SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Crypto Wallet Scam
Published: 2025-02-03
Last Updated: 2025-02-03 09:10:15 UTC
by Didier Stevens (Version: 1)
Johannes noticed a SPAM comment on his YouTube channel ...
It was clear to us that this was a scam, but it wasn't clear to us how it worked.
The seed phrase allows you to derive the private keys of the wallets, and gives you full control over the wallet. And as security professionals, we know you must never share private keys. So the scammer wants us to think that they shared their private keys without understanding the risk. And thus creating a (false) opportunity for dishonest people wanting to appropriate the content of the wallet. Because you have the private keys, you can move the funds out of the wallet to your own wallet.
So one could install wallet software and use the private key to control the wallet.
But let's do this a bit differently.
Mnemonic Code Converter is an online/offline HTML page that takes seed phrases and converts them to a seed (BIP39) and addresses (BIP44).
Doing this for the scammer's seed phrase give this ...
Read the full entry: https://isc.sans.edu/diary/Crypto+Wallet+Scam/31646/
Some updates to our data feeds
Published: 2025-02-04
Last Updated: 2025-02-04 16:01:03 UTC
by Johannes Ullrich (Version: 1)
We have offered several different data feeds via our API or other means. However, we are often not very good at documenting what these feeds are all about. Currently, I am in the process of fixing the documentation around these data feeds.
These data feeds are used to augment our data, but may also be helpful to add "color to your logs", which is how I see most of this data being used. Many data feeds do not contain lists of IPs that should be classified as malicious. For example, we attempt to collect IP addresses of public NTP servers. These are usually part of "pool.ntp.org". We are collecting them because they have triggered false positives. Knowing that an IP address is associated with a public NTP server in case you see odd traffic from or to port 123 is helpful.
Just last week, I came across another resource that I found helpful: rosti.bin.re extracts IoCs from various sources like news articles and blog posts. I added this data to our "IP Info" page to provide this useful context in case you are searching for an IP.
The data we produce is published under a "Creative Commons" license. You may use the data for free if you acknowledge the source and do not resell the data. We do not offer commercial licenses, but if you ask nicely and do not play stupid vendor tricks, we will sometimes allow commercial use. Using the data to help you secure your network is always okay, even if the network is commercial. All data is provided "as is" and we are not responsible if you break your network, lose your job, or start a nuclear war by replacing your dead man switch with our API.
So why do we not make these lists simple "blocklists" for your firewall? In my opinion, most of these lists are stupid, and ours would not be any better. I am not able to tell you what IPs you should block. Many of these IPs exploit well-known vulnerabilities. Spend your time fixing the vulnerability. We will never have a list of all IPs exploiting a particular vulnerability, and the list will never be free of false positives. Consume the data responsibly. We are not going to help you waste time or money. If you need help with that, please contact your enterprise security vendor.
We do, however, always like your data :). The best way to say "Thank You" is to run a honeypot and feed us data. We also appreciate feedback and suggestions for other data sources. Please use our contact page to provide feedback. We would particularly like to hear how you use our data ...
Read the full entry: https://isc.sans.edu/diary/Some+updates+to+our+data+feeds/31650/
To Simulate or Replicate: Crafting Cyber Ranges (2025.01.31)
https://isc.sans.edu/diary/To+Simulate+or+Replicate+Crafting+Cyber+Ranges/31642/
PCAPs or It Didn't Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary] (2025.01.30)
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
Product: Fortinet FortiOS
CVSS Score: 0
** KEV since 2025-01-14 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-55591
ISC Podcast: https://isc.sans.edu/podcastdetail/9298
Product: Multiple Apple products
CVSS Score: 7.8
** KEV since 2025-01-29 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24085
NVD References:
- https://support.apple.com/en-us/122066
- https://support.apple.com/en-us/122068
- https://support.apple.com/en-us/122071
Product: NETGEAR DGN1000
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12847
ISC Diary: https://isc.sans.edu/diary/31638
Product: ThimPress FundPress
Active Installations: 300+
CVSS Score: 9.8
Product: MORKVA Shipping for Nova Poshta
Active Installations: 500+
CVSS Score: 9.3
Product: TRENDnet TEW-632BRP
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57590
NVD References: https://github.com/IdaJea/IOT_vuln_1/blob/master/tew632/ntp_sync.md
Product: DLINK DIR-825 REVB 2.03
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57595
NVD References:
- https://github.com/IdaJea/IOT_vuln_1/blob/master/DIR825/wps_pin.md
Product: Eniture Technology LTL Freight Quotes - Worldwide Express Edition
Active Installations: 100+
CVSS Score: 9.3
Product: Pdfcrowd Save as PDF plugin
Active Installations: 1,000+
CVSS Score: 9.8
Product: Cacti
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22604
NVD References:
- https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0
- https://github.com/Cacti/cacti/security/advisories/GHSA-c5j8-jxj3-hh36
