ISC StormCast for Tuesday, February 27th, 2024
Utilizing the VirusTotal API to Query Files Uploaded to the DShield Honeypot
https://isc.sans.edu/diary/Utilizing%20the%20VirusTotal%20API%20to%20Query%20Files%20Uploaded%20to%20DShield%20Honeypot%20%5BGuest%20Diary%5D/30688
New WiFi Authentication Vulnerabilities Discovered
https://www.top10vpn.com/research/wifi-vulnerabilities/
Subdomain Takeover Spam
https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
ISC StormCast for Monday, February 26th, 2024
Update MGLNDD * Scans
https://isc.sans.edu/forums/diary/Update%3A%20MGLNDD_*%20Scans/30686/
Simple Anti-Sandbox Technique: Where’s the Mouse
https://isc.sans.edu/diary/Simple%20Anti-Sandbox%20Technique%3A%20Where%27s%20The%20Mouse%3F/30684
Security Vulnerabilities in Apex Code Could Leak Salesforce Data
https://www.varonis.com/blog/apex-code-vulnerabilities
IBM Operation Decision Manager Exploit CVE-2024-22319 CVE-2024-22320
https://labs.watchtowr.com/double-k-o-rce-in-ibm-operation-decision-manager/
Linux Kernel TLS Vulnerability CVE-2024-26582
https://lore.kernel.org/linux-cve-announce/2024022139-spruce-prelude-c358@gregkh/
ISC StormCast for Friday, February 23rd, 2024
Friend, Foe or Something In Between
https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Friend%2C%20foe%20or%20something%20in%20between%3F%20The%20grey%20area%20of%20%27security%20research%27/30670
Large AT&T Wireless Network Outage
https://isc.sans.edu/diary/Large%20AT%26T%20Wireless%20Network%20Outage%20%23att%20%23outage/30680
Connect Wise Screenconnect Userd by LockBit
https://www.bleepingcomputer.com/news/security/screenconnect-servers-hacked-in-lockbit-ransomware-attacks/
SSH Snake Abused in the Wild
https://github.com/MegaManSec/SSH-Snake
ISC StormCast for Thursday, February 22nd, 2024
Phishing Pages Hosted on Archive.org
https://isc.sans.edu/forums/diary/Phishing%20pages%20hosted%20on%20archive.org/30676/
ScreenConnect Authentication Bypass Exploit CVE-2024-1709 CVE-2024-1708)
https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
iMessage with PQ3
https://security.apple.com/blog/imessage-pq3/
.png?1708011585)
Diversifying the security workforce
Larry Whiteside, Jr., CISO at RegScale and Co-Founder and President at Cyversity, discusses the importance of diversity within the security workforce and how critical mentorship is when it comes developing talent.
ISC StormCast for Wednesday, February 21st, 2024
Old Mirai New Exploits
https://isc.sans.edu/diary/Mirai-Mirai%20On%20The%20Wall…%20%5BGuest%20Diary%5D/30658
KeyTrap PoC Exploit
https://github.com/knqyf263/CVE-2023-50387
Google Open Sources Magika File ID System
https://opensource.googleblog.com/2024/02/magika-ai-powered-fast-and-efficient-file-type-identification.html
Exploiting Unsynchronised Clocks
https://attackshipsonfi.re/p/exploiting-unsynchonised-clocks
ISC StormCast for Tuesday, February 20th, 2024
Old Mirai New Exploits
https://isc.sans.edu/diary/Mirai-Mirai%20On%20The%20Wall…%20%5BGuest%20Diary%5D/30658
KeyTrap PoC Exploit
https://github.com/knqyf263/CVE-2023-50387
Google Open Sources Magika File ID System
https://opensource.googleblog.com/2024/02/magika-ai-powered-fast-and-efficient-file-type-identification.html
Exploiting Unsynchronised Clocks
https://attackshipsonfi.re/p/exploiting-unsynchonised-clocks
ISC StormCast for Monday, February 19th, 2024
SolarWinds Security Advisories
https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-3_release_notes.htm
Google Chrome Adds Private Network Checks
https://chromestatus.com/feature/4869685172764672
Gold Factory iOS Trojan
https://www.group-ib.com/blog/goldfactory-ios-trojan/
.jpg?1705954678)
Use reliable intel to make informed decisions in a crisis
With geopolitical threats on the rise, organizations are finding the impact misinformation has had on making critical decisions in a time of crisis. I
