(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingBlog
Hikvision Password Reset Brute Forcing, (Mon, Jan 13th)
One common pattern in password resets is sending a one-time password to the user to enable them to reset their password. The flow usually looks like: User Requests a password reset The user enters an e-mail
Continue ReadingCISA and US and International Partners Publish Guidance on Priority Considerations in Product Selection for OT Owners and Operators
Today, CISA—along with U.S. and international partners—released joint guidance Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products. As part of CISA’s Secure by Demand series, this guidance focuses on helping
Continue ReadingISC Stormcast For Monday, January 13th, 2025 https://isc.sans.edu/podcastdetail/9276, (Mon, Jan 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingMulti-OLE, (Sun, Jan 12th)
VBA macros and embedded files/objects are stored as OLE files inside OOXML files. You can have .docm files with many OLE files, like this one, analyzed with zipdump.py: If you analyze this with oledump.py, each OLE
Continue ReadingWireshark 4.4.3 Released, (Sat, Jan 11th)
Wireshark release 4.4.3 fixes 0 vulnerabilities and 8 bugs. Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingSchneider Electric PowerChute Serial Shutdown
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PowerChute Serial Shutdown Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial of
Continue ReadingDelta Electronics DRASimuCAD
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DRASimuCAD Vulnerabilities: Out-of-bounds Write, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device or potentially
Continue ReadingSchneider Electric Harmony HMI and Pro-face HMI Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Harmony HMI and Pro-face HMI Products Vulnerability: Use of Unmaintained Third-Party Components 2. RISK EVALUATION Successful exploitation of this
Continue ReadingCISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems (ICS) advisories on January 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-010-01 Schneider Electric PowerChute Serial Shutdown ICSA-25-010-02 Schneider Electric Harmony
Continue Reading