TXZ Malspam; 4th Google 0-Day; Google no trust in Globaltrust; Checkpoint Password Bruteforcing; Files with TGZ Extension used as malspam attachements https://isc.sans.edu/diary/Files%20with%20TXZ%20extension%20used%20as%20malspam%20attachments
Redtail Miner; Veeam, Ivanti and Firepower Vulns; Justice AV Backdoor; C-Root Server Lack Analysis of 'redtail' file uploads to ISC Honeypot https://isc.sans.edu/diary/Analysis%20of%20%3Fredtail%3F%20File%20Uploads%20to%20ICS%20Honeypot%2C%20a%
Scripting ipinfo in nmap; Wifi BSSID Location Databases: risks and opting out NMAP Scanning Without Scanning - The ipinfo API https://isc.sans.edu/diary/NMAP%20Scanning%20without%20Scanning%20%28Part%202%29%20-%20The%20ipinfo%20API/30948 Why Yo
Analyzing MSG Files; Fluent Bit Vuln; Fortinet Vuln Details; Git and Google Chrome PoCs; Analyzing MSG Files https://isc.sans.edu/diary/Analyzing%20MSG%20Files/30940 Linguistic Lumberjack: Fluent Bit Vulnerability CVE-2024-4323 https://www.tena
VPNs need MFA; SSID Confusion; FIDO2 Session Hijacking Got MFA? If not, now is the time! https://isc.sans.edu/diary/Got%20MFA%3F%20%20If%20not%2C%20Now%20is%20the%20Time!/30926 SSID Confusion: Making Wi-Fi Clients Connect to the Wrong Network C
Microsoft Patches; Bluetooth Trackers; VMWare Updates; Revoking Windows UEFI Certs; Adobe Patches Microsoft Patches https://isc.sans.edu/diary/Microsoft%20May%202024%20Patch%20Tuesday/30920 Detecting Bluetooth Trackers https://security.googlebl
Apple Updates; JunOS OpenSSH Issues; Malicious Go in PyPi; Apple Updates Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20macOS%2C%20iOS%2C%20iPadOS%2C%20watchOS%2C%20tvOS%20updated./30916 Juniper OpenSSH Update https://s
Windows DNS Suffixes; Black Basta Ransomware; Arcserve UDP Exploits; Chrome 0-day; SolarWinds ARM Vuln; DNS Suffixes on Windows https://isc.sans.edu/diary/DNS%20Suffixes%20on%20Windows/30912 Black Basta Ransomware Advisory https://www.cisa.gov/
PDF Streams; F5 Central Manager Vuln; Veeam Patches; XenCenter Putty Update; Analyzing PDF Streams https://isc.sans.edu/diary/Analyzing%20PDF%20Streams/30908 F5 Next Central Manager Vulnerabilities https://eclypsium.com/blog/big-vulnerabilities
DNS Debugging; MSFT Zero Trust DNS; MSFT Graph API Abuse DNS Debugging with nslookup https://isc.sans.edu/diary/nslookups+Debug+Options/30894/ Microsoft Plans DNS Lockdown https://techcommunity.microsoft.com/t5/networking-blog/announcing-zero-t
Linux Trojan; Denial of Wallet Attack; EU iOS Appstore User Tracking; BentoML Vuln; Linux Trojan - Xorddos with Filename eyshcjdmzg https://isc.sans.edu/diary/Linux%20Trojan%20-%20Xorddos%20with%20Filename%20eyshcjdmzg/30880 AWS S3 Denial of Wa
Zyxel NAS Attacks; R Vulnerability; Malicious Containers; NVMe-oF/TCP Vulns; Another Day, Another NAS: Attacks against Zyxel NAS326 Devices CVE-2023-4473, CVE-2023-4474 https://isc.sans.edu/diary/Another%20Day%2C%20Another%20NAS%3A%20Attacks%20
DLink NAS Exploit Variation; DNS and Great Firewall of China; Android TV Data Leakage DLink NAS Exploit Variation https://www.qnap.com/en/security-advisory/qsa-24-09 Muddling Meerkat DNS Abuse https://blogs.infoblox.com/threat-intelligence/a-cu
Credential Stuffing Increase; Fake Payment Cards; USPS Phishing; Chrome Post Quantum TLS Issues; Okta warns of increase in credential stuffing https://sec.okta.com/blockanonymizers Fake payment cards used by Police in Japan https://twitter.com/
Honeypot Firewalls; Unplugging PlugX; pfsense and GitLab Updates; Blocking LOLBins @sans_edu Does it matter if iptables isn't running on my honeypot? https://isc.sans.edu/forums/diary/Does%20it%20matter%20if%20iptables%20isn't%20running%20on%20
NVD API Updates; Cisco Patches and Backdoor; Keyboard App Vulns; node-mysql2 vulns; API Rug Pull - The NIST NVD Database and API https://isc.sans.edu/diary/API%20Rug%20Pull%20-%20The%20NIST%20NVD%20Database%20and%20API%20%28Part%204%20of%203%29
struts2 devmode scans; Russian PrinterNightmare; Exchange Server Fix; Flowmon Exploit; GuptiMiner; Struts2 devmode Still a Problem Ten Years Later https://isc.sans.edu/forums/diary/Struts%20%22devmode%22%3A%20Still%20a%20problem%20ten%20years%2
Exposed ICS; Evil XDR; GitLab Comment Bug; Number of Industrial Devices Accessible From Internet Up 30 Thousand over three years https://isc.sans.edu/diary/It%20appears%20that%20the%20number%20of%20industrial%20devices%20accessible%20from%20the