View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Low attack complexity Vendor: goTenna Equipment: Pro series Vulnerabilities: Weak Password Requirements, Insecure Storage of Sensitive Information, Missing Support for Integrity Check, Cleartext Transmission of Sensitive Information,
Continue ReadingCategory: Dynamic Threat Feeds
Advantech ADAM-5630
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Advantech Equipment: ADAM-5630 Vulnerabilities: Use of Persistent Cookies Containing Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker
Continue ReadingRhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0
SummaryRhadamanthys, an advanced information stealer first identified in 2022, has undergone rapid updates, with version 0.7.0 introducing AI-driven capabilities for extracting cryptocurrency seed phrases from images. This malware targets credentials, system information, and financial data, using
Continue ReadingASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises
Today, the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), the Cybersecurity and Infrastructure Security Agency (CISA), and other U.S. and international partners released the joint guide Detecting and Mitigating Active Directory Compromises. This guide
Continue ReadingISC Stormcast For Thursday, September 26th, 2024 https://isc.sans.edu/podcastdetail/9154, (Thu, Sep 26th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingOSINT – Image Analysis or More Where, When, and Metadata [Guest Diary], (Wed, Sep 25th)
[This is a Guest Diary by Thomas Spangler, an ISC intern as part of the SANS.edu BACS program] A picture is worth a thousand words, as the saying goes. Using open-source information and basic image analysis
Continue ReadingCISA Warns of Hurricane-Related Scams
As Hurricane Helene approaches, CISA urges users to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling
Continue ReadingCitrix Releases Security Updates for XenServer and Citrix Hypervisor
Citrix released security updates to address multiple vulnerabilities in XenServer and Citrix Hypervisor. A cyber threat actor could exploit some of these vulnerabilities to cause a denial of service condition. CISA encourages users and administrators to
Continue ReadingDNS Reflection Update and Odd Corrupted DNS Requests, (Wed, Sep 25th)
Occasionally, I tend to check in on what reflective DNS denial of service attacks are doing. We usually see steady levels of attacks. Usually, they attempt to use spoofed requests for ANY records to achieve the
Continue ReadingThreat Actors Continue to Exploit OT/ICS through Unsophisticated Means
CISA continues to respond to active exploitation of internet-accessible operational technology (OT) and industrial control systems (ICS) devices, including those in the Water and Wastewater Systems (WWS) Sector. Exposed and vulnerable OT/ICS systems may allow cyber threat
Continue Reading