Ongoing Facebook Phishing campaign Without a Sender and (almost) without Linkshttps://isc.sans.edu/diary/Ongoing%20Facebook%20phishing%20campaign%20without%20a%20sender%20and%20%28almost%29%20without%20links/29848Intel Microcode Updates Do N
Geolocating IPs is Harder Than You Thinkhttps://isc.sans.edu/diary/Geolocating%20IPs%20is%20harder%20than%20you%20think/29834Pre-Infected Mobile Phoneshttps://www.theregister.com/2023/05/11/bh_asia_mobile_phones/Dragos Breachhttps://www
Exploratory Data Analysis with CISSM Cyber Attacks Database Part 2https://isc.sans.edu/diary/Exploratory%20Data%20Analysis%20with%20CISSM%20Cyber%20Attacks%20Database%20-%20Part%202/29828Microsoft Patched Outlook (actually Windows) vulnerabi
Microsoft Patch Tuesdayhttps://isc.sans.edu/diary/Microsoft%20May%202023%20Patch%20Tuesday/29826GitHub "Push Protection" now out of Betahttps://github.blog/2023-05-09-push-protection-is-generally-available-and-free-for-all-public-reposito
QR Codes Used in Fake Parking Tickets and Surveyshttps://www.bleepingcomputer.com/news/security/qr-codes-used-in-fake-parking-tickets-surveys-to-steal-your-money/Microsoft Edge Updatehttps://learn.microsoft.com/en-us/deployedge/microsoft-e
Analyzing PDF Streamshttps://isc.sans.edu/diary/Analyzing%20PDF%20Streams/30908F5 Next Central Manager Vulnerabilitieshttps://eclypsium.com/blog/big-vulnerabilities-in-next-gen-big-ip/Veeam Patcheshttps://www.veeam.com/kb4441https://w
DNS Debugging with nslookuphttps://isc.sans.edu/diary/nslookups+Debug+Options/30894/Microsoft Plans DNS Lockdownhttps://techcommunity.microsoft.com/t5/networking-blog/announcing-zero-trust-dns-private-preview/ba-p/4110366Microsoft Graph A
https://isc.sans.edu/diary/Scans%20Probing%20for%20LB-Link%20and%20Vinga%20WR-AC1200%20routers%20CVE-2023-24796/30890Scans Probing for LB-Link and Vinga WR-AC1200 routers CVE-2023-24796Buffer Overflow Vulnerabilities in ArubaOShttps://www.
Linux Trojan - Xorddos with Filename eyshcjdmzghttps://isc.sans.edu/diary/Linux%20Trojan%20-%20Xorddos%20with%20Filename%20eyshcjdmzg/30880AWS S3 Denial of Wallet Amplification Attackhttps://medium.com/@maciej.pocwierz/how-an-empty-s3-buck
Another Day, Another NAS: Attacks against Zyxel NAS326 Devices CVE-2023-4473, CVE-2023-4474https://isc.sans.edu/diary/Another%20Day%2C%20Another%20NAS%3A%20Attacks%20against%20Zyxel%20NAS326%20devices%20CVE-2023-4473%2C%20CVE-2023-4474/30884
DLink NAS Exploit Variationhttps://www.qnap.com/en/security-advisory/qsa-24-09Muddling Meerkat DNS Abusehttps://blogs.infoblox.com/threat-intelligence/a-cunning-operator-muddling-meerkat-and-chinas-great-firewall/Android TV Data Leakage
Okta warns of increase in credential stuffinghttps://sec.okta.com/blockanonymizersFake payment cards used by Police in Japanhttps://twitter.com/vxunderground/status/1783522097425211887Phishing Campaigns Targeting USPShttps://www.akamai.
Does it matter if iptables isn't running on my honeypot?https://isc.sans.edu/forums/diary/Does%20it%20matter%20if%20iptables%20isn't%20running%20on%20my%20honeypot%3F/30862/Unplugging PlugX: Singholing the PlugX USB worm botnethttps://blog
API Rug Pull - The NIST NVD Database and APIhttps://isc.sans.edu/diary/API%20Rug%20Pull%20-%20The%20NIST%20NVD%20Database%20and%20API%20%28Part%204%20of%203%29/30868Cisco Patches Vulnerabilities and Discovers Arcane Backdoorhttps://blog.ta
Struts2 devmode Still a Problem Ten Years Laterhttps://isc.sans.edu/forums/diary/Struts%20%22devmode%22%3A%20Still%20a%20problem%20ten%20years%20later%3F/30866/Analyzing Forest Blizard's Custom Post-Compromise Tool for exploiting CVE-2022-38
Number of Industrial Devices Accessible From Internet Up 30 Thousand over three yearshttps://isc.sans.edu/diary/It%20appears%20that%20the%20number%20of%20industrial%20devices%20accessible%20from%20the%20internet%20has%20risen%20by%2030%20thou
The CVE's They are A-Changinghttps://isc.sans.edu/diary/The%20CVE%27s%20They%20are%20A-Changing!/30850CrushFTP 0-Day Vulnerabilityhttps://www.crushftp.com/crush11wiki/Wiki.jsp?page=Updatehttps://www.reddit.com/r/crowdstrike/comments/1c88