Product: FLXeon
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-48841
NVD References: https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684&LanguageCode=en&DocumentPartId=PDF&Action=Launch
Product: FLXeon
CVSS Score: 9.4
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-48849
NVD References: https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684&LanguageCode=en&DocumentPartId=PDF&Action=Launch
Product: FLXeon
CVSS Score: 9.4
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-48852
NVD References: https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684&LanguageCode=en&DocumentPartId=PDF&Action=Launch
Product: Multiple Apple products
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-54512
NVD References:
Product: Multiple Apple products
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-54530
NVD References:
- https://support.apple.com/en-us/121837
- https://support.apple.com/en-us/121839
Product: Apple macOS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24093
NVD References:
Product: Multiple Apple products
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24102
NVD References:
- https://support.apple.com/en-us/122067
- https://support.apple.com/en-us/122068
Product: Apple macOS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24106
NVD References:
- https://support.apple.com/en-us/122068
Product: Apple macOS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24109
NVD References:
- https://support.apple.com/en-us/122068
Product: Multiple Apple products
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24118
NVD References:
- https://support.apple.com/en-us/122067
Product: Multiple Apple products
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24123
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24124
NVD References:
- https://support.apple.com/en-us/122066
- https://support.apple.com/en-us/122067
- https://support.apple.com/en-us/122068
- https://support.apple.com/en-us/122069
- https://support.apple.com/en-us/122070
- https://support.apple.com/en-us/122071
Product: Multiple Apple products
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24126
NVD References:
- https://support.apple.com/en-us/122066
- https://support.apple.com/en-us/122068
- https://support.apple.com/en-us/122071
Product: Apple macOS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24130
NVD References:
- https://support.apple.com/en-us/122068
Product: Apple macOS SequoiaCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24135NVD References: https://support.apple.com/en-us/122068CVE-2025-24139 - macOS is vulnerable to unexpected app termination when parsing a maliciously crafted file, fixed in recent updates.Product: Apple macOSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24139NVD References: - https://support.apple.com/en-us/122068- https://support.apple.com/en-us/122069- https://support.apple.com/en-us/122070CVE-2025-24146 - macOS Messages may expose user contact information in system logging when deleting a conversation.Product: Apple macOSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24146NVD References: - https://support.apple.com/en-us/122068- https://support.apple.com/en-us/122069- https://support.apple.com/en-us/122070CVE-2025-24151 - macOS Ventura, macOS Sequoia, and macOS Sonoma are vulnerable to an app being able to cause unexpected system termination or corrupt kernel memory due to poor memory handling.Product: Apple macOSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24151NVD References: - https://support.apple.com/en-us/122068- https://support.apple.com/en-us/122069- https://support.apple.com/en-us/122070CVE-2025-24154 - macOS, visionOS, iOS, and iPadOS are vulnerable to an out-of-bounds write issue that could allow an attacker to cause unexpected system termination or corrupt kernel memory, which has been fixed in the latest updates.Product: Multiple Apple productsCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24154NVD References: - https://support.apple.com/en-us/122066- https://support.apple.com/en-us/122068- https://support.apple.com/en-us/122069- https://support.apple.com/en-us/122070- https://support.apple.com/en-us/122073CVE-2025-24162 - visionOS, Safari, iOS, iPadOS, macOS Sequoia, watchOS, and tvOS versions 2.3, 18.3, 18.3, 18.3, 15.3, 11.3, and 18.3, may crash unexpectedly due to processing maliciously crafted web content.Product: Multiple Apple productsCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24162NVD References: - https://support.apple.com/en-us/122066- https://support.apple.com/en-us/122068- https://support.apple.com/en-us/122071- https://support.apple.com/en-us/122072- https://support.apple.com/en-us/122073- https://support.apple.com/en-us/122074CVE-2025-24163 - iPadOS, macOS, visionOS, iOS, iPadOS, macOS, watchOS, and tvOS versions 17.7.4, 14.7.3, 2.3, 18.3, 18.3, 15.3, 11.3, and 18.3 may experience unexpected app termination when parsing a file, but has been fixed with improved checks.Product: Multiple Apple productsCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24163NVD References: - https://support.apple.com/en-us/122066- https://support.apple.com/en-us/122067- https://support.apple.com/en-us/122068- https://support.apple.com/en-us/122069- https://support.apple.com/en-us/122071- https://support.apple.com/en-us/122072- https://support.apple.com/en-us/122073CVE-2025-24174 - macOS Ventura, macOS Sequoia, and macOS Sonoma have vulnerabilities that allow apps to bypass Privacy preferences, fixed in versions 13.7.3, 15.3, and 14.7.3 respectively.Product: Apple macOSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24174NVD