Microsoft January 2024 Patch Tuesday

 https://isc.sans.edu/forums/diary/Microsoft+January+2024+Patch+Tuesday/30548/

Adobe Vulnerabilities

 https://helpx.adobe.com/security/products/substance3d_stager/apsb24-06.html

CVE-2023-50916: Authentication Coercion Vulnerablity in Kyocera Device Manager

 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-50916-authentication-coercion-vulnerability-in-kyocera-device-manager/

Network Connected Wrenches Used in Factories can be hacked

 https://arstechnica.com/security/2024/01/network-connected-wrenches-used-in-factories-can-be-hacked-for-sabotage-or-ransomware/


ISC StormCast for Wednesday, January 10th, 2024

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Technology

Tech News

Podcasting

Gadgets

Software How-To

News

Overview of My Tools That Handle JSON Data

 https://isc.sans.edu/diary/Overview%20of%20My%20Tools%20That%20Handle%20JSON%20Data/31012

Python Serialization and "Sleepy Pickle"

 https://x.com/MarkBaggett/status/1801732554740969561

Detecting Headless Chrome

 https://deviceandbrowserinfo.com/learning_zone/articles/detecting-headless-chrome-puppeteer-2024

Detecting Malicious VS Code Extensions

 https://medium.com/@amitassaraf/4-6-introducing-extensiontotal-how-to-assess-risk-in-vs-code-extensions-3ac5bfd83fb1

ASUS Router Critical Vulnerability

 https://www.asus.com/content/asus-product-security-advisory/


ISC StormCast for Monday, June 17th, 2024

The Art of JQ and Command-Line Fu

 https://isc.sans.edu/diary/The%20Art%20of%20JQ%20and%20Command-line%20Fu%20%5BGuest%20Diary%5D/31006

Microsoft Outlook Vulnerablity Details

 https://blog.morphisec.com/cve-2024-30103-microsoft-outlook-vulnerability

Keeping our Outlook Personal Email Users Safe

 https://techcommunity.microsoft.com/t5/outlook-blog/keeping-our-outlook-personal-email-users-safe-reinforcing-our/ba-p/4164184

Exploiting ML models with pickle file attacks

 https://blog.trailofbits.com/2024/06/11/exploiting-ml-models-with-pickle-file-attacks-part-1/


ISC StormCast for Friday, June 14th, 2024

MSMQ Packets

 https://isc.sans.edu/diary/Port%201801%20Traffic%3A%20Microsoft%20Message%20Queue/31004

Adobe Updates

 https://helpx.adobe.com/security/products/magento/apsb24-40.html

Black Basta Exploited CVE-2024-26169 Prior to Patch

 https://symantec-enterprise-blogs.security.com/threat-intelligence/black-basta-ransomware-zero-day

Pixel Phone 0-Day Patched

 https://source.android.com/docs/security/bulletin/pixel/2024-06-01

 


ISC StormCast for Thursday, June 13th, 2024

Microsoft Patch Tuesday

 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20June%202024/31000

JetBrains IntelliJ Based IDE GitHub Plugin Vulnerability

 https://blog.jetbrains.com/security/2024/06/updates-for-security-issue-affecting-intellij-based-ides-2023-1-and-github-plugin/

Veeam Recovery Orchestrator (VRO) vulnerability CVE-2024-29855

 https://www.veeam.com/kb4585

Precor Threadmill Vulnerablity

 https://securityintelligence.com/x-force/internet-connected-treadmill-vulnerabilities-discovered/


ISC StormCast for Wednesday, June 12th, 2024

Veeam Exploit CVE-2024-29849

 https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/

SORBS Shutdown

 https://www.theregister.com/2024/06/07/sorbs_closed/

Rogue Cell Tower Shut Down in London

 https://www.cityoflondon.police.uk/news/city-of-london/news/2024/june/two-people-arrested-in-connection-with-investigation-into-homemade-mobile-antenna-used-to-send-thousands-of-smishing-text-messages-to-the-public/

Malicious Comfyui Modules

 https://www.youtube.com/watch?v=ntwGHjBCbeQ


ISC StormCast for Wednesday, January 10th, 2024

Download our free app to listen on your phone