Internet Security offentlig
[search 0]
Flere
Download appen!
show episodes
 
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
  continue reading
 
Loading …
show series
 
Analyzing Encrypted PDFs; Okta Passwordless Password Leak; QuRouter Patch; Google AI Tool finds SQLite vuln Analyzing an Encrypted Phishing PDF https://isc.sans.edu/diary/Analyzing%20an%20Encrypted%20Phishing%20PDF/31404 Okta Verify Desktop MFA For Windows Password Less Login CVE-2024-9191 https://trust.okta.com/security-advisories/okta-verify-desk…
  continue reading
 
October Activity with Username chenzilong https://isc.sans.edu/diary/October%202024%20Activity%20with%20Username%20chenzilong/31400 qpdf Extracting PDF Streams https://isc.sans.edu/diary/qpdf%3A%20Extracting%20PDF%20Streams/31406 Okta bcrypt issue https://trust.okta.com/security-advisories/okta-ad-ldap-delegated-authentication-username/ https://med…
  continue reading
 
Scans for RDP Gateways https://isc.sans.edu/diary/Scans%20for%20RDP%20Gateways/31398 CyberPanel Exploited https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/ Windows Themes Files Spoofing CVE-2024-38030 https://blog.0patch.com/2024/10/we-patched-cve-2024-38030-found-another.html QNAP P…
  continue reading
 
Odd SSH Username; QPDF; Okta bcrypt issue; Synology Patches; Fake Lastpass Reviews; October Activity with Username chenzilong https://isc.sans.edu/diary/October%202024%20Activity%20with%20Username%20chenzilong/31400 qpdf Extracting PDF Streams https://isc.sans.edu/diary/qpdf%3A%20Extracting%20PDF%20Streams/31406 Okta bcrypt issue https://trust.okta…
  continue reading
 
RDP Gateway Scans; CyberPanel Exploited; QNAP Patches; Facebook Malvertising Scans for RDP Gateways https://isc.sans.edu/diary/Scans%20for%20RDP%20Gateways/31398 CyberPanel Exploited https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/ Windows Themes Files Spoofing CVE-2024-38030 https:…
  continue reading
 
Critical RCE Vulnerabilty in Cyberpanel https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce Spring WebFlux Vulnerability https://access.redhat.com/security/cve/cve-2024-38821 https://spring.io/security/cve-2024-38821 Inbound SMTP DANE with DNSSEC for Exchange Online https://techcommunity.microsoft.com/t5/excha…
  continue reading
 
CyberPanel RCE; Spring WebFlux Vuln; MSFT Implements DANE; Attackers Enable RDP Critical RCE Vulnerabilty in Cyberpanel https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce Spring WebFlux Vulnerability https://access.redhat.com/security/cve/cve-2024-38821 https://spring.io/security/cve-2024-38821 Inbound SMTP D…
  continue reading
 
Apple Update Everything https://isc.sans.edu/diary/Apple%20Updates%20Everything/31390 Selfcontained HTML Phishing Attachment Using Telegram to Exfiltrate Credentials https://isc.sans.edu/diary/Selfcontained+HTML+phishing+attachment+using+Telegram+to+exfiltrate+stolen+credentials/31388/ ChatGPT-4o Guardrail Jailbreak: Hex Encoding for Writing CVE Ex…
  continue reading
 
Apple Updates; HTML File Phishing via Telegram; ChatGTP-4o Encoding Evasion Apple Update Everything https://isc.sans.edu/diary/Apple%20Updates%20Everything/31390 Selfcontained HTML Phishing Attachment Using Telegram to Exfiltrate Credentials https://isc.sans.edu/diary/Selfcontained+HTML+phishing+attachment+using+Telegram+to+exfiltrate+stolen+creden…
  continue reading
 
Two currently (old) exploited Ivanti vulnerabilities https://isc.sans.edu/diary/Two%20currently%20%28old%29%20exploited%20Ivanti%20vulnerabilities/31384 Arcadyan FMIMG51AX000J (WiFi Alliance) RCE CVE-2024-41992 https://ssd-disclosure.com/ssd-advisory-arcadyan-fmimg51ax000j-wifi-alliance-rce/ Okta iOS App Vulnerability CVE-2024-10327 https://trust.o…
  continue reading
 
Old Ivanti Vulns Exploited; Arcadyan Wifi RCE; Okta iOS Vuln; TeamTNT Docker Hunt Two currently (old) exploited Ivanti vulnerabilities https://isc.sans.edu/diary/Two%20currently%20%28old%29%20exploited%20Ivanti%20vulnerabilities/31384 Arcadyan FMIMG51AX000J (WiFi Alliance) RCE CVE-2024-41992 https://ssd-disclosure.com/ssd-advisory-arcadyan-fmimg51a…
  continue reading
 
Development Features Enabled in Production https://isc.sans.edu/diary/Development%20Features%20Enabled%20in%20Prodcution/31380 Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials https://blog.talosintelligence.com/large-scale-brute-force-activity-targeting-vpns-ssh-services-with-commonly-used-login-cre…
  continue reading
 
Dev Features in Prod; Cisco VPN DOS and Authenticed RCE; Hard Coded Cloud Credentials Development Features Enabled in Production https://isc.sans.edu/diary/Development%20Features%20Enabled%20in%20Prodcution/31380 Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials https://blog.talosintelligence.com/lar…
  continue reading
 
