtect Exploit Public; Putty Private Key Vuln; Palo Alto Networks GlobalProtect exploit public and widely exploited CVE-2024-3400 https://isc.sans.edu/forums/diary/Palo%20Alto%20Networks%20GlobalProtect%20exploit%20public%20and%20widely%

Network Security News Summary for Tuesday April 16th, 2024

28 days ago 6m 17s

GlobalProtect Updates; Delinea Patch; Lancom PW reset; PHP Patch; Duo leak; LastPass Deepfake Quick Palo Alto Networks Global Protect Vulnerablity Update CVE-2024-3400 https://isc.sans.edu/diary/30838 Delinea patches critical vulnerability in s

Network Security News Summary for Sunday April 14th, 2024

Apr 13th, 2024 5m 41s

Palo Alto Networks GlobalProtect 0-Day Vulnerability Exploited Palo Alto Networks GlobalProtect 0-Day CVE-2024-3400 https://security.paloaltonetworks.com/CVE-2024-3400 https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenti

Network Security News Summary for Friday April 12th, 2024

Apr 11th, 2024 6m 12s

BatBadBut Vulnerability; FortiClient Linux RCE; Apple Notifications; GitHub Search Tricks; BatBadBut: You can't securely execute commands on Windows https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/ Fort

Network Security News Summary for Thursday April 11th, 2024

Apr 10th, 2024 5m 59s

Rust Vulnerability; Adobe Updates; Fortinet Patches; Malicious Windows Driver Rust Command API code execution vulnerability CVE-2024-24576 https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html Adobe Updates: Magento Adobe Commerce CVE-2024-

Network Security News Summary for Wednesday April 10th, 2024

Apr 9th, 2024 6m 31s

Microsoft Patches; D-Link NAS Backdoor; LG WebOS TV Vulnerabilities Microsoft Patches https://isc.sans.edu/forums/diary/April%202024%20Microsoft%20Patch%20Tuesday%20Summary/30822/ D-Link NAS Backdoor https://github.com/netsecfish/dlink LG Smart