View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: SequenceManager Vulnerabilities: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a denial-of-service
Continue ReadingCategory: Dynamic Threat Feeds
Citrix Releases Security Updates for Citrix Workspace App for Windows
Citrix released security updates to address multiple vulnerabilities in the Citrix Workspace App for Windows. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and
Continue ReadingISC Stormcast For Tuesday, September 10th, 2024 https://isc.sans.edu/podcastdetail/9132, (Tue, Sep 10th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2016-3714 ImageMagick Improper Input Validation Vulnerability CVE-2017-1000253 Linux Kernel PIE Stack Buffer Corruption Vulnerability CVE-2024-40766 SonicWall SonicOS Improper Access
Continue ReadingWireshark 4.4’s IP Address Functions, (Mon, Sep 9th)
New IP address functions have been added in Wireshark 4.4 (if you use Wireshark on Windows, there's a bug in release 4.4.0: the DLL with these functions is missing, it will be included in release 4.4.1;
Continue ReadingISC Stormcast For Monday, September 9th, 2024 https://isc.sans.edu/podcastdetail/9130, (Mon, Sep 9th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingPassword Cracking & Energy: More Dedails, (Sun, Sep 8th)
Here are more details on the power consumption of my desktop computer when I crack passwords (cfr diary entry "Quickie: Password Cracking & Energy"). The vertical scale of this chart is expressed in Watts: 0 Watt:
Continue ReadingPython & Notepad++, (Sat, Sep 7th)
PythonScript is a Notepad++ plugin that provides a Python interpreter to edit Notepad++ documents. You install PythonScript in Notepad++ like this: Use "New Script" to create a new Python script: As an example, I will create
Continue ReadingISC Stormcast For Friday, September 6th, 2024 https://isc.sans.edu/podcastdetail/9128, (Fri, Sep 6th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingEnrichment Data: Keeping it Fresh, (Fri, Sep 6th)
I like to enrich my honeypot data from a variety of sources to help understand a bit more about the context of the attack. This includes the types of networks the attacks are coming from or
Continue Reading