Everybody Loves Bash Scripts Including Attackers https://isc.sans.edu/diary/Everybody%20Loves%20Bash%20Scripts.%20Including%20Attackers./31376 Fortimanager Exploited Vulnerability https://www.fortiguard.com/psirt/FG-IR-24-423 Sharepoint Exploit https://www.cisa.gov/news-events/alerts/2024/10/22/cisa-adds-one-known-exploited-vulnerability-catalog ht…
  continue reading
 
Shell Scripts; Fortimanager Mess; Sharepoint Exploit; OpenSSL Patch; Reduced Cert Lifetime Everybody Loves Bash Scripts Including Attackers https://isc.sans.edu/diary/Everybody%20Loves%20Bash%20Scripts.%20Including%20Attackers./31376 Fortimanager Exploited Vulnerability https://www.fortiguard.com/psirt/FG-IR-24-423 Sharepoint Exploit https://www.ci…
  continue reading
 
How much HTTP (not HTTPS) Traffic is Traversing Your Perimeter? https://isc.sans.edu/diary/How%20much%20HTTP%20%28not%20HTTPS%29%20Traffic%20is%20Traversing%20Your%20Perimeter%3F/31372 VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813) https://support.broadcom…
  continue reading
 
HTTP vs. HTTPS; VMware, Unifi, Roundgroup, Atlassian, OneDev Patches, Vulnerability and Exploits How much HTTP (not HTTPS) Traffic is Traversing Your Perimeter? https://isc.sans.edu/diary/How%20much%20HTTP%20%28not%20HTTPS%29%20Traffic%20is%20Traversing%20Your%20Perimeter%3F/31372 VMSA-2024-0019:VMware vCenter Server updates address heap-overflow a…
  continue reading
 
A Network Nerd's Take on Emergency Preparedness https://isc.sans.edu/diary/A%20Network%20Nerd%27s%20Take%20on%20Emergency%20Preparedness/31356 HM Surf Vulnerability Access to Camera Exploited CVE-2024-44133 https://www.microsoft.com/en-us/security/blog/2024/10/17/new-macos-vulnerability-hm-surf-could-lead-to-unauthorized-data-access/ Fortinet relea…
  continue reading
 
Emergency Preparedness; HM Surf Exploited; Fortinet and ScienLogic Vague Patches A Network Nerd's Take on Emergency Preparedness https://isc.sans.edu/diary/A%20Network%20Nerd%27s%20Take%20on%20Emergency%20Preparedness/31356 HM Surf Vulnerability Access to Camera Exploited CVE-2024-44133 https://www.microsoft.com/en-us/security/blog/2024/10/17/new-m…
  continue reading
 
Microsoft 365: Partially incomplete log data due to monitoring agent issue https://m365admin.handsontek.net/multiple-services-partially-incomplete-log-data-due-to-monitoring-agent-issue/ End-to-End Encrytped Cloud Storage in the Wild: A Broken Ecosystem https://brokencloudstorage.info/paper.pdf ESET Branded Malware https://x.com/ESETresearch/status…
  continue reading
 
Lost MSFT 365 Logs; Broken Cloud Storage; ESET Branded Malware; Synology, Spring and Grafana Updates Microsoft 365: Partially incomplete log data due to monitoring agent issue https://m365admin.handsontek.net/multiple-services-partially-incomplete-log-data-due-to-monitoring-agent-issue/ End-to-End Encrytped Cloud Storage in the Wild: A Broken Ecosy…
  continue reading
 
Scanning Activity from Subnet 15.184.0.0/16. https://isc.sans.edu/diary/Scanning%20Activity%20from%20Subnet%2015.184.0.0%2016/31362 Gatekeeper Bypass /unit42.paloaltonetworks.com/gatekeeper-bypass-macos/ Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpuoct2024.html Cisco ATA 190 Series Analog Telephone Adapter Firmware Vulnera…
  continue reading
 
AWS Scans; Gatekeeper Bypass; Oracle CPU; Cisco ATA 190 Patch; SAP Code Injection; Dept of Commerce Advertises Drugs; Scanning Activity from Subnet 15.184.0.0/16. https://isc.sans.edu/diary/Scanning%20Activity%20from%20Subnet%2015.184.0.0%2016/31362 Gatekeeper Bypass /unit42.paloaltonetworks.com/gatekeeper-bypass-macos/ Oracle Critical Patch Update…
  continue reading
 
The Top 10 Not So Common SSH Usernames and Passwords https://isc.sans.edu/diary/The%20Top%2010%20Not%20So%20Common%20SSH%20Usernames%20and%20Passwords/31360 CISA Product Security Bad Practices https://www.cisa.gov/resources-tools/resources/product-security-bad-practices Kubernetes Image Builder Vulnerability CVE-2024-9486 CVE-2024-9594 https://disc…
  continue reading
 
Not so Common Passwords; Security Bad Practices; Kubernetes Image Builder Vuln; Solarwinds Helpdesk Exploited; noexec bypass The Top 10 Not So Common SSH Usernames and Passwords https://isc.sans.edu/diary/The%20Top%2010%20Not%20So%20Common%20SSH%20Usernames%20and%20Passwords/31360 CISA Product Security Bad Practices https://www.cisa.gov/resources-t…
  continue reading
 
Angular-base64-upload Demo Script Exploited https://isc.sans.edu/diary/Angular-base64-upload%20Demo%20Script%20Exploited%20%28CVE-2024-42640%29/31354 Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage http://cjc.ict.ac.cn/online/onlinepaper/wc-202458160402.pdf EDRSilencer https://github.com/netero1010/EDRSilencer …
  continue reading
 
Loading …

Hurtig referencevejledning