Upcoming Critical OpenSSL Vulnerability: What will be Affected?
https://isc.sans.edu/forums/diary/Upcoming+Critical+OpenSSL+Vulnerability+What+will+be+Affected/29192
Apple Updates
https://support.apple.com/en-us/HT201222
Fodcha Botnet Reaches 1Tbps
https://blog.netlab.360.com/ddosmonster_the_return_of__fodcha_cn/
https://www.bleepingcomputer.com/news/security/fodcha-ddos-botnet-reaches-1tbps-in-power-injects-ransoms-in-packets/
Why is My Cat Using Baidu And Other IoT DNS Oddities
https://isc.sans.edu/forums/diary/Why+is+My+Cat+Using+Baidu+And+Other+IoT+DNS+Oddities/29188
OpenSSL Critical Flaw to Be Patched
https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html
MacOS Ventura Blocks Security Tools
https://www.wired.com/story/apple-macos-ventura-bug-security-tools/
Critical VMWare Security Tools
https://www.vmware.com/security/advisories/VMSA-2022-0027.html
Massing Cryptomining Operation via Github Actions
https://sysdig.com/blog/massive-cryptomining-operation-github-actions/
Daixin Team Ransomware Targeting Healthcare Providers
https://www.ic3.gov/Media/News/2022/221021.pdf
Cisco Anyconnect Client Exploited in the Wild
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-F26WwJW
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj
SQLite Vulnerability Details
https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/
C2 Communications Through Outlook.com
https://isc.sans.edu/forums/diary/C2+Communications+Through+outlookcom/29180
Apple Patches Everything October 2022 Edition
https://isc.sans.edu/forums/diary/Apple%20Patches%20Everything%3A%20October%202022%20Edition/29182/
Cisco ISE Patch
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-path-trav-Dz5dpzyM
Dormant Colors Live Campaign With Over 1m Data Stealing Extensions Installed
https://guardiosecurity.medium.com/dormant-colors-live-campaign-with-over-1m-data-stealing-extensions-installed-9a9a459b5849
Sczriptzzbn Inject Pushes Malware for NetSupport RAT
https://isc.sans.edu/forums/diary/sczriptzzbn%20inject%20pushes%20malware%20for%20NetSupport%20RAT/29170/
rtfdump find options
https://isc.sans.edu/forums/diary/rtfdumps+Find+Option/29174
Exploited Windows Zero Day Lets JavaScript Files Bypass Security Warnings
https://www.bleepingcomputer.com/news/security/exploited-windows-zero-day-lets-javascript-files-bypass-security-warnings/
A study of malicious CVE proof of concept exploits in GitHub
https://arxiv.org/pdf/2210.08374.pdf
F5 Patches
https://support.f5.com/csp/article/K11830089
https://support.f5.com/csp/article/K30425568
Synology Updates
https://www.synology.com/en-global/security/advisory/Synology_SA_22_17
This advisory contains mitigations for Cross-site Scripting, Open Redirect, XPath Injection, Session Fixation, Use of a One-way Hash without a Salt, Relative Path Traversal, Improper Verification of Cryptographic Signature, Improper Privilege Management, Use of Hard-coded Credentials, Active Debug Code, and Improper Access Control vulnerabilities in B. Braun’s SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus.
Forensic Value of Prefetch
https://isc.sans.edu/forums/diary/Forensic%20Value%20of%20Prefetch/29168/
Microsoft TLS Fix
https://support.microsoft.com/en-us/topic/october-17-2022-kb5020435-os-builds-19042-2132-19043-2132-and-19044-2132-out-of-band-243f34de-2f44-4015-a224-1b68a4132ca5
CISA Releases ScubaGear to Audit M365
https://github.com/cisagov/ScubaGear
HTTP/3 Connection Contamination
https://portswigger.net/research/http-3-connection-contamination
Are Internet Scanning Services Good or Bad for You?
https://isc.sans.edu/forums/diary/Are+Internet+Scanning+Services+Good+or+Bad+for+You/29164
FBI Warns of Student Loan Foregiveness Scams
https://www.ic3.gov/Media/Y2022/PSA221018
Fully Undetectable Powershell Backdoor
https://www.safebreach.com/resources/blog/safebreach-labs-researchers-uncover-new-fully-undetectable-powershell-backdoor/
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
PHPSESSID | session | This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed. |
pmpro_visit | session | The cookie is set by PaidMembership Pro plugin. The cookie is used to manage user memberships. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |