In January, a possible XSS vulnerability was found in the electronic document security management system ESAFENET CDG. This was the latest (as far as I can tell) in a long list of vulnerabilities in the product. Prior...
Read MoreOverview Clevo’s UEFI firmware update packages included sensitive private keys used in their Intel Boot Guard implementation. This accidental exposure of the keys could be abused by an attacker to sign malicious firmware using...
Read MoreWireshark release 4.4.10 fixes 6 bugs and 1 vulnerability (in the MONGO dissector). A new branch with many new features is released too: 4.6.0 Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center....
Read MoreOverview The Kiwire Captive Portal, provided by SynchroWeb, is an internet access gateway intended for providing guests internet access where many users will want to connect. Three vulnerabilities were discovered within the...
Read More![[Guest Diary] Building Better Defenses: RedTail Observations from a Honeypot, (Thu, Oct 9th)](https://b923496.smushcdn.com/923496/wp-content/uploads/2025/10/2025-10-09_figure1-627x219.png?lossy=1&strip=1&webp=1)
[This is a Guest Diary by Jin Quan Low, an ISC intern as part of the SANS.edu Bachelor’s...
Read MoreToday, I spoted on VirusTotal an interesting Python RAT. They are tons of them but this one attracted my attention based on some function names present in the code: self_modifying_wrapper(), decrypt_and_execute()...
Read MoreFreePBX is a popular PBX system built around the open source VoIP system Asterisk. To manage Asterisk more easily, it provides a capable web-based admin interface. Sadly, like so many web applications, it has had its share of...
Read MoreThis weekend, Oracle published a surprise security bulletin announcing an exploited vulnerability in Oracle E-Business Suite. As part of the announcement, which also included a patch, Oracle published IoC observed as part of the...
Read MoreOverview A remote code execution (RCE) vulnerability, tracked as CVE-2025-10547, was discovered through the EasyVPN and LAN web administration interface of Vigor routers by Draytek. A script in the LAN web administration...
Read More
I have been writing about the “.well-known” directory a few times before. Recently,...
Read MoreThis informational webinar will provide general information regarding the CRDO Broad Agency Announcement (BAA) published on September 24, 2025. It will offer general guidance on preparing White Papers and if invited,...
Read More![[Guest Diary] Comparing Honeypot Passwords with HIBP, (Wed, Oct 1st)](https://b923496.smushcdn.com/923496/wp-content/uploads/2025/09/2025-10-01_figure1-627x303.png?lossy=1&strip=1&webp=1)
[This is a Guest Diary by Draden Barwick, an ISC intern as part of the SANS.edu Bachelor’s...
Read More