(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCategory: SANS™ Internet Storm Center
Angular-base64-update Demo Script Exploited (CVE-2024-42640), (Tue, Oct 15th)
Demo scripts left behind after installing applications or frameworks are an ongoing problem. After installation, removing any "demo" or "example" folders is usually best. A few days ago, Ravindu Wickramasinghe noticed that the Angular-base64-upload project is leaving behind
Continue ReadingISC Stormcast For Tuesday, October 15th, 2024 https://isc.sans.edu/podcastdetail/9180, (Tue, Oct 15th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingPhishing Page Delivered Through a Blob URL, (Mon, Oct 14th)
I receive a lot of spam in my catch-all mailboxes. If most of them are not interesting, some still attract my attention. Especially the one that I'll describe in this diary. The scenario is classic, an
Continue ReadingISC Stormcast For Monday, October 14th, 2024 https://isc.sans.edu/podcastdetail/9178, (Mon, Oct 14th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingWireshark 4.4.1 Released, (Sun, Oct 13th)
Wireshark release 4.4.1 fixes 2 vulnerabilities and 27 bugs. One of these bugfixes is for the missing IP address plugin on Windows, see "Wireshark 4.4's IP Address Functions". And there is a new feature in TShark:
Continue ReadingISC Stormcast For Friday, October 11th, 2024 https://isc.sans.edu/podcastdetail/9176, (Fri, Oct 11th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingGPTHoney: A new class of honeypot [Guest Diary], (Thu, Oct 10th)
[This is a Guest Diary by Christopher Schroeder, an ISC intern as part of the SANS.edu BACS program] Introduction Honeypots are a useful tool for researchers and defenders and the technology behind them has long been
Continue ReadingISC Stormcast For Thursday, October 10th, 2024 https://isc.sans.edu/podcastdetail/9174, (Thu, Oct 10th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingFrom Perfctl to InfoStealer, (Wed, Oct 9th)
A few days ago, a new stealthy malware targeting Linux hosts made a lot of noise: perfctl[1]. The malware has been pretty well analyzed and I won’t repeat what has been already disclosed. I found a
Continue Reading