Talk With an Expert

Internet Storm Center Tech Corner

Wireshark Updates

https://isc.sans.edu/diary/Wireshark+updates/30528

Interesting large and small malspam attachments from 2023

https://isc.sans.edu/diary/Interesting+large+and+small+malspam+attachments+from+2023/30524

Fingerprinting SSH Identification Strings

https://isc.sans.edu/diary/Fingerprinting+SSH+Identification+Strings/30520

Shall We Play a Game?

https://isc.sans.edu/diary/Shall+We+Play+a+Game/30510

Mailtrap.io Exfiltration

https://isc.sans.edu/diary/Python+Keylogger+Using+Mailtrapio/30512

Pi Hole Docker

https://isc.sans.edu/diary/PiHole+Pi4+Docker+Deployment/30516

Mirai Update

https://isc.sans.edu/diary/Unveiling+the+Mirai+Insights+into+Recent+DShield+Honeypot+Activity+Guest+Diary/30514

Android Updates

https://source.android.com/docs/security/bulletin/2024-01-01

Apple iOS PoC Exploits

https://github.com/felix-pb/kfd/blob/main/writeups/smith.md

https://github.com/felix-pb/kfd/blob/main/writeups/landa.md

Ivanti Critical Vulnerability

https://forums.ivanti.com/s/article/SA-2023-12-19-CVE-2023-39336?language=en_US

Malicious PyPi Packages

https://www.fortinet.com/blog/threat-research/malicious-pypi-packages-deploy-coinminer-on-linux-devices

Everything npm package

https://www.bleepingcomputer.com/news/security/everything-blocks-devs-from-removing-their-own-npm-packages/

Orange Spain RIPE Account Compromise

https://www.bleepingcomputer.com/news/security/hacker-hijacks-orange-spain-ripe-account-to-cause-bgp-havoc/

Bitwarden Heist

https://blog.redteam-pentesting.de/2024/bitwarden-heist/

Google OAUTH2 Exploited by Malware

https://www.cloudsek.com/blog/compromising-google-accounts-malwares-exploiting-undocumented-oauth2-functionality-for-session-hijacking

TsuKing DNS Amplification

https://lixiang521.com/publication/ccs23/ccs23-xu-tsuking.pdf

Barracuda 0-Day Vulnerability

https://www.barracuda.com/company/legal/esg-vulnerability

Apache OFBiz 0-Day Exploited against Atlassian (and possibly others)

https://blog.sonicwall.com/en-us/2023/12/sonicwall-discovers-critical-apache-ofbiz-zero-day-authbiz/

View Older Issues

Catch up on recent editions of NewsBites or browse our full archive of expert-curated cybersecurity news.

Browse Archive