Send a textThe Jaguars traded running back Tank Bigsby to the Philadelphia Eagles for 2026 draft picks while fans were celebrating a convincing 26-10 victory over the Carolina Panthers in their season opener. New General Manager James Gladstone continues stockpiling draft capital as the team shows they can handle business Read More
From YARA Offsets to Virtual Addresses Xavier explains how to convert offsets reported by YARA into offsets suitable for the use with debuggers. https://isc.sans.edu/diary/From%20YARA%20Offsets%20to%20Virtual%20Addresses/32262 Phishing via JavaScript in SVG Files Virustotal uncovered a Colombian phishing campaign that takes advantage of JavaScript in SVG files. https://blog.virustotal.com/2025/09/uncovering-colombian-malware-campaign.html FreePBX Patches FreePBX released details Read More
Send us a textDress rehersal is over. It is go time. The Jagaurs take the field Sunday on the road to what? We don't know. Shay-La and Danika don't have a real feel for this team after the small sample in preaseason. The ladies go over their prediction for the Read More
Send a textThe Jacksonville Jaguars enter a new era with optimism after a complete leadership overhaul, giving fans legitimate hope for the first time in years. We examine what makes this season different with James Gladstone, Liam Coen, and Tony Boselli bringing a much-needed fresh approach. We also discussed our Read More
Unauthorized Issuance of Certificate for 1.1.1.1 Cloudflare published a blog post with more details regarding the bad 1.1.1.1 certificate that was issued by Fina. https://blog.cloudflare.com/unauthorized-issuance-of-certificates-for-1-1-1-1/ AI Model Namespace Reuse Deleted accounts on Huggingface can be taken over by other entities unrelated to the original owner. https://unit42.paloaltonetworks.com/model-namespace-reuse/ macOS vulnerability allowed Keychain Read More
Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086 Our honeypots detected attacks against the manufacturing management system DELMIA Apriso. The deserialization vulnerability was patched in June and is one of a few critical vulnerabilities patched in recent months. https://isc.sans.edu/diary/Exploit%20Attempts%20for%20Dassault%20DELMIA%20Apriso.%20CVE-2025-5086/32256 Android Bulletin Google released its September update, fixing two already-exploited privilege escalation Read More
Join us on this Clinician’s Guide masterclass as we speak with Dr. Nicole Navega, a pioneer in embedded EMS trauma care. When it comes to supporting first responders, there’s no one-size-fits-all approach for clinicians. Through her insights into various clinical models, Dr. Navega reveals how the embedded clinician model stands Read More
Send a textThe conversation between Dr. Michael Koren and Dr. Zeke Emanuel continues in part 2. Bioethicist Zeke Emanuel dives into the unethical Tuskeegee study and landmark Belmont Report in 1979 and how many safeguards to clinical research are currently in effect. They doctoral duo also talk about how in Read More
A Quick Look at Sextortion at Scale Jan analyzed 1900 different sextortion messages using 205 different Bitcoin addresses to look at the success rate, lifetime, and other metrics defining these campaigns. https://isc.sans.edu/diary/A%20quick%20look%20at%20sextortion%20at%20scale%3A%201%2C900%20messages%20and%20205%20Bitcoin%20addresses%20spanning%20four%20years/32252 Azure AD Client Secret Leak Attackers are stealing Azure AD client secrets from websites that are leaving them Read More
Send a textDr. Michael Koren joins Kevin Geddings to report live from Madrid on new developments being presented at the European Society of Cardiology meeting. This medical gathering, now the world's largest, is a showcase of developments in heart health and medicine. Dr. Koren notes excitement about progress in treating Read More
Jason Murray—CEO & co-founder of Shipium and 19-year Amazon vet—joins Everything Is Logistics to unpack what really moves the needle for shippers: accurate delivery promises, multi-carrier execution, and where AI agents add real value today. We get into the “coordination layer” most retailers are missing across OMS/WMS/TMS, building a digital twin Read More
pdf-parser: All Streams Didier released a new version of pdf-parser.py. This version fixes a problem with dumping all filtered streams. https://isc.sans.edu/diary/pdf-parser%3A%20All%20Streams/32248 Salesloft Drift Putting OAuth Tokens at Risk OAuth tokens used by Salesloft Drift users to provide access to integrations with Salesforce, Google Workspace, and others have been compromised and Read More
Send a textProteus was a Greek sea god who could change his form, much like obesity is able to in the body. Doctors Michael Koren, Victoria Helow, and Michael Bernhardt come together in front of a live audience for a discussion on the myriad effects obesity has in and on Read More
Increasing Searches for ZIP Files Attackers are scanning our honeypots more and more for .zip files. They are looking for backups of credential files and the like left behind by careless administrators and developers. https://isc.sans.edu/diary/Increasing%20Searches%20for%20ZIP%20Files/32242 FreePBX Vulnerability An upatched vulnerability in FreePBX is currently being exploited. FreePBX offers mitigation advice Read More
Welcome to Episode 409 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben and Scott explore the configuration decisions tenant administrators face when preparing their Microsoft 365 environment for Copilot deployment. They dive into the key questions every IT professional should be asking: How do you identify and Read More
Interesting Technique to Launch a Shellcode Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code. https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238 NX Compromised to Steal Wallets and Credentials The popular open source NX build package was compromised. Code was added that uses the help of AI tools like Claude and Gemini Read More
Get ready to embark on the inspiring journey of Dr. Lori Moore-Merrell, the groundbreaking former U.S. Fire Administrator. Join us as we explore the unique challenges she faced as a woman during her early career as a paramedic, shedding light on the game-changing initiatives she championed at the IAFF that Read More
Send a textDr. Michael Koren is joined by Dr. Ezekiel "Zeke" Emanuel, an oncologist, bioethicist, and former White House advisor. Dr. Emanuel talks about his enduring interest in bioethics and the importance of ethics in areas like clinical research. The two doctors also talk about shared experiences at Harvard Medical Read More
Send a textWe welcome special guest Dilla to discuss the upcoming Jaguars season and all the recent changes to the team, from front office makeovers to roster moves and new coaching philosophies.• The front office transformation from Trent Baalke to James Gladstone has dramatically changed team culture and strategy• Trevor Read More
Getting a Better Handle on International Domain Names and Punycode International Domain names can be used for phishing and other attacks. One way to identify suspect names is to look for mixed script use. https://isc.sans.edu/diary/Getting%20a%20Better%20Handle%20on%20International%20Domain%20Names%20and%20Punycode/32234 Citrix Netscaler Vulnerabilities CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 Citrix patched three vulnerabilities in Netscaler. One is Read More
