Archiv für Januar 2026

📄
security

SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep

von ISC Stormcast

A phishing campaign with QR codes rendered using an HTML table Phishing emails are bypassing filters by encoding QR codes as HTML tables. https://isc.sans.edu/diary/A%20phishing%20campaign%20with%20QR%20codes%20rendered%20using%20an%20HTML%20table/32606 n8n vulnerabilities In recent days, several new n8n vulnerabilities were disclosed. Ensure that you update any on-premises installations and carefully consider what to use n8n for. https://www.cyera.com/research-labs/ni8mare-unauthenticated-remote-code-execution-in-n8n-cve-2026-21858 https://github.com/n8n-io/n8n/security/advisories/GHSA-v4pr-fm98-w9pg Power bank feature […]

Mehr lesen →
📄
security

SANS Stormcast Wednesday, January 7th, 2026: Tailsnitch Review; D-Link DSL EoL Vuln; TOTOLINK Unpatched Vuln

von ISC Stormcast

Tool Review: Tailsnitch Tailsnitch is a tool to audit your Tailscale configuration. It does a comprehensive analysis of your configuration and suggests (or even applies) fixes. https://isc.sans.edu/diary/Tool%20Review%3A%20Tailsnitch/32602 D-Link DSL Command Injection via DNS Configuration Endpoint A new vulnerability in very old D-Link DSL modems is currently being exploited. https://www.vulncheck.com/advisories/dlink-dsl-command-injection-via-dns-configuration-endpoint TOTOLINK EX200 firmware-upload error handling can […]

Mehr lesen →
📄
pinball

STERN OF THE UNION ADDRESS – JANUARY 2026

The Stern of the Union Address, your monthly resource for news, information and highlights on all things Stern Pinball. Without further ado my fellow pinheads: The Walking Dead Remastered: Bring […] The post STERN OF THE UNION ADDRESS – JANUARY 2026 first appeared on Stern Pinball.

Mehr lesen →
📄
gaming

8BitDo Reveals Ultimate 3E Modular Controller For Xbox And PC

von Gamespot

8BitDo unveiled the next generation of its flagship Ultimate controller series at CES 2026–and it now makes sense why the manufacturer hasn’t released an Xbox version of the Ultimate 2. Officially licensed by Xbox, the 8BitDo Ultimate 3E is a wireless modular controller for Xbox Series X|S, Xbox One, PC, Apple devices, and Android. The […]

Mehr lesen →
📄
security

SANS Stormcast Tuesday, January 6th, 2026: IPKVM Risks; Tailsnitch; Net-SNMP Vuln;

von ISC Stormcast

Risks of OOB Access via IP KVM Devices Recently, cheap IP KVMs have become popular. But their deployment needs to be secured. https://isc.sans.edu/diary/Risks%20of%20OOB%20Access%20via%20IP%20KVM%20Devices/32598 Tailsnitch Tailsnitch is a tool to review your Tailscale configuration for vulnerabilities https://github.com/Adversis/tailsnitch Net-SNMP snmptrapd vulnerability A new vulnerability in snmptrapd may lead to remote code execution https://github.com/net-snmp/net-snmp/security/advisories/GHSA-4389-rwqf-q9gq

Mehr lesen →
📄
security

SANS Stormcast Monday, January 5th, 2026: MongoBleed/React2Shell Recap; Crypto Scams; DNS Stats; Old Fortinet Vulns

von ISC Stormcast

Cryptocurrency Scam Emails and Web Pages As We Enter 2026 Scam emails are directing victims to confidence scams attempting to steal cryptocurrencies. https://isc.sans.edu/diary/Cryptocurrency%20Scam%20Emails%20and%20Web%20Pages%20As%20We%20Enter%202026/32594 Debugging DNS response times with tshark tshark is a powerful tool to debug DNS timing issues. https://isc.sans.edu/diary/Debugging+DNS+response+times+with+tshark/32592/ Old Fortinet Devices Have not been updated Over 10,000 Fortinet devices are still vulnerable to […]

Mehr lesen →