Contacts
Info
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually...
show more
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
show less
SANS ISC Network Security News
SANS ISC Network Security News
ISC StormCast for Monday, July 22nd, 2024
22 JUL 2024 · Widespread Windows Crashes Due to Crowdstrike Updates
https://isc.sans.edu/diary/Widespread%20Windows%20Crashes%20Due%20to%20Crowdstrike%20Updates/31094
https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
https://www.crowdstrike.com/blog/falcon-update-for-windows-hosts-technical-details/
https://techcommunity.microsoft.com/t5/intune-customer-success/new-recovery-tool-to-help-with-crowdstrike-issue-impacting/ba-p/4196959
ISC StormCast for Friday, July 19th, 2024
19 JUL 2024 · Oracle Quarterly Critical Patch Update
https://www.oracle.com/security-alerts/cpujul2024.html
Exchange Online Implementing Inbound SMTP DANE with DNSSEC
https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-public-preview-of-inbound-smtp-dane-with-dnssec-for/ba-p/4155257
VPN Port Shadowing Vulnerability
https://petsymposium.org/popets/2024/popets-2024-0070.pdf
ISC StormCast for Thursday, July 18th, 2024
18 JUL 2024 · Who You Gonna Call: Androx Gh0st Busters!
https://isc.sans.edu/diary/Who%20You%20Gonna%20Call%3F%20AndroxGh0st%20Busters!%20%5BGuest%20Diary%5D/31086
Cisco Smart Software Manager Vulnerability CVE-2024-20419
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy
Critical Security Flaw in Cisco Secure Email Gateway: CVE-2024-20401
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH
Microsoft Introducing Checkpoint Updates
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-windows-11-checkpoint-cumulative-updates/ba-p/4182552
GeoServer Patches
https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv
ISC StormCast for Wednesday, July 17th, 2024
17 JUL 2024 · Reply Chain Phishing With a Twist
https://isc.sans.edu/diary/%22Reply-chain%20phishing%22%20with%20a%20twist/31084
Claroty TP-Link and Synology IP Camera Exploits
https://claroty.com/team82/research/pivoting-from-wan-to-lan-synology-bc500-ip-camera
https://claroty.com/team82/research/pwn2own-wan-to-lan-exploit-showcase
Cosmic Sting Hits Adobe Commerce Stores
https://sansec.io/research/cosmicsting-hitting-major-stores
ISC StormCast for Tuesday, July 16th, 2024
16 JUL 2024 · Protected OOXML Spreadsheets
https://isc.sans.edu/diary/Protected%20OOXML%20Spreadsheets/31070
Leaked PyPi Secret Token Revealed in Binary
https://jfrog.com/blog/leaked-pypi-secret-token-revealed-in-binary-preventing-suppy-chain-attack/
Microsoft 365 Defender Affected by June Update
https://learn.microsoft.com/en-us/windows/release-health/status-windows-server-2022#network-data-reporting-from-microsoft-365-defender-may-be-interrupted
ISC StormCast for Monday, July 15th, 2024
15 JUL 2024 · 16-Bit Hash Collisions in XLS Spreadsheets
https://isc.sans.edu/diary/16-bit%20Hash%20Collisions%20in%20.xls%20Spreadsheets/31066
Attacks against the "Nette" PHP framework CVE-2020-15227
https://isc.sans.edu/forums/diary/Attacks+against+the+Nette+PHP+framework+CVE202015227/31076/
Squarespace Hijacked Domains
https://github.com/security-alliance/advisories/blob/main/2024-07-squarespace.pdf
ISC StormCast for Friday, July 12th, 2024
12 JUL 2024 · Understanding SSH Honeypot Logs: Attackers Fingerprinting Honeypots
https://isc.sans.edu/diary/Understanding%20SSH%20Honeypot%20Logs%3A%20Attackers%20Fingerprinting%20Honeypots/31064
Patch or Peril: A Veeam Vulnerability Incident
https://www.group-ib.com/blog/estate-ransomware/
Juniper Patches
https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=%40sfcec_community_publish_date_formula__c%20descending&f:ctype=%5BSecurity%20Advisories%5D
VMWare Aria Automation SQL Injection Vuln;
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598
Leaked SMS Messages
https://www.ccc.de/de/updates/2024/2fa-sms
ISC StormCast for Thursday, July 11th, 2024
11 JUL 2024 · Finding Honeypot Data Clusters Using DBSCAN Part 1
https://isc.sans.edu/diary/Finding%20Honeypot%20Data%20Clusters%20Using%20DBSCAN%3A%20Part%201/31050
Second RegreSSHion Like OpenSSH Vulnerability
https://lwn.net/ml/all/20240708162106.GA4920@openwall.com/
Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks in Internet Shortcut File CVE-2024-38112
https://research.checkpoint.com/2024/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112/
SharePoint Proof of Concept Exploit CVE-2024-38094 CVE-2024-38024 CVE-2024-38023
https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC/blob/main/poc_filtered.py
Citrix Netscaler, Agent and SDX Security Bulletin CVE-2024-6235 CVE-2024-6236
https://support.citrix.com/article/CTX677998/netscaler-console-agent-and-sdx-security-bulletin-for-cve20246235-and-cve20246236
OpenVPN Updates
https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/
ISC StormCast for Wednesday, July 10th, 2024
10 JUL 2024 · Microsoft Patch Tuesday July 2024
https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20July%202024/31058
Adobe Patches
https://helpx.adobe.com/security/security-bulletin.html
RADIUS protocol susceptible to forgery attacks
https://kb.cert.org/vuls/id/456537
https://www.inkbridgenetworks.com/blastradius/faq
ISC StormCast for Tuesday, July 9th, 2024
9 JUL 2024 · Kunai: Keep an Eye on your Linux Hosts Activity
https://isc.sans.edu/diary/Kunai%3A%20Keep%20an%20Eye%20on%20your%20Linux%20Hosts%20Activity/31054
Decryptor for DoNex Ransomware
https://decoded.avast.io/threatresearch/decrypted-donex-ransomware-and-its-predecessors/
Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve)
https://www.oligo.security/blog/shelltorch-explained-multiple-vulnerabilities-in-pytorch-model-server
Exim Bypass Attachment Inspection
https://bugs.exim.org/show_bug.cgi?id=3099#c4
Toshiba/Sharp Printer vulnerabilities
https://pierrekim.github.io/blog/2024-06-27-toshiba-mfp-40-vulnerabilities.html
https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually...
show more
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
show less
Information
| Author | Johannes Ullrich |
| Organization | Johannes Ullrich |
| Categories | Technology |
| Website | isc.sans.edu |
| handlers@isc.sans.edu |
Copyright 2024 - Spreaker Inc. an iHeartMedia Company
