Tag: tuesday

security

SANS Stormcast Tuesday, June 30th, 2026: Favicon Recon Automation; Targeting Messaging; Gemini CLI vuln; IPv6 Frag Escape

Adding some Automation to the favicon.ico method of Host Recon https://isc.sans.edu/diary/Adding%20some%20Automation%20to%20the%20favicon.ico%20method%20of%20Host%20Recon/33110 Russian Intelligence Services Continue to Target Commercial Messaging Applications https://www.ic3.gov/PSA/2026/PSA260626 Google Gemini CLI Vulnerability CVE-2026-12537 https://github.com/advisories/GHSA-jj69-4grx-fqj5 IPv6 Frag Escape https://github.com/sgkdev/ipv6_frag_escape My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Thursday, June 18th, 2026: QUIC Challenge; Android 17; Oracle CSPU; JetBrains Plugins;

The browser blind spot: Why your security tool may not be blocking what you think it is [Guest Diary] https://isc.sans.edu/diary/The%20browser%20blind%20spot%3A%20Why%20your%20security%20tool%20may%20not%20be%20blocking%20what%20you%20think%20it%20is%20%5BGuest%20Diary%5D/33084 Android 17 Security Patches https://source.android.com/docs/security/bulletin/android-17 Oracle Critical Security Patch Update Advisory – June 2026 https://www.oracle.com/security-alerts/cspujun2026.html Multiple JetBrains IDE plugins caught stealing AI keys https://www.aikido.dev/blog/multiple-jetbrains-ide-plugins-caught-stealing-ai-keys My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Tuesday, June 16th, 2026: BASE64 Statistics; Cisco SD-WAN Exploited; AMD TSME Disabled; Poisoning Deep Research Agents

Evil MSI Background: BASE64 Statistical Analysis https://isc.sans.edu/diary/Evil%20MSI%20Background%3A%20BASE64%20Statistical%20Analysis/33072 Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ TSME/SME not activating on Ryzen 7 9700X https://github.com/AMDESE/AMDSEV/issues/292 Deep-Research Agents Can Be Poisoned via User-Generated Content https://arxiv.org/pdf/2605.24245 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →