Tag: stormcast

security

SANS Stormcast Wednesday, July 8th, 2026: Odd DNS; AnyDesk Phishing; Tenda Backdoor; GitLost

More Odd DNS Records: NIMLOC https://isc.sans.edu/diary/More%20Odd%20DNS%20Records%3A%20NIMLOC/33128 From Invoice to AnyDesk: Uncovering a Phishing Campaign Targeting Russian Aerospace Organizations https://www.seqrite.com/blog/from-invoice-to-anydesk-uncovering-a-phishing-campaign-targeting-russian-aerospace-organizations/ Tenda firmware (multiple versions) contains hidden authentication backdoor https://kb.cert.org/vuls/id/213560 GitLost: GitHub AI Agent Leak https://noma.security/wp-content/uploads/GitLostWorkflow_2.gif My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Tuesday, July 7th, 2026: RCS and DNS; OpenSSH Update; Beyond Trust Advisory; PolinRider Update

RCS and DNS: The NAPTR Record https://isc.sans.edu/diary/RCS%20and%20DNS%3A%20The%20NAPTR%20Record/33124 OpenSSH 10.4 released https://seclists.org/oss-sec/2026/q3/62 Beyond Trust Advisory CVE-2026-40138 CVE-2026-40139 https://www.beyondtrust.com/trust-center/security-advisories/bt26-03 PolinRider: North Korea-Linked Supply Chain Campaign https://socket.dev/blog/polinrider-north-korea-linked-supply-chain-campaign-expands My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Monday, July 6th, 2026: Apple Patch Policy; FatFS Vulns; OpenWRT; Multi-Agent Offensive AI;

Apple Updated Patch Policy https://www.reuters.com/business/apple-says-it-is-releasing-updates-early-response-ai-cybersecurity-concerns-2026-06-29/ T3MP3ST multi-agent offensive-security framework https://github.com/elder-plinius/T3MP3ST Seven FatFs bugs, one very large blast radius https://www.runzero.com/blog/fatfs-bugs/ OpenWRT Releases v25.12.5 https://github.com/openwrt/openwrt/releases My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Thursday, July 2nd, 2026: MetaMask Phishing; Adobe Patches; Google Chrome Patches; Apple Hide-My-Email Vuln

Why Ask Credentials If There Are Secret Codes? https://isc.sans.edu/diary/Why%20Ask%20Credentials%20If%20There%20Are%20Secret%20Codes%3F/33118 Adobe Patches and Updated Patch Release Policy https://helpx.adobe.com/security/Home.html https://blog.adobe.com/security/protecting-customers-faster-how-adobe-is-responding-to-ai-accelerated-vulnerability-discovery Google Chrome Update (link had issues loading while recording) https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html Apple Hide My Email Vulnerability https://www.404media.co/apple-hide-my-email-vulnerability-reveals-peoples-real-email-addresses/ My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Wednesday, July 1st, 2026: Apple Patches; SimpleHelp Exploit; Git DNS Tricks;

June 2026 Apple Updates https://isc.sans.edu/diary/June%202026%20Apple%20Updates/33114 SimpleHelp Exploit used to reply TaskWeaver https://blackpointcyber.com/blog/a-djinn-in-the-machine-taskweavers-node-js-intrusion-chain/ DNS Tricks to Load Malware into Cloned Repository https://0din.ai/blog/clone-this-repo-and-i-own-your-machine My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →