IntroductionA past conversation with an undercover federal agent who specializes in money laundering revealed staggering amounts of currency moving across geographic boundaries, skirting traditional Anti-Money Laundering (AML) processes. From local and transnational crime syndicates to presidential
Continue ReadingBlog
ISC Stormcast For Wednesday, December 18th, 2024 https://isc.sans.edu/podcastdetail/9260, (Wed, Dec 18th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Reading[Guest Diary] A Deep Dive into TeamTNT and Spinning YARN, (Wed, Dec 18th)
[This is a Guest Diary by James Levija, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program [1].] Executive Summary TeamTNT is running a crypto mining campaign dubbed Spinning YARN.
Continue ReadingCISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services
Today, CISA issued Binding Operational Directive (BOD) 25-01, Implementing Secure Practices for Cloud Services to safeguard federal information and information systems. This Directive requires federal civilian agencies to identify specific cloud tenants, implement assessment tools, and
Continue ReadingCISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure
Today, CISA and the Office of the National Cyber Director (ONCD) published Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure to assist grant-making agencies to incorporate cybersecurity into their grant programs and assist
Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-55956 Cleo Multiple Products Unauthenticated File Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber
Continue ReadingRockwell Automation PowerMonitor 1000 Remote
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PowerMonitor 1000 Remote Vulnerabilities: Unprotected Alternate Channel, Heap-based Buffer Overflow, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of
Continue ReadingThreatQuotient ThreatQ Platform
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: ThreatQuotient Inc. Equipment: ThreatQ Platform Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform
Continue ReadingBD Diagnostic Solutions Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: Diagnostic Solutions Products Vulnerability: Use of Default Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could
Continue ReadingHitachi Energy TropOS Devices Series 1400/2400/6400
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TropOS Devices Series 1400/2400/6400 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an
Continue Reading