![Kickstart Your DShield Honeypot [Guest Diary], (Thu, Oct 3rd)](https://grchive.com/wp-content/uploads/2024/07/security-5043368_1280.jpg.webp)
[This is a Guest Diary by Joshua Gilman, an ISC intern as part of the SANS.edu BACS program] Introduction Setting up a DShield honeypot is just the beginning. The real challenge lies in configuring all the
Continue ReadingBlog
Security related Docker containers, (Wed, Oct 2nd)
Over the last 9 months or so, I've been putting together some docker containers that I find useful in my day-to-day malware analysis and forensicating. I have been putting them up on hub.docker.com and decided, I might as
Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-29824 Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber
Continue ReadingISC Stormcast For Wednesday, October 2nd, 2024 https://isc.sans.edu/podcastdetail/9162, (Wed, Oct 2nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations
Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)—in partnership with CISA, U.S. government and international partners—released the guide Principles of Operational Technology Cybersecurity. This guidance provides critical information on how to create and
Continue ReadingHurricane Helene Aftermath – Cyber Security Awareness Month, (Tue, Oct 1st)
For a few years now, October has been "National Cyber Security Awareness Month". This year, it is a good opportunity for a refresher on some scams that tend to happen around disasters like Hurricane Helene. The
Continue ReadingMitsubishi Electric MELSEC iQ-F FX5-OPC
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F FX5-OPC Vulnerability: NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote
Continue ReadingOptigo Networks ONS-S8 Spectra Aggregation Switch
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File
Continue ReadingCISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems (ICS) advisories on October 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-275-01 Optigo Networks ONS-S8 Spectra Aggregation Switch ICSA-24-275-02 Mitsubishi Electric
Continue Readingcapa Explorer Web: A Web-Based Tool for Program Capability Analysis
Written by: Soufiane Fariss, Willi Ballenthin, Mike Hunhoff, Genwei Jiang, Tina Johnson, Moritz Raabe capa, developed by Mandiant's FLARE team, is a reverse engineering tool that automates the identification of program capabilities. In this blog post
Continue Reading