-
ISC Stormcast For Monday, July 6th, 2026 https://isc.sans.edu/podcastdetail/9994, (Mon, Jul 6th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-

Why Ask Credentials If There Are Secret Codes?, (Wed, Jul 1st)
This morning, an interesting phishing email hit my mailbox. It targets Metamask[1], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users store, send, and receive crypto money. It’s pretty popular, so a juicy target for criminals. In February, I already mentioned a campaign against them[2]. Today’s email was different…
-
ISC Stormcast For Wednesday, July 1st, 2026 https://isc.sans.edu/podcastdetail/9990, (Wed, Jul 1st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
June 2026 Apple Updates, (Tue, Jun 30th)
Apple released updates for iOS/iPadOS, macOS, and Safari on Monday. There have been no updates for other Apple operating systems (visionOS, watchOS, tvOS). Usually, Apple updates all products at the same time. Most of the vulnerabilities affect the web browser (WebKit, libxslt, WebRTC, and Web Extension). Only four of the vulnerabilities are not directly related…
-
ISC Stormcast For Tuesday, June 30th, 2026 https://isc.sans.edu/podcastdetail/9988, (Tue, Jun 30th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-

Adding some Automation to the favicon.ico method of Host Recon, (Mon, Jun 29th)
I’m in the throes of target host recon for another pentest, and thought I’d share some workflow / automation stuff. In the past, I’ve discussed using historic DNS “mining” to collect target hosts in the domain. I thought I’d share some work on using the favicon.ico methods to expand on that. Jan has an excellent…
-
ISC Stormcast For Monday, June 29th, 2026 https://isc.sans.edu/podcastdetail/9986, (Mon, Jun 29th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
YARA-X 1.18.0 and 1.19.0 Release, (Sun, Jun 28th)
YARA-X’s 1.18.0 release brings 3 improvements and 2 bugfixes. One of the improvements is a new command-line option, –cpu-limit, allowing one to limit the amount of CPU YARA requires. YARA-X’s 1.19.0 release brings 4 improvements and 2 bugfixes. Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States…
-
![What do Ports Hear When Nobody’s Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)](/wp-content/uploads/2026/06/Nicole_Phillips_pic1-rL37wG.png)
What do Ports Hear When Nobody’s Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)
[This is a Guest Diary by Nicole Phillips, an ISC intern as part of the SANS.edu BACS program] “I was just sitting here enjoying the company. Plants got a lot to say, if you take the time to listen.“ — Eeyore, Winnie the Pooh Introduction: Listening to the Static Setting up and contributing to the…

