Archiv für Februar 2026

📄
security

SANS Stormcast Monday, February 2nd, 2026: Google Presentation Abuse; Ivanti Vuln Exploited; Microsoft NTLM Strategy

von ISC Stormcast

Google Presentation Abuse https://isc.sans.edu/diary/Google+Presentations+Abused+for+Phishing/32668/ Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US Microsoft NTLM Strategy https://techcommunity.microsoft.com/blog/windows-itpro-blog/advancing-windows-security-disabling-ntlm-by-default/4489526

Mehr lesen →
📄
pinball

FLIPPER FRIENDS™: ALL-LEGENDS TOURNAMENT SERIES | SEASON 1: WEEK 13

sponsored blog post  Legends players, it’s tournament time! Wrap up the season with frozen adventures, wild circus fun, and international pinball flair! Compete together on your Legends 4K™, HDP™, or HD device and make one last push up the leaderboard. This Week’s Tables:  Polar Expedition – included in Natural History Pinball Pack 2  Clown Deluxe […]

Mehr lesen →
📄
security

SANS Stormcast Friday, January 30th, 2026: Residential Proxy Networks; Clowdbot/Moltbot Themed Malware; eScan Malicious Updates

von ISC Stormcast

No Place Like Home Network: Disrupting the World’s Largest Residential Proxy Network Google dismantled the IPIDEA network that used residential proxies to route malicious traffic. https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network Fake Clawdbot VS Code Extension Installs ScreenConnect RAT The news about Clawdbot (now Moltbot) is used to distribute malware, in particular malicious VS Code extensions. https://www.aikido.dev/blog/fake-clawdbot-vscode-extension-malware Threat Bulletin: Critical […]

Mehr lesen →
📄
security

SANS Stormcast Thursday, January 29th, 2026: WebLogic AI Slop; Fortinet Patches; WebLogic AI Slop; Fortinet Patches

von ISC Stormcast

Odd WebLogic Request. Possible CVE-2026-Adresse geschuetztAttempt or AI Slop? We are seeing attempts to attack CVE-2026-21962, a recent weblog vulnerability, using a non-working AI slop exploit https://isc.sans.edu/diary/Odd%20WebLogic%20Request.%20Possible%20CVE-2026-21962%20Exploit%20Attempt%20or%20AI%20Slop%3F/32662 Fortinet Patches are Rolling Out Fortinet is starting to roll out patches for the recent SSO vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-060 SolarWinds Web Helpdesk Vulnerability Another set of vulnerabilities in SolarWinds […]

Mehr lesen →
📄
security

SANS Stormcast Wednesday, January 28th, 2026: Romance Scams; DoS Vuln in React Server Components; OpenSSL Patch; Kubernetes Priv Confusion

von ISC Stormcast

Initial Stages of Romance Scams [Guest Diary] Romance scams often start with random text messages that appear to be misrouted . This guest diary by Faris Azhari is following some of the initial stages of such a scam. https://isc.sans.edu/diary/Initial%20Stages%20of%20Romance%20Scams%20%5BGuest%20Diary%5D/32650 Denial of Service Vulnerabilities in React Server Components Another folowup fix for the severe React vulnerability […]

Mehr lesen →