![OSINT – Image Analysis or More Where, When, and Metadata [Guest Diary], (Wed, Sep 25th)](https://grchive.com/wp-content/uploads/2024/07/security-5043368_1280.jpg.webp)
[This is a Guest Diary by Thomas Spangler, an ISC intern as part of the SANS.edu BACS program] A picture is worth a thousand words, as the saying goes. Using open-source information and basic image analysis
Continue ReadingBlog
CISA Warns of Hurricane-Related Scams
As Hurricane Helene approaches, CISA urges users to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling
Continue ReadingCitrix Releases Security Updates for XenServer and Citrix Hypervisor
Citrix released security updates to address multiple vulnerabilities in XenServer and Citrix Hypervisor. A cyber threat actor could exploit some of these vulnerabilities to cause a denial of service condition. CISA encourages users and administrators to
Continue ReadingDNS Reflection Update and Odd Corrupted DNS Requests, (Wed, Sep 25th)
Occasionally, I tend to check in on what reflective DNS denial of service attacks are doing. We usually see steady levels of attacks. Usually, they attempt to use spoofed requests for ANY records to achieve the
Continue ReadingThreat Actors Continue to Exploit OT/ICS through Unsophisticated Means
CISA continues to respond to active exploitation of internet-accessible operational technology (OT) and industrial control systems (ICS) devices, including those in the Water and Wastewater Systems (WWS) Sector. Exposed and vulnerable OT/ICS systems may allow cyber threat
Continue ReadingLummaC2: Obfuscation Through Indirect Control Flow
Written by: Nino Isakovic, Chuong Dong Overview This blog post delves into the analysis of a control flow obfuscation technique employed by recent LummaC2 (LUMMAC.V2) stealer samples. In addition to the traditional control flow flattening technique used
Continue ReadingUnderstanding NIS2 and DORA: Strengthening Cyber Resilience in the EU
Globally, regulations and directives are significantly altering the way organizations address cyber resilience, emphasizing the necessity for a more proactive stance. This is evident in both the Digital Operational Resilience Act (DORA) and the second version
Continue ReadingTargets, Objectives, and Emerging Tactics of Political Deepfakes
The rise of deepfakes poses significant threats to elections, public figures, and the media. Recent Insikt Group research highlights 82 deepfakes targeting public figures in 38 countries between July 2023 and July 2024. Deepfakes aimed at
Continue ReadingISC Stormcast For Wednesday, September 25th, 2024 https://isc.sans.edu/podcastdetail/9152, (Wed, Sep 25th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7593 Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber
Continue Reading