We have collected SSH and telnet honeypot data in various forms for about 10 years. Yesterday’s diaries, and looking at some new usernames attempted earlier today, made me wonder if botnets just add new usernames or remove old ones from their lists. So I pulled some data from our database to test this hypothesis. I…
Tor Browser 14.5.4 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. Full changelog The full changelog…
ISC Stormcast For Tuesday, June 24th, 2025 https://isc.sans.edu/podcastdetail/9502, (Tue, Jun 24th) Source link
Ichano’s “AtHome Camera” is a bit of a different approach to home surveillance cameras [1]. Instead of a hardware camera solution, this product is a software solution that turns existing devices like computers and tablets into webcams. The software implements features we know from similar IP camera devices. It enabled streaming of images and remote…
For the latest discoveries in cyber research for the week of 23rd June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Scania, a Swedish manufacturer of heavy trucks and engines, has suffered a data breach that resulted in the theft of insurance claim documents from its Financial Services systems via compromised credentials of…
ISC Stormcast For Monday, June 23rd, 2025 https://isc.sans.edu/podcastdetail/9500, (Mon, Jun 23rd) Source link
Ehsaan Mavani talks about Alternate Data Streams (ADS) in diary entry “Alternate Data Streams ? Adversary Defense Evasion and Detection [Guest Diary]“. I’m taking this as an opportunity to remind you that Python tools on Windows and an NTFS disk, can access alternate data streams. Like my tool cut-bytes.py, here I use it to show…
# Exploit Title: Ingress-NGINX 4.11.0 – Remote Code Execution (RCE) # Google Dork: N/A # Date: 2025-06-19 # Exploit Author: Likhith Appalaneni # Vendor Homepage: https://kubernetes.github.io/ingress-nginx/ # Software Link: https://github.com/kubernetes/ingress-nginx # Version: ingress-nginx v4.11.0 on Kubernetes v1.29.0 (Minikube) # Tested on: Ubuntu 24.04, Minikube vLatest, Docker vLatest # CVE : CVE-2025-1974 1) Update the…
# Titles: Microsoft Excel LTSC 2024 – Remote Code Execution (RCE) # Author: nu11secur1ty # Date: 06/16/2025 # Vendor: Microsoft # Software: https://www.microsoft.com/en/microsoft-365/excel?market=af # Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 # CVE-2025-47957 # Versions: Microsoft Office LTSC 2024 , Microsoft Office LTSC 2021, Microsoft 365 Apps for Enterprise ## Description: The attacker can trick any user into…
#!/usr/bin/env python3 “”” # Exploit Title: FortiOS SSL-VPN 7.4.4 – Insufficient Session Expiration & Cookie Reuse # Date: 2025-06-15 # Exploit Author: Shahid Parvez Hakim (BugB Technologies) # Vendor Homepage: https://www.fortinet.com # Software Link: https://www.fortinet.com/products/secure-sd-wan/fortigate # Version: FortiOS 7.6.0, 7.4.0-7.4.7, 7.2.0-7.2.10, 7.0.x (all), 6.4.x (all) # Tested on: FortiOS 7.4.x, 7.2.x # CVE: CVE-2024-50562 #…
