Talk With an Expert

Internet Storm Center Tech Corner

YARA: Detect the Unexpected

https://isc.sans.edu/diary/YARA+Detect+The+Unexpected/29598

Python Infostealer Targeting Gamers

https://isc.sans.edu/diary/Python+Infostealer+Targeting+Gamers/29596

BB11 Distribution Qakbot (Qbot) activity

https://isc.sans.edu/diary/BB17+distribution+Qakbot+Qbot+activity/29592

SANS.edu Student Marco Gfeller: Lightweight Python-Based Malware Analysis Pipeline

https://www.sans.org/white-papers/lightweight-python-based-malware-analysis-pipeline/

Drone Security and the Mysterious Case of DJI's DroneID

https://github.com/RUB-SysSec/DroneSecurity

Booking.com OAuth Flaw

https://salt.security/blog/traveling-with-oauth-account-takeover-on-booking-com

DNS Abuse Techniques Matrix

https://www.first.org/global/sigs/dns/DNS-Abuse-Techniques-Matrix_v1.1.pdf

BlackLotus UEFI Bootkit

https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/

TCG TPM2.0 implementations vulnerable to memory corruption

https://kb.cert.org/vuls/id/782720

Aruba Vulnerability

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Cisco VoIP Phone WebUI RCE

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP

LastPass Incident Details

https://support.lastpass.com/help/incident-1-additional-details-of-the-attack

https://support.lastpass.com/help/incident-2-additional-details-of-the-attack

CISA Red Team Shares Key Findings

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-059a

Jailbreak Chat

https://www.jailbreakchat.com

View Older Issues

Catch up on recent editions of NewsBites or browse our full archive of expert-curated cybersecurity news.

Browse Archive