References: - https://support.apple.com/en-us/122068- https://support.apple.com/en-us/122069- https://support.apple.com/en-us/122070CVE-2024-57052 - YoudianCMS v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file.Product: YoudianCMSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57052NVD References: https://gist.github.com/yahaha9/720fb45bbebda62dc198568c8d275df8CVE-2024-57548 - CMSimple 5.16 allows the user to edit log.php file via print page.Product: CMSimpleCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57548NVD References: - https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb- https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Broken%20Access%20Control%20to%20log.php.mdCVE-2022-3365 - Remote Mouse Server by Emote Interactive allows for injection of OS commands due to weak encryption and default password usage.Product: Emote Interactive Remote Mouse ServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-3365NVD References: https://github.com/rapid7/metasploit-framework/pull/17067CVE-2024-12647, CVE-2024-12648, CVE-2024-12649 - Satera MF656Cdw/Satera MF654Cdw Small Office Multifunction Printers and Laser Printers may be susceptible to buffer overflow vulnerabilities, leading to potential network unresponsiveness or arbitrary code execution.Product: Canon Small Office Multifunction Printers and Laser PrintersCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12647NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12648NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12649NVD References: - https://canon.jp/support/support-info/25…
Product: Apple macOS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24146
NVD References:
- https://support.apple.com/en-us/122068
Product: Apple macOS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24151
NVD References:
- https://support.apple.com/en-us/122068
Product: Multiple Apple products
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24154
NVD References:
- https://support.apple.com/en-us/122066
- https://support.apple.com/en-us/122068
- https://support.apple.com/en-us/122069
Product: Multiple Apple products
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24162
NVD References:
- https://support.apple.com/en-us/122066
- https://support.apple.com/en-us/122068
- https://support.apple.com/en-us/122071
- https://support.apple.com/en-us/122072
Product: Multiple Apple products
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24163
NVD References:
- https://support.apple.com/en-us/122066
- https://support.apple.com/en-us/122067
- https://support.apple.com/en-us/122068
- https://support.apple.com/en-us/122069
- https://support.apple.com/en-us/122071
Product: Apple macOS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24174
NVD References:
- https://support.apple.com/en-us/122068
Product: YoudianCMS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57052
NVD References: https://gist.github.com/yahaha9/720fb45bbebda62dc198568c8d275df8
Product: Emote Interactive Remote Mouse Server
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-3365
NVD References: https://github.com/rapid7/metasploit-framework/pull/17067
Product: Canon Small Office Multifunction Printers and Laser Printers
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12647
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12648
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12649
NVD References:
- https://canon.jp/support/support-info/250127vulnerability-response
- https://psirt.canon/advisory-information/cp2025-001/
- https://www.canon-europe.com/support/product-security/#news
Product: ThemeREX Addons
Active Installations: unknown
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13448
NVD References:
- https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687
Product: TeamViewer Clients
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0065
ISC Podcast: https://isc.sans.edu/podcastdetail/9300
NVD References: https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1001/
Product: Tandoor Recipes Jinja2
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23211
NVD References:
- https://github.com/TandoorRecipes/recipes/commit/e6087d5129cc9d0c24278948872377e66c2a2c20
- https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-r6rj-h75w-vj8v
- https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-r6rj-h75w-vj8v
Product: VMware Avi Load Balancer
CVSS Score: 8.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22217
ISC Podcast: https://isc.sans.edu/podcastdetail/9302
NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25346
Product: mySCADA myPRO
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-20014
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-20061
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-023-01
Product: Celk Saúde 3.1.252.1
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-48761
NVD References:
- https://github.com/gabriel-bri/vulnerability-research/tree/main/CVE-2024-48761
Product: Safety production process management system v1.0
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57395
NVD References:
- https://github.com/qtxz54/Vul/blob/main/WeakPasswd/Safety-production-process-management-system.md
Product: Deep Java Library (DJL)
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0851
NVD References:
- https://aws.amazon.com/security/security-bulletins/AWS-2025-003/
- https://github.com/deepjavalibrary/djl/security/advisories/GHSA-jcrp-x7w3-ffmg
Product: JFinalCMS Content
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57665
NVD References:
Product: Microsoft Azure AI Face Service
