Tag: stormcast

security

SANS Stormcast Wednesday, July 15th, 2026: Microsoft Patches; New MSFT Priv Escalation; Progress ShareFile 0-Day; Grok Exfiltration

Microsoft Patch Tuesday July 2026 – The AI Acopolypse is Here https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20July%202026%20-%20The%20AI%20Acopolypse%20is%20Here%20/33154 LegacyHive : Windows user profile service arbitrary hive load elevation of privileges vulnerability https://git.projectnightcrawler.dev/NightmareEclipse/LegacyHive Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown https://www.bleepingcomputer.com/news/security/progress-confirms-sharefile-zero-day-flaw-behind-storage-zone-shutdown/ xAI/Grok Exfiltrating Data and Secrets https://cereblab.com My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Tuesday, July 14th, 2026: MCP/AI Related Scans; Improve Router Hygiene; OAuth Client ID Spoofing; Veeam Vuln;

Someone Is Scanning for Your MCP Servers and AI Assistant Credentials https://isc.sans.edu/diary/Someone%20Is%20Scanning%20for%20Your%20MCP%20Servers%20and%20AI%20Assistant%20Credentials/33150 Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting https://www.cisa.gov/news-events/cybersecurity-advisories/aa26-194a OAuth Client ID Spoofing https://www.proofpoint.com/us/blog/threat-insight/oauth-client-id-spoofing-why-fake-client-ids-are-gaining-traction-stealthy Vulnerability Resolved in Veeam Backup & Replication 12.3.2.4854 https://www.veeam.com/kb4869 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Monday, July 13th, 2026: Progress Sharefile Shutdown; U-Boot Vuln; More Nightmare Eclipse; Cisco AI Response

Progress Sharefile Emergency Shutdown Notice https://status.sharefile.com https://www.reddit.com/r/sysadmin/comments/1usohco/psa_shutdown_your_sharefile_storage_zone/ https://www.bleepingcomputer.com/news/security/progress-urges-sharefile-customers-to-shut-down-servers-over-credible-threat/ U-Boot Vulnerabilities https://www.binarly.io/blog/unfit-to-boot-breaking-u-boots-fit-signature-verification Nightmare Eclipse Releases Next Microsoft Defender Exploit https://blog.projectnightcrawler.dev/posts/2026-07-09-some-interesting-findings-in-windows-defender/ Cisco Increases Patch Cadence https://blogs.cisco.com/security/strengthening-the-foundation-a-predictable-customer-focused-response-to-ai-accelerated-vulnerability-discovery My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Friday, July 10th, 2026: Belarus Graffiti Bot @sans_edu; Discontinuing Mac OS Ext. FS; Chrome Update; Rogue Planet Patch

_HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary] https://isc.sans.edu/diary/_HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_%20%5BGuest%20Diary%5D/33130 Apple Discontinuing Support for Encrypted Mac OS Extended disks in macOS 28 https://support.apple.com/en-us/125615 Google Chrome Update https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html Microsoft Patches Rogue Planet Vulnerability CVE-2026-50656 https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2026-50656/ My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →