CISA released five Industrial Control Systems (ICS) advisories on November 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-317-01 Subnet Solutions PowerSYSTEM Center ICSA-24-317-02 Hitachi Energy TRO600 ICSA-24-317-03
Continue ReadingCategory: Dynamic Threat Feeds
CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities
Today, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), and international partners released joint Cybersecurity Advisory, 2023 Top Routinely Exploited Vulnerabilities. This advisory supplies details on the
Continue ReadingSubnet Solutions PowerSYSTEM Center
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Subnet Solutions Equipment: PowerSYSTEM Center Vulnerabilities: Improper Restriction of XML External Entity Reference, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation
Continue ReadingWhy the Shift to SaaS Amplifies Identity-Based Risk
Increasingly, attackers don't hack in anymorethey log in. As enterprises rapidly adopt cloud-based SaaS applications, our security landscape has fundamentally shifted. Identity, not infrastructure, has become the primary target.Why Identity Is the New BattlefieldTo understand the
Continue ReadingISC Stormcast For Tuesday, November 12th, 2024 https://isc.sans.edu/podcastdetail/9218, (Tue, Nov 12th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingPDF Object Streams, (Mon, Nov 11th)
The first thing to do, when analyzing a potentially malicious PDF, is to look for the /Encrypt name as explained in diary entry Analyzing an Encrypted Phishing PDF. The second thing to do, is to look
Continue ReadingISC Stormcast For Monday, November 11th, 2024 https://isc.sans.edu/podcastdetail/9216, (Mon, Nov 11th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Readingzipdump & PKZIP Records, (Sun, Nov 10th)
In yesterday's diary entry "zipdump & Evasive ZIP Concatenation" I showed how one can inspect the PKZIP records that make up a ZIP file. My tool zipdump.py can also inspect the data of PKZIP file records,
Continue Readingzipdump & Evasive ZIP Concatenation, (Sat, Nov 9th)
On Friday's Stormcast, Johannes talks about Evasive ZIP Concatenation, a technique where 2 (or more) ZIP files are concatenated together to evade detection. This gives me a good opportunity to remind you that my zip analysis
Continue ReadingSANS Holiday Hack Challenge 2024, (Sat, Nov 9th)
The SANS Holiday Hack Challenge is open early this year: Enjoy! :-) Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Reading