Scans for Apache OfBiz, (Wed, Mar 27th)
Today, I noticed in our “first seen URL” list, two URLs I didn’t immediately...
Read MoreToday, I noticed in our “first seen URL” list, two URLs I didn’t immediately...
Read MoreDuring a recent Linux forensic engagement, a colleague asked if there was anyway to tell what...
Read MoreLast week, Apple published updates for iOS and iPadOS. At that time, Apple withheld details about the security content of the update. This is typical if future updates for other operating systems will fix the same vulnerability....
Read MoreI am TA-ing for Taz for the new SANS FOR577 class again and I figured it was time to release some...
Read MoreThe reason I extracted a PE file in my last diary entry, is that I discovered it was the dropper...
Read MoreAttributing a particular IP address to a specific location is hard and often fails miserably. There are several difficulties that I have talked about before: Out-of-date whois data, data that is outright fake, or was never...
Read MoreLate last week, an exploit surfaced on GitHub for CVE-2024-21762 [1]. This vulnerability affects Fortinet’s FortiOS. A patch was released on February 8th. Owners of affected devices had over a month to patch [2]. A few...
Read MoreFirewalls and other perimeter devices are a huge target these days. Ivanti, Forigate, Citrix, and others offer plenty of difficult-to-patch vulnerabilities for attackers to exploit. Ransomware actors and others are always on the...
Read More[This is a Guest Diary by Joshua Woodward, an ISC intern as part of the SANS.edu BACS program] Just listening to a lecture is boring. Is there a better way? I recently had the opportunity to engage in conversation with Jonathan,...
Read MoreThis PE file contains an obfuscated hexadecimal-encoded payload. When I analyze it with...
Read MoreAbout three months ago, I wrote about the implications and impacts of 5Ghoul in a previous diary [1]. The 5Ghoul family of vulnerabilities could cause User Equipment (UEs) to be continuously exploited (e.g. dropping/freezing...
Read MoreCredential-stealing phishing is constantly evolving, nevertheless, some aspects of it – by...
Read More