CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2016-3714 ImageMagick Improper Input Validation Vulnerability CVE-2017-1000253 Linux Kernel PIE Stack Buffer Corruption Vulnerability CVE-2024-40766 SonicWall SonicOS Improper Access
Continue ReadingMonth: September 2024
Wireshark 4.4’s IP Address Functions, (Mon, Sep 9th)
New IP address functions have been added in Wireshark 4.4 (if you use Wireshark on Windows, there's a bug in release 4.4.0: the DLL with these functions is missing, it will be included in release 4.4.1;
Continue ReadingISC Stormcast For Monday, September 9th, 2024 https://isc.sans.edu/podcastdetail/9130, (Mon, Sep 9th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingPassword Cracking & Energy: More Dedails, (Sun, Sep 8th)
Here are more details on the power consumption of my desktop computer when I crack passwords (cfr diary entry "Quickie: Password Cracking & Energy"). The vertical scale of this chart is expressed in Watts: 0 Watt:
Continue ReadingPython & Notepad++, (Sat, Sep 7th)
PythonScript is a Notepad++ plugin that provides a Python interpreter to edit Notepad++ documents. You install PythonScript in Notepad++ like this: Use "New Script" to create a new Python script: As an example, I will create
Continue ReadingISC Stormcast For Friday, September 6th, 2024 https://isc.sans.edu/podcastdetail/9128, (Fri, Sep 6th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingEnrichment Data: Keeping it Fresh, (Fri, Sep 6th)
I like to enrich my honeypot data from a variety of sources to help understand a bit more about the context of the attack. This includes the types of networks the attacks are coming from or
Continue ReadingFBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure
Today, the Federal Bureau of Investigation (FBI)—in partnership with CISA, the National Security Agency (NSA), and other U.S. and international partners—released a joint Cybersecurity Advisory Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure. This
Continue ReadingRussian Military Cyber Actors Target US and Global Critical Infrastructure
Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center
Continue ReadingBaxter Connex Health Portal
View CSAF 1. EXECUTIVE SUMMARY CVSS v3.1 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Connex Health Portal Vulnerabilities: SQL Injection, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to
Continue Reading