Archiv für Januar 2026

📄
security

SANS Stormcast Thursday, January 22nd, 2026: Visual Studio Code Scripts; Cisco Unified Comm and Zoom Vuln; Insufficient Fortinet Patch; SANS SOC Survey

von ISC Stormcast

Automatic Script Execution In Visual Studio Code Visual Studio Code will read configuration files within the source code that may lead to code execution. https://isc.sans.edu/diary/Automatic%20Script%20Execution%20In%20Visual%20Studio%20Code/32644 Cisco Unified Communications Products Remote Code Execution Vulnerability A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications […]

Mehr lesen →
📄
pinball

Staffing and Organizational Announcement

von ifpapinball

We would like to provide the community with an update to our mission statement and organization structure. We have revised our mission statement, making it more simplified and focused: To steward the

Mehr lesen →
📄
pinball

2025-26 NACS Media Madness

von ifpapinball

Too many media pieces coming in to list them separately. Click below to read/watch/listen the following: Michigan’s best pinballers compete for top honors IFPA Women’s State Pinball Finals hea

Mehr lesen →
📄
security

SANS Stormcast Wednesday, January 21st, 2026: Punycode Hunting; telnetd vuln; 6 day Certs and IP Certs; Oracle Patches

von ISC Stormcast

Add Punycode to your Threat Hunting Routine Punycode patterns in DNS queries make excellent hunting opportunities. https://isc.sans.edu/diary/Add%20Punycode%20to%20your%20Threat%20Hunting%20Routine/32640 GNU InetUtils Security Advisory: remote authentication by-pass intelnetd telnetd shipping with InetUtils suffers from a critical authentication by-pass vulnerability. https://www.openwall.com/lists/oss-security/2026/01/20/2 6-day and IP Address Certificates are Generally Available Let s Encrypt will now offer 6-day certificates as an […]

Mehr lesen →
📄
security

SANS Stormcast Tuesday, January 20th, 2026: Scans Against LLMs; NTLM Rainbow Table; OOB MSFT Patch

von ISC Stormcast

„How many states are there in the United States?“ Attackers are actively scanning for LLMs, fingerprinting them using the query How many states are there in the United States? . https://isc.sans.edu/diary/%22How%20many%20states%20are%20there%20in%20the%20United%20States%3F%22/32618 Closing the Door on Net-NTLMv1: Releasing Rainbow Tables to Accelerate Protocol Deprecation Mandiant is publicly releasing a comprehensive dataset of Net-NTLMv1 rainbow tables to […]

Mehr lesen →
📄
security

SANS Stormcast Friday, January 16th, 2026: Cryptojacking Hidden Gifts; Bluetooth Vulnerability; Reprompt in MSFT Copilot

von ISC Stormcast

Battling Cryptojacking, Botnets, and IABs Cryptojacking often comes with less obvious addons, like SSH backdoors https://isc.sans.edu/diary/Battling%20Cryptojacking%2C%20Botnets%2C%20and%20IABs%20%5BGuest%20Diary%5D/32632 Microsoft Copilot Reprompt Attacks Adding a query parameter to the URL may prefill a Copilot prompt, altering the meaning of the prompts that follow. https://www.varonis.com/blog/reprompt Hijacking Bluetooth Accessories Using Google Fast Pair Google s fast pair protocol is often […]

Mehr lesen →