SANS ISC

Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)

CISA, Cisco, Don't miss, expl, Hot stuff, News, SANS ISC, vulnerability /

Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) 2025-04-03 at 16:15 By Zeljka Zorz CVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, is being exploited by attackers in the wild, CISA has confirmed on Monday by adding the flaw to its Known Exploited Vulnerabilities catalog. Cisco has followed up […]

React to this headline:

Loading spinner

Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) Read More »

Update: Worldwide IT outage due to buggy Crowdstrike update

BH Consulting, Brian Honan, CrowdStrike, cyber resilience, disruption, Don't miss, ESET, Hot stuff, Hunter Strategy, News, Performanta, SANS ISC, Windows /

Update: Worldwide IT outage due to buggy Crowdstrike update 2024-07-19 at 19:46 By Zeljka Zorz The world is 16+ hours into what looks like the biggest IT outage in history, triggered by a defective update for Crowdstrike endpoint security software for Windows machines. The price of both Crowdstrike’s and Microsoft’s shares tumbled down as a

React to this headline:

Loading spinner

Update: Worldwide IT outage due to buggy Crowdstrike update Read More »

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)

Don't miss, endpoint management, Fortinet, Horizon3.ai, Hot stuff, News, PoC, SANS ISC, vulnerability /

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) 2024-03-14 at 16:36 By Zeljka Zorz A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of many: Horizon3’s Attack Team means to publish technical details and a proof-of-concept exploit for it next week, and

React to this headline:

Loading spinner

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) Read More »

Critical ownCloud flaw under attack (CVE-2023-49103)

Don't miss, GreyNoise, Hot stuff, News, ownCloud, SANS ISC, vulnerability /

Critical ownCloud flaw under attack (CVE-2023-49103) 28/11/2023 at 14:17 By Zeljka Zorz Attackers are trying to exploit a critical information disclosure vulnerability (CVE-2023-49103) in ownCloud, a popular file sharing and collaboration platform used in enterprise settings. Greynoise and SANS ISC say attemps have been first spotted over the weekend, though Dr. Johannes Ullrich, Dean of

React to this headline:

Loading spinner

Critical ownCloud flaw under attack (CVE-2023-49103) Read More »

New twist on ZeroFont phishing technique spotted in the wild

Don't miss, email security, Hot stuff, News, Outlook, phishing, SANS ISC /

New twist on ZeroFont phishing technique spotted in the wild 27/09/2023 at 15:47 By Helga Labus Cybercriminals are leveraging the ZeroFont technique to trick users into trusting phishing emails, SANS ISC handler Jan Kopriva has warned. The ZeroFont phishing attack Documented and named by Avanan in 2018, the ZeroFont technique involves using text written in

React to this headline:

Loading spinner

New twist on ZeroFont phishing technique spotted in the wild Read More »

Someone is roping Apache NiFi servers into a cryptomining botnet

Apache Nifi, cryptojacking, Don't miss, Hot stuff, News, SANS ISC /

Someone is roping Apache NiFi servers into a cryptomining botnet 31/05/2023 at 16:51 By Zeljka Zorz If you’re running an Apache NiFi instance exposed on the internet and you have not secured access to it, the underlying host may already be covertly cryptomining on someone else’s behalf. The attack Indicators of the ongoing campaign were

React to this headline:

Loading spinner

Someone is roping Apache NiFi servers into a cryptomining botnet Read More »

Scroll to Top