View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TRO600 Series Vulnerabilities: Command Injection, Improper Removal of Sensitive Information Before Storage or Transfer 2. RISK EVALUATION Command injection
Continue ReadingBlog
Rockwell Automation FactoryTalk View ME
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View ME Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local low-privileged
Continue Reading2023 Top Routinely Exploited Vulnerabilities
Summary The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (hereafter collectively referred to as the authoring agencies): United States: The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and National Security
Continue ReadingWhy the Shift to SaaS Amplifies Identity-Based Risk
Increasingly, attackers don't hack in anymorethey log in. As enterprises rapidly adopt cloud-based SaaS applications, our security landscape has fundamentally shifted. Identity, not infrastructure, has become the primary target.Why Identity Is the New BattlefieldTo understand the
Continue ReadingISC Stormcast For Tuesday, November 12th, 2024 https://isc.sans.edu/podcastdetail/9218, (Tue, Nov 12th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingPDF Object Streams, (Mon, Nov 11th)
The first thing to do, when analyzing a potentially malicious PDF, is to look for the /Encrypt name as explained in diary entry Analyzing an Encrypted Phishing PDF. The second thing to do, is to look
Continue ReadingISC Stormcast For Monday, November 11th, 2024 https://isc.sans.edu/podcastdetail/9216, (Mon, Nov 11th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Readingzipdump & PKZIP Records, (Sun, Nov 10th)
In yesterday's diary entry "zipdump & Evasive ZIP Concatenation" I showed how one can inspect the PKZIP records that make up a ZIP file. My tool zipdump.py can also inspect the data of PKZIP file records,
Continue Readingzipdump & Evasive ZIP Concatenation, (Sat, Nov 9th)
On Friday's Stormcast, Johannes talks about Evasive ZIP Concatenation, a technique where 2 (or more) ZIP files are concatenated together to evade detection. This gives me a good opportunity to remind you that my zip analysis
Continue ReadingSANS Holiday Hack Challenge 2024, (Sat, Nov 9th)
The SANS Holiday Hack Challenge is open early this year: Enjoy! :-) Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Reading