CVE-2025-0411 is a vulnerability in 7-zip that has been reported to be exploited in recent attacks. The problem is that Mark-of-Web (MoW) isn't propagated correctly: when extracted, a file inside a ZIP file inside another ZIP
Continue ReadingCategory: Dynamic Threat Feeds
ISC Stormcast For Monday, February 10th, 2025 https://isc.sans.edu/podcastdetail/9316, (Mon, Feb 10th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCrypto Wallet Scam: Not For Free, (Sat, Feb 8th)
I did some research into multisig wallets (cfr "Crypto Wallet Scam"), and discovered that setting up such a wallet on the TRON network comes with a cost: about $23. First I used the TronLink extension to
Continue ReadingTrimble Releases Security Updates to Address a Vulnerability in Cityworks Software
CISA is collaborating with private industry partners to respond to reports of exploitation of a vulnerability (CVE-2025-0994) discovered by Trimble impacting its Cityworks Server AMS (Asset Management System). Trimble has released security updates and an advisory
Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant
Continue ReadingSSL 2.0 turns 30 this Sunday… Perhaps the time has come to let it die?, (Fri, Feb 7th)
The SSL 2.0 protocol was originally published back in February of 1995[1], and although it was quickly found to have significant security weaknesses, and a more secure alternative was released only a year later[2], it still
Continue ReadingISC Stormcast For Friday, February 7th, 2025 https://isc.sans.edu/podcastdetail/9314, (Fri, Feb 7th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability CVE-2022-23748 Dante Discovery Process Control Vulnerability CVE-2024-21413 Microsoft Outlook Improper Input Validation
Continue ReadingCISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems (ICS) advisories on February 6, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert (PME) ICSA-25-037-02 Schneider
Continue ReadingOrthanc Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Orthanc Equipment: Orthanc Server Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker
Continue Reading