Talk With an Expert

Internet Storm Center Tech Corner

Live Linux IR with UAC

https://isc.sans.edu/diary/Live+Linux+IR+with+UAC/29480

First Malicious OneNote Document

https://isc.sans.edu/diary/A+First+Malicious+OneNote+Document/29470

Apple Patch Summary

https://isc.sans.edu/diary/Apple+Updates+almost+Everything+Patch+Overview/29472

Bitwarden Phishing

https://community.bitwarden.com/t/phishing-website-bitwardenlogin-com/49704

https://www.reddit.com/r/Bitwarden/comments/10k2aj5/google_search_ads_showing_fake_bitwarden_web/

BitWarden Server Side Iterations

https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/

Guidance for Securing Remote Monitoring and Management Software

https://media.defense.gov/2023/Jan/25/2003149873/-1/-1/0/JOINT_CSA_RMM.PDF

PY#RATION Attack Campaign Leverages Fernet Encryption and Websockets

https://www.securonix.com/blog/security-advisory-python-based-pyration-attack-campaign/

Skyhigh Security Secure Web Gateway: XSS in Single Sign On Plugin

https://www.redteam-pentesting.de/en/advisories/rt-sa-2022-002/-skyhigh-security-secure-web-gateway-cross-site-scripting-in-single-sign-on-plugin

Windows Crypto API Vuln PoC

https://github.com/akamai/akamai-security-research/tree/main/PoCs/CVE-2022-34689

ManageEngine News

https://github.com/vonahisec/CVE-2022-47966-Scan

BIND Patches

https://kb.isc.org/docs/cve-2022-3094

Microsoft Blocking XLL Files Downloaded From Internet

https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=115485

Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts

https://www.darkreading.com/cloud/microsoft-azure-kerberos-attacks-open-cloud-accounts

Lexmark Vulnerabilities

https://publications.lexmark.com/publications/security-alerts/CVE-2023-23560.pdf

VMware VRealize Update

https://www.vmware.com/security/advisories/VMSA-2023-0001.html

KSMBD Vulnerability

https://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow/

Packet Tuesday: Neighbor Advertisements

https://www.youtube.com/watch?v=CoaZjuuY1do

View Older Issues

Catch up on recent editions of NewsBites or browse our full archive of expert-curated cybersecurity news.

Browse Archive