Ehsaan Mavani talks about Alternate Data Streams (ADS) in diary entry “Alternate Data Streams ? Adversary Defense Evasion and Detection [Guest Diary]“. I’m taking this as an opportunity to remind you that Python tools on Windows and an NTFS disk, can access alternate data streams. Like my tool cut-bytes.py, here I use it to show…
# Exploit Title: Ingress-NGINX 4.11.0 – Remote Code Execution (RCE) # Google Dork: N/A # Date: 2025-06-19 # Exploit Author: Likhith Appalaneni # Vendor Homepage: https://kubernetes.github.io/ingress-nginx/ # Software Link: https://github.com/kubernetes/ingress-nginx # Version: ingress-nginx v4.11.0 on Kubernetes v1.29.0 (Minikube) # Tested on: Ubuntu 24.04, Minikube vLatest, Docker vLatest # CVE : CVE-2025-1974 1) Update the…
# Titles: Microsoft Excel LTSC 2024 – Remote Code Execution (RCE) # Author: nu11secur1ty # Date: 06/16/2025 # Vendor: Microsoft # Software: https://www.microsoft.com/en/microsoft-365/excel?market=af # Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 # CVE-2025-47957 # Versions: Microsoft Office LTSC 2024 , Microsoft Office LTSC 2021, Microsoft 365 Apps for Enterprise ## Description: The attacker can trick any user into…
#!/usr/bin/env python3 “”” # Exploit Title: FortiOS SSL-VPN 7.4.4 – Insufficient Session Expiration & Cookie Reuse # Date: 2025-06-15 # Exploit Author: Shahid Parvez Hakim (BugB Technologies) # Vendor Homepage: https://www.fortinet.com # Software Link: https://www.fortinet.com/products/secure-sd-wan/fortigate # Version: FortiOS 7.6.0, 7.4.0-7.4.7, 7.2.0-7.2.10, 7.0.x (all), 6.4.x (all) # Tested on: FortiOS 7.4.x, 7.2.x # CVE: CVE-2024-50562 #…
ISC Stormcast For Friday, June 20th, 2025 https://isc.sans.edu/podcastdetail/9498, (Fri, Jun 20th) Source link
As IT and security priorities converge under rising pressure, patch management is no longer just a hygiene activity but a strategic tool to eliminate the risk from exposed vulnerabilities. Since the last major release cycle, we’ve been expanding the Qualys Patch Management solution into a broader capability. These enhancements span the architecture, automation, and risk-based…
Qilin has quietly become one of the most active and impactful ransomware operations in the world today. If it’s not already on your threat radar, now is the time to take notice. This blog unpacks how Qilin operates, why it’s gaining traction across cybercriminal networks, and what steps security teams can take to get ahead…
Research by: Jaromír Hořejší (@JaromirHorejsi), Antonis Terefos (@Tera0017) Key Points Check Point Research discovered a multistage campaign targeting Minecraft users via the distribution as a service (DaaS) Stargazers Ghost Network, which operates on GitHub. The malware impersonates, among others, Oringo and Taunahi, which are “Scripts & Macro” tools (a.k.a cheats). The first-stage downloader and the second-stage…
[This is a Guest Diary by Matthew Paul, an ISC intern as part of the SANS.edu BACS program] Over the past few months, I’ve been working under a SANS Internet Storm Center (ISC) Sr. Handler as part of the SANS Degree Program ISC Internship. The first objective of the internship is setting up a forward-facing…
The Qualys Threat Research Unit (TRU) has discovered two linked local privilege escalation (LPE) flaws. The first (CVE-2025-6018) resides in the PAM configuration of openSUSE Leap 15 and SUSE Linux Enterprise 15. Using this vulnerability, an unprivileged local attacker—for example, via SSH—can elevate to the “allow_active” user and invoke polkit actions normally reserved for a physically present…
