CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-20123 Draytek VigorConnect Path Traversal Vulnerability CVE-2021-20124 Draytek VigorConnect Path Traversal Vulnerability CVE-2024-7262 Kingsoft WPS Office Path Traversal Vulnerability These
Continue ReadingCategory: Dynamic Threat Feeds
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems (ICS) advisory on September 3, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-247-01 LOYTEC Electronics LINX Series CISA encourages users and administrators
Continue ReadingLOYTEC Electronics LINX Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: LOYTEC electronics GmbH Equipment: LINX series Vulnerabilities: Cleartext Transmission of Sensitive Information, Missing Authentication for Critical Function, Cleartext Storage
Continue ReadingDeFied Expectations — Examining Web3 Heists
Written by: Robert Wallace, Blas Kojusner, Joseph Dobson Where money goes, crime follows. The rapid growth of Web3 has presented new opportunities for threat actors, especially in decentralized finance (DeFi), where the heists are larger and
Continue ReadingISC Stormcast For Tuesday, September 3rd, 2024 https://isc.sans.edu/podcastdetail/9122, (Tue, Sep 3rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingProtected OOXML Text Documents, (Mon, Sep 2nd)
Just like "Protected OOXML Spreadsheets", Word documents can also be protected: You have to look into the word/settings.xml file, and search for element w:documentProtection: The hash algorithm is the same as for OOXML spreadsheets. However, you
Continue ReadingWireshark 4.4: Converting Display Filters to BPF Capture Filters, (Sun, Sep 1st)
Display filters are used to define expressions that decide which packets get displayed, and which not in Wireshark's packet list. Berkeley Packet Filter (BPF) expressions decide which packets get captured, and which not when Wireshark is
Continue ReadingWireshark 4.4.0 is now available, (Sat, Aug 31st)
This is the first 4.4 release. Many new features have been added, details are here. One feature I already highlighted are custom columns with field expressions: "Wireshark 4.4.0rc1's Custom Columns". Other new features I'll be looking
Continue ReadingISC Stormcast For Friday, August 30th, 2024 https://isc.sans.edu/podcastdetail/9120, (Fri, Aug 30th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingSimulating Traffic With Scapy, (Fri, Aug 30th)
It can be helpful to simulate different kinds of system activity. I had an instance where I wanted to generate logs to test a log forwarding agent. This agent was processing DNS logs. There are a variety of
Continue Reading