-
ISC Stormcast For Wednesday, April 16th, 2025 https://isc.sans.edu/podcastdetail/9410, (Wed, Apr 16th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Online Services Again Abused to Exfiltrate Data, (Tue, Apr 15th)
If Attackers can abuse free online services, they will do for sure! Why spend time to deploy a C2 infrastructure if you have plenty of ways to use “official” services. Not only, they don’t cost any money but the traffic can be hidden in the normal traffic; making them more difficult to detect. A very…
-
ISC Stormcast For Tuesday, April 15th, 2025 https://isc.sans.edu/podcastdetail/9408, (Tue, Apr 15th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
xorsearch.py: Searching With Regexes, (Mon, Apr 14th)
As promised in diary entry “XORsearch: Searching With Regexes“, I will outline another method to search with xorsearch and regexes. In stead of XORsearch.exe, the original tool that is written in C and compiled, we will use xorsearch.py, a new tool written in Python. Unlike XORsearch.exe, xorsearch.py supports YARA rules, and thus regex searches. Let’s…
-
ISC Stormcast For Monday, April 14th, 2025 https://isc.sans.edu/podcastdetail/9406, (Mon, Apr 14th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Exploit Attempts for Recent Langflow AI Vulnerability (CVE-2025-3248), (Sat, Apr 12th)
Two weeks ago, version 1.3.0 of Langflow was released. The release notes list many fixes but do not mention that one of the “Bug Fixes” addresses a major vulnerability. Instead, the release notes state, “auth current user on code validation.” [1] Its website states, “Langflow is a low-code tool for developers that makes it easier…
-
ISC Stormcast For Friday, April 11th, 2025 https://isc.sans.edu/podcastdetail/9404, (Fri, Apr 11th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Thursday, April 10th, 2025 https://isc.sans.edu/podcastdetail/9402, (Thu, Apr 10th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
![Network Infraxploit [Guest Diary], (Wed, Apr 9th)](/wp-content/uploads/2025/04/Matthew_Gorman_pic1-guOZ2Q.png)
Network Infraxploit [Guest Diary], (Wed, Apr 9th)
[This is a Guest Diary by Matthew Gorman, an ISC intern as part of the SANS.edu BACS program] Background I recently had the opportunity to get hands on with some Cisco networking devices. Due to being a network engineer prior to my current job as a network forensics analyst, I have a relatively solid understanding…
-
ISC Stormcast For Wednesday, April 9th, 2025 https://isc.sans.edu/podcastdetail/9400, (Wed, Apr 9th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
