ISC Stormcast For Tuesday, October 7th, 2025 https://isc.sans.edu/podcastdetail/9644
ISC Stormcast For Tuesday, October 7th, 2025 https://isc.sans.edu/podcastdetail/9644, (Tue, Oct 7th) Source link
Hacking
Read More
Arti 1.6.0 released: Circuit padding, side-channel attack mitigations, OpenTelemetry, and more.
Arti is our ongoing project to create a next-generation Tor implementation in Rust. We’re happy to announce the latest release, Arti 1.6.0. Arti 1.6.0 brings experimental support for circuit padding, mitigations for DropMark side channel attacks, improvements to congestion control, a new arti keys check-integrity command, and experimental support for exporting debugging information via OpenTelemetry….
How to Prevent NPM Supply Chain Attacks in CI/CD Pipelines with Container Security
Introduction Containerized applications power the backbone of modern software delivery. But with speed comes risk. Vulnerabilities and embedded secrets can slip through the cracks long before they hit production. The result? Alert fatigue, noisy false positives, and critical exposures that disrupt sprints and delay releases. That’s why Qualys is introducing a new Pipeline Integration capability…
6th October – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 6th October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Red Hat has confirmed a cyber attack that resulted in unauthorized access to one of its GitLab instances. The attackers, Crimson Collective, claim to have stolen approximately 570GB of compressed data. The…
SANS.edu Internet Storm Center – SANS Internet Storm Center
ISC Stormcast For Monday, October 6th, 2025 https://isc.sans.edu/podcastdetail/9642, (Mon, Oct 6th) Source link
Quick and Dirty Analysis of Possible Oracle E-Business Suite Exploit Script (CVE-2025-61882)
This weekend, Oracle published a surprise security bulletin announcing an exploited vulnerability in Oracle E-Business Suite. As part of the announcement, which also included a patch, Oracle published IoC observed as part of the incident response [1]. One script I found interesting is what Oracle calls “exp.py”. Here is a quick analysis of the HTTP…
ISC Stormcast For Friday, October 3rd, 2025 https://isc.sans.edu/podcastdetail/9640
ISC Stormcast For Friday, October 3rd, 2025 https://isc.sans.edu/podcastdetail/9640, (Fri, Oct 3rd) Source link
More .well-known Scans – SANS Internet Storm Center
I have been writing about the “.well-known” directory a few times before. Recently, about attackers hiding webshells [1], and before that, about the purpose of the directory and why you should set up a “/.well-known/security.txt” file. But I noticed something else when I looked at today’s logs on this web server. Sometimes you do not…
ISC Stormcast For Thursday, October 2nd, 2025 https://isc.sans.edu/podcastdetail/9638
ISC Stormcast For Thursday, October 2nd, 2025 https://isc.sans.edu/podcastdetail/9638, (Thu, Oct 2nd) Source link
Rhadamanthys 0.9.x – walk through the updates
Research by: hasherezade Rhadamanthys is a popular, multi-modular stealer, released in 2022. Since then, it has been used in multiple campaigns by various actors. Most recently, it is being observed in the ClickFix campaigns. The latest version, 0.9.2, comes with significant updates that may impact detection and enforce updates to tools used by researchers. Check Point…