Tag: wednesday

security

SANS Stormcast Wednesday, July 15th, 2026: Microsoft Patches; New MSFT Priv Escalation; Progress ShareFile 0-Day; Grok Exfiltration

Microsoft Patch Tuesday July 2026 – The AI Acopolypse is Here https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20July%202026%20-%20The%20AI%20Acopolypse%20is%20Here%20/33154 LegacyHive : Windows user profile service arbitrary hive load elevation of privileges vulnerability https://git.projectnightcrawler.dev/NightmareEclipse/LegacyHive Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown https://www.bleepingcomputer.com/news/security/progress-confirms-sharefile-zero-day-flaw-behind-storage-zone-shutdown/ xAI/Grok Exfiltrating Data and Secrets https://cereblab.com My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Wednesday, July 8th, 2026: Odd DNS; AnyDesk Phishing; Tenda Backdoor; GitLost

More Odd DNS Records: NIMLOC https://isc.sans.edu/diary/More%20Odd%20DNS%20Records%3A%20NIMLOC/33128 From Invoice to AnyDesk: Uncovering a Phishing Campaign Targeting Russian Aerospace Organizations https://www.seqrite.com/blog/from-invoice-to-anydesk-uncovering-a-phishing-campaign-targeting-russian-aerospace-organizations/ Tenda firmware (multiple versions) contains hidden authentication backdoor https://kb.cert.org/vuls/id/213560 GitLost: GitHub AI Agent Leak https://noma.security/wp-content/uploads/GitLostWorkflow_2.gif My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Wednesday, July 1st, 2026: Apple Patches; SimpleHelp Exploit; Git DNS Tricks;

June 2026 Apple Updates https://isc.sans.edu/diary/June%202026%20Apple%20Updates/33114 SimpleHelp Exploit used to reply TaskWeaver https://blackpointcyber.com/blog/a-djinn-in-the-machine-taskweavers-node-js-intrusion-chain/ DNS Tricks to Load Malware into Cloned Repository https://0din.ai/blog/clone-this-repo-and-i-own-your-machine My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

SANS Stormcast Wednesday, June 24th, 2026: Patching vs. Configurations Updates; libssh2 and ffmpeg vuln;

CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration. https://isc.sans.edu/diary/CVE-2024-40766%3A%20The%20Patch%20Fixed%20the%20Bug.%20Nobody%20Fixed%20the%20Configuration./33094 libssh2 – Out-of-Bounds Write via Unchecked packet_length in transport.c https://www.vulncheck.com/advisories/libssh2-out-of-bounds-write-via-unchecked-packet-length-in-transport-c PixelSmash Critical FFmpeg Vulnerability Turns Media Files into Weapons https://jfrog.com/blog/pixelsmash-critical-ffmpeg-vulnerability-turns-media-files-into-weapons/ My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →