Phishing authors have long ago discovered that adding HTML attachments to the messages they send out can have significant benefits for them – especially since an HTML file can contain an entire credential-stealing web page and
Continue ReadingCategory: Dynamic Threat Feeds
ISC Stormcast For Monday, October 28th, 2024 https://isc.sans.edu/podcastdetail/9198, (Mon, Oct 28th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingTwo currently (old) exploited Ivanti vulnerabilities, (Sun, Oct 27th)
Ivanti products have given us a rich corpus of vulnerabilities in recent months (years). Of course, we do see occasional scans attempting to exploit them. Just today, I spotted two of them. None of them is
Continue ReadingISC Stormcast For Friday, October 25th, 2024 https://isc.sans.edu/podcastdetail/9196, (Fri, Oct 25th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingDevelopment Features Enabled in Prodcution, (Thu, Oct 24th)
We do keep seeing attackers "poking around" looking for enabled development features. Developers often use these features and plugins to aid in debugging web applications. But if left behind, they may provide an attacker with inside
Continue ReadingCISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20481 Cisco ASA and FTD Denial-of-Service Vulnerability CVE-2024-37383 RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack
Continue ReadingCISA, US, and International Partners Release Joint Guidance to Assist Software Manufacturers with Safe Software Deployment Processes
Today, CISA—along with U.S. and international partners—released joint guidance, Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers. This guide aids software manufacturers in establishing secure software deployment processes to help ensure software is reliable
Continue ReadingCisco Releases Security Bundle for Cisco ASA, FMC, and FTD Software
Cisco released its October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication to address vulnerabilities in Cisco ASA, FMC, and FTD. A cyber threat actor could exploit some of these vulnerabilities to
Continue ReadingCISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems (ICS) advisories on October 24, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-298-01 VIMESA VHF/FM Transmitter Blue Plus ICSA-24-298-02 iniNet Solutions SpiderControl
Continue ReadinginiNet Solutions SpiderControl SCADA PC HMI Editor
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: iniNet Solutions Equipment: SpiderControl SCADA PC HMI Editor Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an
Continue Reading