-
ISC Stormcast For Monday, October 20th, 2025 https://isc.sans.edu/podcastdetail/9662, (Sun, Oct 19th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
TikTok Videos Promoting Malware Installation, (Fri, Oct 17th)
Attackers are everywhere! They try to abuse victims using new communication channels and social engineering techniques! Somebody pointed my to the following Tik-Tok video: hxxps://vm[.]tiktok[.]com/ZGdaCkbEF/. The author pretends to provide you an easy way to activate Photoshop for free: Note that the video has already been liked more than 500 times! The technique is similar to…
-
ISC Stormcast For Friday, October 17th, 2025 https://isc.sans.edu/podcastdetail/9660, (Fri, Oct 17th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
New DShield Support Slack, (Thu, Oct 16th)
This week, we set up a new Slack workspace for DShield.org. This workspace replaces the old workspace we originally configured back in 2016 or 2017. The workspace was originally configured as a free workspace to support the DShield.org community. Over the years, it has had a good following and a good amount of traffic. Sadly, we…
-
ISC Stormcast For Thursday, October 16th, 2025 https://isc.sans.edu/podcastdetail/9658, (Wed, Oct 15th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Clipboard Pictures Exfiltration in Python Infostealer, (Wed, Oct 15th)
For a while, clipboard content has been monitored by many infostealers. Purposes can be multiple, like simply searching and exfiltrating juicy data or on-the-fly modification like crypto-wallet swapping[1]. Note that the clipboard is a major risk when you don’t disable clipboard sharing between your virtual machines and hosts. A malware running in a sandbox will…
-
ISC Stormcast For Wednesday, October 15th, 2025 https://isc.sans.edu/podcastdetail/9656, (Tue, Oct 14th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Microsoft Patch Tuesday October 2025, (Tue, Oct 14th)
I am experimenting today with a little bit of a cleaned-up patch overview. I removed vulnerabilities that affect Microsoft’s cloud systems (but appreciate Microsoft listing them at all), as well as vulnerabilities in third-party software like open source libraries. This should leave us with Microsoft-specific on-premises vulnerabilities. This month, this leaves 157 different vulnerabilities. Eight…
-
ISC Stormcast For Tuesday, October 14th, 2025 https://isc.sans.edu/podcastdetail/9654, (Mon, Oct 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Heads Up: Scans for ESAFENET CDG V5 , (Mon, Oct 13th)
In January, a possible XSS vulnerability was found in the electronic document security management system ESAFENET CDG. This was the latest (as far as I can tell) in a long list of vulnerabilities in the product. Prior vulnerabilities included SQL injection issues and weaknesses in the encryption used to safeguard documents. In other words: A typical…
