INTERNET STORM CENTER SPOTLIGHT
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Microsoft Patch Tuesday December 2023
Published: 2023-12-12
Last Updated: 2023-12-12 18:25:35 UTC
by Johannes Ullrich (Version: 1)
Microsoft had a rather light patch Tuesday for us today. Today's set includes 4 critical, 30 important, and one moderate vulnerability. In addition, Microsoft included five Chromium patches that are part of Edge. Only one vulnerability was made public before today. No exploited vulnerabilities are patched today.
This will hopefully make for a not-too-stressful holiday patch month.
Read the full entry:
https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+December+2023/30480/
Apple Patches Everything
Published: 2023-12-11
Last Updated: 2023-12-11 19:14:53 UTC
by Johannes Ullrich (Version: 1)
Apple today released updates for iOS, macOS, tvOS and watchOS. This updates 43 vulnerabilities. Two of the vulnerabilities are already being exploited. Last week, these two vulnerabilities received patches for current versions of iOS and macOS. This new update covers older iOS and macOS versions as well.
Read the full entry:
https://isc.sans.edu/diary/Apple+Patches+Everything/30474/
IPv4-mapped IPv6 Address Used For Obfuscation
Published: 2023-12-09
Last Updated: 2023-12-12 15:17:28 UTC
by Didier Stevens (Version: 1)
A reader submitted an unusual URL...
Notice the format of the hostname: ::ffff:a.b.c.d
I had to look this up: this is a IPv4-mapped IPv6 address. It is a format to describe an IPv4 address using a IPv6 address format.
Read the full entry:
https://isc.sans.edu/diary/IPv4mapped+IPv6+Address+Used+For+Obfuscation/30466/