-
From YARA Offsets to Virtual Addresses, (Fri, Sep 5th)
YARA is an excellent tool that most of you probably already know and use daily. If you don’t, search on isc.sans.edu, we have a bunch of diaries about it[1]. YARA is very powerful because you can search for arrays of bytes that represent executable code. In this case, you provide the hexadecimal representation of the…
-
ISC Stormcast For Friday, September 5th, 2025 https://isc.sans.edu/podcastdetail/9600, (Fri, Sep 5th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Thursday, September 4th, 2025 https://isc.sans.edu/podcastdetail/9598, (Thu, Sep 4th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086, (Wed, Sep 3rd)
When I am thinking about the security of manufacturing environments, I am usually focusing on IoT devices integrated into production lines. All the little sensors and actuators are often very difficult to secure. On the other hand, there is also “big software” that is used to manage manufacturing. One example is DELMIA Apriso by Dassault Systèmes.…
-
ISC Stormcast For Wednesday, September 3rd, 2025 https://isc.sans.edu/podcastdetail/9596, (Wed, Sep 3rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
A quick look at sextortion at scale: 1,900 messages and 205 Bitcoin addresses spanning four years, (Tue, Sep 2nd)
What can almost 2,000 sextortion messages tell us about how threat actors operate and whether they are successful? Let’s find out. Although it is true that I covered sextortion in my last diary[1], I thought the topic deserved further discussion today. This is not because we didn’t cover sextortion in enough depth here at the Internet…
-
ISC Stormcast For Tuesday, September 2nd, 2025 https://isc.sans.edu/podcastdetail/9594, (Tue, Sep 2nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
pdf-parser: All Streams, (Sun, Aug 31st)
A user reported a bug in pdf-parser: when dumping all filtered streams, an error would occur: The reason for the error, is that not all streams have filters applied to them, and thus dumping a filtered stream that has no filter caused a bug. I have fixed this: But I would like to point out…
-
Wireshark 4.4.9 Released, (Sun, Aug 31st)
Wireshark release 4.4.9 fixes 5 bugs. Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Friday, August 29th, 2025 https://isc.sans.edu/podcastdetail/9592, (Fri, Aug 29th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
