Apple released its expected set of operating system upgrades. This is a minor feature upgrade that also includes fixes for 110 different vulnerabilities. As usual for Apple, many of the vulnerabilities affect multiple operating...
Read More
XWiki describes itself as “The Advanced Open-Source Enterprise Wiki” and considers...
Read More
Sensors reporting firewall logs detected a significant increase in scans for port 8530/TCP and...
Read More
This week, I noticed some new HTTP request headers that I had not seen before: X-Request-Purpose:...
Read More
I’ve been doing Unix/Linux IR and Forensics for a long time. I logged into a Unix system for...
Read MoreOverview Email message header syntax can be exploited to bypass authentication protocols such as SPF, DKIM, and DMARC. These exploits enable attackers to deliver spoofed emails that appear to originate from trusted sources....
Read More
While reviewing malicious messages that were delivered to our handler inbox over the past few...
Read More
I was intrigued when Johannes talked about malware that uses BASE64 over DNS to communicate. Take...
Read More
When I have a binary file to analyze, I often use tools like 010 Editor or format-bytes.py (a tool...
Read More
Over the past two months, my outlook account has been receiving phishing email regarding cloud...
Read More
Infostealers landscape exploded in 2024 and they remain a top threat today. If Windows remains a...
Read MoreStarting yesterday, some of our honeypots received POST requests to “/cgi-bin/webctrl.cgi”, attempting to exploit an OS command injection vulnerability: POST /cgi-bin/webctrl.cgi Host: [honeypot ip]:80 User-Agent:...
Read More