Talk With an Expert

Internet Storm Center Tech Corner

Scanning Activity from Subnet 15.184.0.0/16.

https://isc.sans.edu/diary/Scanning+Activity+from+Subnet+151840016/31362

The Top 10 Not So Common SSH Usernames and Passwords

https://isc.sans.edu/diary/The+Top+10+Not+So+Common+SSH+Usernames+and+Passwords/31360

Angular-base64-upload Demo Script Exploited

https://isc.sans.edu/diary/Angularbase64update+Demo+Script+Exploited+CVE202442640/31354

Gatekeeper Bypass

https://unit42.paloaltonetworks.com/gatekeeper-bypass-macos/

Oracle Critical Patch Update

https://www.oracle.com/security-alerts/cpuoct2024.html

Cisco ATA 190 Series Analog Telephone Adapter Firmware Vulnerabilities

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multi-RDTEqRsy

SAP Vulnerability

https://redrays.io/blog/poc-sap-note-3433192-code-injection-vulnerability-in-sap-netweaver-as-java/

Dept. of Commerce Sites Advertising Medication

https://x.com/tliston/status/1833542884047654984

CISA Product Security Bad Practices

https://www.cisa.gov/resources-tools/resources/product-security-bad-practices

Kubernetes Image Builder Vulnerability CVE-2024-9486 CVE-2024-9594

https://discuss.kubernetes.io/t/security-advisory-cve-2024-9486-and-cve-2024-9594-vm-images-built-with-kubernetes-image-builder-use-default-credentials/30119

SolarWinds Hardcoded Password Exploited CVE-2024-28987

https://www.bleepingcomputer.com/news/security/solarwinds-web-help-desk-flaw-is-now-exploited-in-attacks/

Bypassing noexec and executing arbitrary binaries

https://iq.thc.org/bypassing-noexec-and-executing-arbitrary-binaries

Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage

https://www.theregister.com/2024/10/14/china_quantum_attack/

EDRSilencer

https://github.com/netero1010/EDRSilencer

Synchronizing Passkeys

https://fidoalliance.org/specifications-credential-exchange-specifications/

View Older Issues

Catch up on recent editions of NewsBites or browse our full archive of expert-curated cybersecurity news.

Browse Archive