SANS Archives Page 6 of 463 | Cyberthreat Blog from Fortify24x7

Using AI Gemma 3 Locally with a Single CPU , (Wed, Dec 10th)

by Cyberthreat Blog | Dec 10, 2025 | SANS ISC Bulletins | 0 |

Several months ago, I got a Nucbox K8 Plus minicomputer to use as a Proxmox 9 server. At the time...

Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection), (Wed, Dec 10th)

by Cyberthreat Blog | Dec 10, 2025 | SANS ISC Bulletins | 0 |

Last year, Kubernetes fixed a command injection vulnerability in the Kubernetes NodeLogQuery feature (%%cve:2024-9042%%) [1]. To exploit the vulnerability, several conditions had to be met: The vulnerable node had to run Windows...

Microsoft Patch Tuesday December 2025, (Tue, Dec 9th)

by Cyberthreat Blog | Dec 9, 2025 | SANS ISC Bulletins | 0 |

This release addresses 57 vulnerabilities. 3 of these vulnerabilities are rated critical. One vulnerability was already exploited, and two were publicly disclosed before the patch was released. CVE-2025-62221: This privilege...

AutoIT3 Compiled Scripts Dropping Shellcodes, (Fri, Dec 5th)

by Cyberthreat Blog | Dec 4, 2025 | SANS ISC Bulletins | 0 |

AutoIT3[1] is a powerful language that helps to built nice applications for Windows environments,...

Nation-State Attack or Compromised Government? [Guest Diary], (Thu, Dec 4th)

by Cyberthreat Blog | Dec 3, 2025 | SANS ISC Bulletins | 0 |

[This is a Guest Diary by Jackie Nguyen, an ISC intern as part of the SANS.edu BACS program] The...

Attempts to Bypass CDNs, (Wed, Dec 3rd)

by Cyberthreat Blog | Dec 3, 2025 | SANS ISC Bulletins | 0 |

Currently, in order to provide basic DDoS protection and filter aggressive bots, some form of Content Delivery Network (CDN) is usually the simplest and most cost-effective way to protect a web application. In a typical setup,...

[Guest Diary] Hunting for SharePoint In-Memory ToolShell Payloads, (Tue, Dec 2nd)

by Cyberthreat Blog | Dec 1, 2025 | SANS ISC Bulletins | 0 |

[This is a Guest Diary by James Woodworth, an ISC intern as part of the SANS.edu Bachelor’s...

Conflicts between URL mapping and URL based access control., (Mon, Nov 24th)

by Cyberthreat Blog | Nov 24, 2025 | SANS ISC Bulletins | 0 |

We continue to encounter high-profile vulnerabilities that relate to how URL mapping (or “aliases”) interac|zsh:1: parse error near `&’ ts with URL-based access control. Last week, we wrote about the Oracle...

Wireshark 4.4.1 Released, (Sun, Nov 23rd)

by Cyberthreat Blog | Nov 23, 2025 | SANS ISC Bulletins | 0 |

Wireshark release 4.6.1 fixes 2 vulnerabilities and 20 bugs. Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United...

YARA-X 1.10.0 Release: Fix Warnings, (Sun, Nov 23rd)

by Cyberthreat Blog | Nov 23, 2025 | SANS ISC Bulletins | 0 |

YARA-X’s 1.10.0 release brings a new command: fix warnings. If you have a rule that would...

Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)

by Cyberthreat Blog | Nov 21, 2025 | SANS ISC Bulletins | 0 |

From time to time, it can be instructive to look at generic phishing messages that are delivered...

Oracle Identity Manager Exploit Observation from September (CVE-2025-61757), (Thu, Nov 20th)

by Cyberthreat Blog | Nov 20, 2025 | SANS ISC Bulletins | 0 |

Searchlight Cyber today released a blog detailing CVE-2025-61757, a vulnerability they reported to Oracle. Oracle released a patch for the vulnerability as part of its October Critical Patch Update, which was released on October...

Tag: SANS