Talk With an Expert

Internet Storm Center Tech Corner

INTERNET STORM CENTER TECH CORNER

Wireshark 4.4: Converting Display Filters to BPF Capture Filters

https://isc.sans.edu/diary/Wireshark+44+Converting+Display+Filters+to+BPF+Capture+Filters/31224

Protected OOXML Text Documents

https://isc.sans.edu/diary/Protected+OOXML+Text+Documents/31078

Scans for Moodle Learning Platform Following Recent Update

https://isc.sans.edu/diary/Scans+for+Moodle+Learning+Platform+Following+Recent+Update/31230

Enrichment Data: Keeping it Fresh

https://isc.sans.edu/diary/Enrichment+Data+Keeping+it+Fresh/31236

Veeam Update

https://www.veeam.com/kb4649

New OFBiz Vulnerabilities

https://www.rapid7.com/blog/post/2024/09/05/cve-2024-45195-apache-ofbiz-unauthenticated-remote-code-execution-fixed/

Cisco Smart License Manager Patches

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw

PyPi Revival HiJack

https://jfrog.com/blog/revival-hijack-pypi-hijack-technique-exploited-22k-packages-at-risk/

Android Updates

https://source.android.com/docs/security/bulletin/2024-09-01

Mediatec WAPPD PoC Exploit

https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html#wrapping-up

Sextortion E-Mails with Photos

https://krebsonsecurity.com/2024/09/sextortion-scams-now-include-photos-of-your-home/

Zyxel OS Command Injection Vulnerability

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024

D-Link DIR-846W Unpatched RCE Vulnerabilities

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10411

VMWare Privilege Escalation Vulnerability CVe-2024-38811

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24939

YubiKey Sidechannel Attack

https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf

https://www.yubico.com/support/security-advisories/ysa-2024-03/

GitHub Comments Used to Spread Malware

https://www.reddit.com/r/Malware/comments/1f2n1h4/comment/lkbi5gi/

Voldemort Malware Curses Orgs Using Global Tax Authorities

https://www.darkreading.com/threat-intelligence/voldemort-malware-curses-orgs-global-tax-authorities

Analysis of CVE-2024-43044 From file read to RCE in Jenkins through agents

https://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/

View Older Issues

Catch up on recent editions of NewsBites or browse our full archive of expert-curated cybersecurity news.

Browse Archive