[This is a Guest Diary by Thomas Spangler, an ISC intern as part of the SANS.edu BACS program] A picture is worth a thousand words, as the saying goes. Using open-source information and basic image analysis
Continue ReadingCategory: SANS™ Internet Storm Center
DNS Reflection Update and Odd Corrupted DNS Requests, (Wed, Sep 25th)
Occasionally, I tend to check in on what reflective DNS denial of service attacks are doing. We usually see steady levels of attacks. Usually, they attempt to use spoofed requests for ANY records to achieve the
Continue ReadingISC Stormcast For Wednesday, September 25th, 2024 https://isc.sans.edu/podcastdetail/9152, (Wed, Sep 25th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingExploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120, (Tue, Sep 24th)
Late in July, a researcher using the alias "NETSECFISH" published a blog post revealing a vulnerability in RASIECOM gateway devices [1]. The vulnerability affects the "vpn/list_base_Config.php" endpoint and allows for unauthenticated remote code execution. According to
Continue ReadingISC Stormcast For Tuesday, September 24th, 2024 https://isc.sans.edu/podcastdetail/9150, (Tue, Sep 24th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingPhishing links with @ sign and the need for effective security awareness building, (Mon, Sep 23rd)
While going over a batch of phishing e-mails that were delivered to us here at the Internet Storm Center during the first half of September, I noticed one message which was somewhat unusual. Not because it
Continue ReadingISC Stormcast For Monday, September 23rd, 2024 https://isc.sans.edu/podcastdetail/9148, (Mon, Sep 23rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingISC Stormcast For Friday, September 20th, 2024 https://isc.sans.edu/podcastdetail/9146, (Fri, Sep 20th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingFake GitHub Site Targeting Developers, (Thu, Sep 19th)
Our reader "RoseSecurity" forwarded received the following malicious email: Hey there! We have detected a security vulnerability in your repository. Please contact us at https:[//]github-scanner[.]com to get more information on how to fix this issue. Best
Continue ReadingISC Stormcast For Thursday, September 19th, 2024 https://isc.sans.edu/podcastdetail/9144, (Thu, Sep 19th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Reading