This is the first 4.4 release. Many new features have been added, details are here. One feature I already highlighted are custom columns with field expressions: "Wireshark 4.4.0rc1's Custom Columns". Other new features I'll be looking
Continue ReadingMonth: August 2024
ISC Stormcast For Friday, August 30th, 2024 https://isc.sans.edu/podcastdetail/9120, (Fri, Aug 30th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingSimulating Traffic With Scapy, (Fri, Aug 30th)
It can be helpful to simulate different kinds of system activity. I had an instance where I wanted to generate logs to test a log forwarding agent. This agent was processing DNS logs. There are a variety of
Continue ReadingCISA and Partners Release Advisory on RansomHub Ransomware
Today, CISA—in partnership with the Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC), and Department of Health and Human Services (HHS)—released a joint Cybersecurity Advisory, #StopRansomware: RansomHub Ransomware. This advisory provides network defenders with
Continue Reading#StopRansomware: RansomHub Ransomware
Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed
Continue ReadingCISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems (ICS) advisories on August 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-242-01 Rockwell Automation ThinManager ThinServer ICSA-24-242-02 Delta Electronics DTN Soft
Continue ReadingDelta Electronics DTN Soft
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DTN Soft Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to
Continue ReadingH1 2024 Check Fraud Report: Geographic Trends and Threat Actor Patterns
The 2024 Check Fraud Report highlights a significant rise in check fraud across the United States, with an estimated $21 billion in losses in 2023 alone. The report analyzes nearly a million stolen bank check images
Continue ReadingRockwell Automation ThinManager ThinServer
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: ThinManager ThinServer Vulnerabilities: Improper Privilege Management, Incorrect Permission Assignment for Critical Resource, Improper Input Validation 2. RISK EVALUATION Successful
Continue ReadingA Measure of Motive: How Attackers Weaponize Digital Analytics Tools
Adrian McCabe, Ryan Tomcik, Stephen Clement Introduction Digital analytics tools are vital components of the vast domain that is modern cyberspace. From system administrators managing traffic load balancers to marketers and advertisers working to deliver relevant
Continue Reading