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-21415
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415
Product: UserPro Media Manager
Active Installations: unknown
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12822
NVD References:
- https://codecanyon.net/item/media-manager-for-userpro/8664618
Product: iControlWP
Active Installations: 1,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13742
NVD References:
Product: Microsoft Windows Server
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12248
NVD References:
- https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01
Product: Vendor Sierra Wireless AirLink ES450
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0680
NVD References:
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-030-02
Product: NVIDIA GPU Drivers
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-47891
NVD References: https://www.imaginationtech.com/gpu-driver-vulnerabilities/
Product: MultiVendorX The Ultimate WooCommerce Multivendor Marketplace Solution
Active Installations: 5,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0493
NVD References:
Product: TeamCal Neo
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0929
NVD References: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-teamcal-neo
Product: Qualisys C++ SDK
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-53320
NVD References: https://github.com/qualisys/qualisys_cpp_sdk/issues/47
Product: SSH Communication Security PrivX
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-47857
NVD References:
Product: OpenPanel v0.3.4
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-53584
NVD References:
- https://openpanel.com/docs/changelog/0.3.5/#%EF%B8%8F-security-fixes
Product: Macrozheng mall-tiny
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57432
NVD References: https://github.com/peccc/restful_vul/blob/main/mall_tiny_weak_jwt/mall_tiny_weak_jwt.md
Product: ZZCMS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22957
NVD References:
- https://github.com/youyouiooi/vulnerability-reports/blob/main/CVE-2025-22957/REANDE.md
Product: EasyVirt DCScope
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-53356
NVD References:
- https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53356.md
- https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53356.md
Product: EasyVirt DCScope
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-55062
NVD References:
- https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-55062.md
- https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-55062.md
Product: Dumb Drop file upload application
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24891
NVD References:
- https://github.com/DumbWareio/DumbDrop/commit/cb586316648ccbfb21d27b84e90d72ccead9819d
- https://github.com/DumbWareio/DumbDrop/security/advisories/GHSA-24f2-fv38-3274
Product: Mediatek NR16
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-20634
NVD References: https://corp.mediatek.com/product-security-bulletin/February-2025
Product: MagePeople Team Taxi Booking Manager for WooCommerce
Active Installations: 1,000+
CVSS Score: 9.8
Product: Microsoft Internet Explorer
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45569
NVD References: https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html
Product: Advantive VeraCore
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57968
NVD References:
- https://advantive.my.site.com/support/s/article/VeraCore-Release-Notes-2024-4-2-1
- https://intezer.com/blog/research/xe-group-exploiting-zero-days/
Product: Apache Software Foundation Apache Solr
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-52012
ISC Podcast: https://isc.sans.edu/podcastdetail/9298
NVD References:
- https://lists.apache.org/thread/yp39pgbv4vf1746pf5yblz84lv30vfxd
Webcast: SANS 2025 Threat Hunting Survey Webcast & Forum: Chasing Shadows - Advancements in Threat Hunting Amidst AI and Cloud Challenges | March 13, 10:30 am ET | Join SANS Principal Instructor Josh Lemon as he delves into results from the SANS 2025 Threat Hunting Survey. The 2025 survey analyzes how businesses enhance their threat detection capabilities amid an evolving threat landscape, characterized by increasingly sophisticated and rapid adversary tactics. Save your seat today!
Webcast: SANS 2025 Threat Hunting Survey Webcast & Forum: Chasing Shadows - Advancements in Threat Hunting Amidst AI and Cloud Challenges | March 13, 10:30 am ET | Join SANS Principal Instructor Josh Lemon as he delves into results from the SANS 2025 Threat Hunting Survey. The 2025 survey analyzes how businesses enhance their threat detection capabilities amid an evolving threat landscape, characterized by increasingly sophisticated and rapid adversary tactics. Save your seat today!
Webcast: February 25, 3:30 pm ET | Insights into Detection Engineering: Findings from a SANS and Anvilogic Survey | Join SANS Certified Instructor Terrence Williams and Anvilogic’s Kevin Gonzalez as they discuss insights from this survey, including effective detection types and the most popular tools and technologies used by detection engineers, the impact of AI on detection efforts, cloud architectures, automation in detection workflows, the integration of Detection Engineering with other operational areas, and much more!
Webcast | Empowering Responders with Automated Investigation, February 19, 1:00 ET | Join Megan Roddie-Fonseca and Lee Sult from Binalyze as they discuss how with the right tooling, analysts of all backgrounds can effectively handle incidents, reducing the response time by removing the need for frequent escalation.