Author: Anowar Hossain Rana

Creating a secure Wiki is hard. The purpose of a wiki is to allow "random" users to edit web pages. A good Wiki provides users with great flexibility, but with great flexibility comes an even "greater"

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Staring long enough at honeypot logs, I am sure you will come across one or the other "oddity." Something that at first does not make any sense, but then, in some way, does make sense. After

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Walking my dog earlier, I came across the sign on the right. Having just looked at yet another middleware/HTTP header issue (the Next.js problem that became public this weekend) [1], I figured I should write something

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Our API (https://isc.sans.edu/api) continues to be quite popular. One query we see a lot is lookups for individual IP addresses. Running many queries as you go through a log may cause you to get locked out

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

In September, Cisco published an advisory noting two vulnerabilities [1]: CVE-2024-20439: Cisco Smart Licensing Utility Static Credential Vulnerability CVE-2024-20440: Cisco Smart Licensing Utility Information Disclosure Vulnerability These two vulnerabilities are somewhat connected. The first one is

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.