-
ISC Stormcast For Tuesday, January 20th, 2026 https://isc.sans.edu/podcastdetail/9772, (Tue, Jan 20th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-

“How many states are there in the United States?”, (Sun, Jan 18th)
I’ve seen many API requests for different LLMs in the honeypot logs. Like this one: The prompt is always the same: “How many states are there in the United States?”. This is recon to find open LLMs. Not necessarily to exploit them, but to use them. Coincidentally, something similar has been reported in the news: “Hackers…
-
Wireshark 4.6.3 Released, (Sat, Jan 17th)
Wireshark release 4.6.3 fixes 4 vulnerabilities and 9 bugs. Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Friday, January 16th, 2026 https://isc.sans.edu/podcastdetail/9770, (Fri, Jan 16th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
![Battling Cryptojacking, Botnets, and IABs [Guest Diary], (Thu, Jan 15th)](/wp-content/uploads/2026/01/Matthew_Presnal_pic1-YPekwU.png)
Battling Cryptojacking, Botnets, and IABs [Guest Diary], (Thu, Jan 15th)
[This is a Guest Diary by Matthew Presnal, an ISC intern as part of the SANS.edu BACS program] Cryptojacking and botnets can pose a greater threat than a simple drain of resources. These organizations have been known to engage in “DDoS for Hire” or even selling off footholds, acting as Initial Access Brokers (IABs). To…
-
ISC Stormcast For Thursday, January 15th, 2026 https://isc.sans.edu/podcastdetail/9768, (Thu, Jan 15th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-

Infection repeatedly adds scheduled tasks and increases traffic to the same C2 domain, (Wed, Jan 14th)
Introduction In recent weeks, Lumma Stealer infections have followed a specific pattern in follow-up activity. This pattern adds scheduled tasks for the same action, which increases traffic to the same C2 domain. This diary documents an example from one of these infections on January 14, 2026. Details After Lumma Stealer performs its data exfiltration, the…
-
ISC Stormcast For Wednesday, January 14th, 2026 https://isc.sans.edu/podcastdetail/9766, (Wed, Jan 14th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
January 2026 Microsoft Patch Tuesday Summary, (Tue, Jan 13th)
Today, Microsoft released patches for 113 vulnerabilities. One of these vulnerabilities affected the Edge browser and was patched upstream by Chromium. Eight of the vulnerabilities are rated critical. One has been disclosed before today, and one is already being exploited. Five of the critical vulnerabilities affect Microsoft Office components. Noteworthy Vulnerabilities %%cve:2026-20854%%: A remote code…
-
ISC Stormcast For Tuesday, January 13th, 2026 https://isc.sans.edu/podcastdetail/9764, (Tue, Jan 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

