View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: VIMESA Equipment: VHF/FM Transmitter Blue Plus Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could
Continue ReadingCategory: Dynamic Threat Feeds
Deep Sea Electronics DSE855
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: low attack complexity/public exploits are available Vendor: Deep Sea Electronics Equipment: DSE855 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could
Continue ReadingRussian Strategic Information Attack for Catastrophic Effect
SummaryRussias Strategic Information Attack (SIA) concept focuses on non-kinetic methods to disrupt or destroy adversary national critical infrastructure (NCI) during strategic conflicts. Insikt Group acknowledges that SIA is not an official term used in Russian or
Continue ReadingISC Stormcast For Thursday, October 24th, 2024 https://isc.sans.edu/podcastdetail/9194, (Thu, Oct 24th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingInvestigating FortiManager Zero-Day Exploitation (CVE-2024-47575)
Written by: Foti Castelan, Max Thauer, JP Glab, Gabby Roncone, Tufail Ahmed, Jared Wilson Summary In October 2024, Mandiant collaborated with Fortinet to investigate the mass exploitation of FortiManager appliances across 50+ potentially compromised FortiManager devices
Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation, as confirmed by Fortinet. CVE-2024-47575 Fortinet FortiManager Missing Authentication Vulnerability These types of vulnerabilities are frequent attack vectors for
Continue ReadingOperation Overload Impersonates Media to Influence 2024 US Election
SummaryOperation Overload, a Russia-aligned influence operation, is aggressively targeting the 2024 US presidential election. Using fake news, fact-checking sites, and AI-generated audio, it seeks to manipulate public opinion by impersonating trusted media organizations. This campaign primarily
Continue ReadingEverybody Loves Bash Scripts. Including Attackers., (Wed, Oct 23rd)
Today our "First Seen" page displayed a number of simple URLs: /wp-backup.sh /submit.sh /stage-deploy.sh /scripts/driverenv.sh /s3.sh /run-deploy.sh /passwords.sh /m/index.php /library.sh /installer.sh /envvars.sh /driverenv.sh /driver.sh /docker/startup.sh /develop.sh /bucket.sh /aws_cli.sh /aws-env.sh These URLs are not associated with a
Continue ReadingISC Stormcast For Wednesday, October 23rd, 2024 https://isc.sans.edu/podcastdetail/9192, (Wed, Oct 23rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingHow much HTTP (not HTTPS) Traffic is Traversing Your Perimeter?, (Tue, Oct 22nd)
Back in June of 2010, The Electronic Frontier Foundation (EFF) released the first beta release of the "HTTPS Everywhere" plugin [1]. Even then, most websites offered HTTPS. But unlike today, HTTP was often still the default,
Continue Reading