Category: SANS™ Internet Storm Center

ISC Stormcast For Wednesday, November 20th, 2024 https://isc.sans.edu/podcastdetail/9226

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Today, Apple released updates patching two vulnerabilities that have already been exploited. Interestingly, according to Apple, the vulnerabilities have only been exploited against Intel-based systems, but they appear to affect ARM (M"x") systems as well. CVE-2024-44308

Hello from Singapore where I'm with Johannes and Yee! This week, I'm teaching FOR710[1]. I spotted another Python script that looked interesting because, amongst the classic detection of virtualized environments, it also tries to detect the presence of a debugger.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Last week, Watchtowr Labs released details describing a new and so far unpatched vulnerability in Citrix's remote access solution [1]. Specifically, the vulnerability affects the "Virtual Apps and Desktops." This solution allows "secure" remote access to

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

There are so many vulnerabilities in commonly used routers that attackers often leave many easily exploited vulnerabilities untouched, as they already have plenty of vulnerabilities to exploit.  Looking today at our "First Seen URL" page, I

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

This month, Microsoft is addressing a total of 83 vulnerabilities. Among these, 3 are classified as critical, 2 have been exploited in the wild, and another 2 have been disclosed prior to Patch Tuesday. Organizations are