Proactive security strategies to help detect and prevent workplace violence.
Heartbleed 10th Anniversary
https://heartbleed.com/
Possible Libarchive Backdoor Vulnerability
https://github.com/libarchive/libarchive/pull/1609
Magento XML Backdoor
https://sansec.io/research/magento-xml-backdoor
Google Public DNS’s approach to fight against cache poisoning attacks
https://security.googleblog.com/2024/03/google-public-dnss-approach-to-fight.html
Remote code execution (RCE)vulnerability in Brocade Fabric OS (CVE-2023-3454)
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23215
SANS London April Evening Talk
https://sans.zoom.us/webinar/register/WN_ZLLnQKCCQCywLGm-CM4xQg#/registration
Slicing up DoNex with Binary Ninja
https://isc.sans.edu/diary/Slicing%20up%20DoNex%20with%20Binary%20Ninja/30812
HTTP/2 Continuation Flood
https://nowotarski.info/http2-continuation-flood-technical-details/
Dangers of CSS in HTML Email
https://lutrasecurity.com/en/articles/kobold-letters/
Dan Mazella: Infostealers in Automotive Headunits
https://www.sans.edu/cyber-research/exploring-infostealer-malware-techniques-automotive-head-units/
Playing with xzbot: Some things you can learn from SSH traffic
https://isc.sans.edu/forums/diary/Some%20things%20you%20can%20learn%20from%20SSH%20traffic/30808/
Google Proposes Device Bound Session Credentials (DBSC)
https://blog.chromium.org/2024/04/fighting-cookie-theft-using-device.html
Four More Ivanti Vulnerabilities
https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
Google Pixel Zero Day
https://source.android.com/docs/security/bulletin/pixel/2024-04-01
Chrome Incognito Mode Settlement
https://www.wired.com/story/google-chrome-incognito-mode-data-deletion-settlement/
Google E-Mail Sender Guidelines FAQ
https://support.google.com/a/answer/14229414?hl=en&fl=1&sjid=2270464422796374445-NC
Cisco Updates and VPN Best Practices
https://www.cisco.com/c/en/us/support/docs/security/secure-firewall-threat-defense/221806-password-spray-attacks-impacting-custome.html
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
Apache Pulsar Vulnerability
https://pulsar.apache.org/security/CVE-2024-29834/
Progress Flowmon Network Monitoring Tool Vulnerability CVE-2024-2389
https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability
Wait Just an Infosec Episode with Bojan Zdrnja: Thursday April 4th 2024 10:00 EDST
https://isc.sans.edu/j/xzutils (link will redirect once episode is live)
The amazingly scary xz sshd backdoor
https://isc.sans.edu/diary/The%20amazingly%20scary%20xz%20sshd%20backdoor/30802
The xz-utils backdoor in security advisories by national CSIRTs
https://isc.sans.edu/diary/The+xzutils+backdoor+in+security+advisories+by+national+CSIRTs/30800
Checking CSV Files
https://isc.sans.edu/diary/Checking%20CSV%20Files/30796
Infostealers Pose Threat to macOS
https://www.jamf.com/blog/infostealers-pose-threat-to-macos/
Cyber and ransomware threats are growing at a rapid rate, critically endangering organizations’ sensitive data.
xz-utils Backdoor CVE-2024-3094
https://www.openwall.com/lists/oss-security/2024/03/29/4
https://tukaani.org/xz-backdoor/
https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27
Backdoor reverse analysis
https://bsky.app/profile/did:plc:x2nsupeeo52oznrmplwapppl/post/3kowjkx2njy2b
YARA Rule
https://github.com/byinarie/CVE-2024-3094-info/blob/main/CVE-2024-3094.yar
Social Engineering Attempts to Include Backdoor in Distros
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067708
https://news.ycombinator.com/item?id=39866275
Github Repo (now disabled)
https://github.com/tukaani-project/xz
Statements from Distributions
https://www.kali.org/blog/about-the-xz-backdoor/
https://archlinux.org/news/the-xz-package-has-been-backdoored/
https://access.redhat.com/security/cve/CVE-2024-3094
https://bugs.gentoo.org/928134
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024
From JavaScript to AsyncRAT
https://isc.sans.edu/diary/From%20JavaScript%20to%20AsyncRAT/30788
TeamCity Patches
https://www.jetbrains.com/privacy-security/issues-fixed/?product=TeamCity&version=2024.03
Okta Verify for Windows Auto-update Arbitrary Code Execution CVE-2024-0980
https://trust.okta.com/security-advisories/okta-verify-windows-auto-update-arbitrary-code-execution-cve-2024-0980/
Google Zero Day Report
https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Year_in_Review_of_ZeroDays.pdf
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
PHPSESSID | session | This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed. |
pmpro_visit | session | The cookie is set by PaidMembership Pro plugin. The cookie is used to manage user memberships. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |