Freight fraud is one of the biggest threats facing independent brokers today, and many agents are left without a playbook for how to respond. In this episode of Everything is Logistics, Blythe talks with Mark Funk and Shiv Narayan of SPI Logistics about building an action plan to protect agents, Read More
Reading Location Position Value in Microsoft Word Documents Jessy investigated how Word documents store the last visited document location in the registry. https://isc.sans.edu/diary/Reading%20Location%20Position%20Value%20in%20Microsoft%20Word%20Documents/32224 Weaponizing image scaling against production AI systems AI systems often downscale images before processing them. An attacker can create a harmless looking image that would reveal text Read More
Send a textDr. Michael Koren joins Kevin Geddings to wax nostalgic about the past generation and what has changed for the better and for the worse. They note that there have been improvements in areas like food, but that air travel and the healthcare experience have deteriorated precipitously. They then Read More
The end of an era: Properly formatted IP addresses in all of our data. When initiall designing DShield, addresses were zero padded , an unfortunate choice. As of this week, datafeeds should no longer be zero padded . https://isc.sans.edu/diary/The%20end%20of%20an%20era%3A%20Properly%20formated%20IP%20addresses%20in%20all%20of%20our%20data./32228 .desktop files used in an attack against Linux Desktops Pakistani attackers Read More
Don't Forget The "-n" Command Line Switch Disabling reverse DNS lookups for IP addresses is important not just for performance, but also for opsec. Xavier is explaining some of the risks. https://isc.sans.edu/diary/Don%27t%20Forget%20The%20%22-n%22%20Command%20Line%20Switch/32220 watchTowr releases details about recent Commvault flaws Users of the Commvault enterprise backup solution must patch now after Read More
Send a textJames Gladstone is reshaping the Jacksonville Jaguars with a bold mentality that fans haven't seen before in Jacksonville. The latest evidence? Trading center Luke Fortner for New Orleans Saints defensive tackle Khalen Saunders - bolstering the team's biggest roster weakness without surrendering draft capital.This proactive approach marks a Read More
Airtel Router Scans and Mislabeled Usernames A quick summary of some odd usernames that show up in our honeypot logs https://isc.sans.edu/diary/Airtel%20Router%20Scans%2C%20and%20Mislabeled%20usernames/32216 Apple Patches 0-Day CVE-2025-43300 Apple released an update for iOS, iPadOS and MacOS today patching a single, already exploited, vulnerability in ImageIO. https://support.apple.com/en-us/124925 Microsoft Copilot Audit Logs A user Read More
In this episode, we talk with Lt. Tommy Bolin, a firefighter and paramedic from Central Ohio, about the hidden mental health struggles first responders face. Drawing from his book, “Unseen Battles: The Price of Duty in a Life of Trauma and Sacrifice,” Tommy discusses the toll of duty, identity crises, Read More
Send a textRadiologist Sue Jane Grosso-Rivas, MD joins cardiologist and clinical researcher Michael J. Koren, MD for Part Two of her Master's Series on breast imaging.Dr. Grosso-Rivas talks about some of the complications that can occur during imaging, including dense breasts and their surprising prevalence. She also talks about new Read More
Increased Elasticsearch Recognizance Scans Our honeypots noted an increase in reconnaissance scans for Elasticsearch. In particular, the endpoint /_cluster/settings is hit hard. https://isc.sans.edu/diary/Increased%20Elasticsearch%20Recognizance%20Scans/32212 Microsoft Patch Tuesday Issues Microsoft noted some issues deploying the most recent patches with WSUS. There are also issues with certain SSDs if larger files are transferred. Read More
Mergers and acquisitions are reshaping the logistics tech landscape. In this episode of Freight Friends, Blythe and Grace Sharkey unpack what recent deals mean for the industry, how SEO strategies are shifting under AI pressure, and what freight markets could look like in the coming months. They also explore the Read More
Keeping an Eye on MFA Bombing Attacks Attackers will attempt to use authentication fatigue by bombing users with MFA authentication requests. Rob is talking in this diary about how to investigate these attacks in a Microsoft ecosystem. https://isc.sans.edu/diary/Keeping+an+Eye+on+MFABombing+Attacks/32208 Critical Cisco Secure Firewall Management Center Software RADIUS Remote Code Execution Vulnerability Read More
Send a textDr. Michael Koren joins Kevin Geddings to explain how having a conversation with a medical professional who is tuned into your personal situation can help you understand the confusing and sometimes counterintuitive world of medical information. Cardiologist Dr. Koren uses the examples of coronary calcium scores and total Read More
SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations Researchers from the Singapore University of Technology and Design released a new framework, SNI5GECT, to passively sniff and inject traffic into 5G data streams, leading to DoS, downgrade and other attacks. https://isc.sans.edu/diary/SNI5GECT%3A%20Sniffing%20and%20Injecting%205G%20Traffic%20Without%20Rogue%20Base%20Stations/32202 Plex Vulnerability Plex patched a vulnerability in the Read More
Send a textDr. Michael Koren Joins Kevin Geddings to discuss how the current political situation in Washington, D.C. is interfering with clinical research. They discuss the Vaxart trial, that is looking at the next generation of oral COVID vaccines, and how it has been affected by the Trump administration's inconsistent Read More
AI and Faster Attack Analysis A few use cases for LLMs to speed up analysis https://isc.sans.edu/diary/AI%20and%20Faster%20Attack%20Analysis%20%5BGuest%20Diary%5D/32198 Proxyware Malware Being Distributed on YouTube Video Download Site Popular YouTube download sites will attempt to infect users with proxyware. https://asec.ahnlab.com/en/89574/ Xerox Freeflow Core Vulnerability Horizon3.ai discovered XXE Injection (CVE-2025-8355) and Path Traversal (CVE-2025-8356) Read More
Welcome to Episode 408 of the Microsoft Cloud IT Pro Podcast. Part two of our exploration into Model Context Protocol (MCP) servers continues our hands-on discussion about finding, implementing, and getting the most out of MCP servers in your daily workflows. Your support makes this show possible! Please consider becoming Read More
CVE-2017-11882 Will Never Die The (very) old equation editor vulnerability is still being exploited, as this recent sample analyzed by Xavier shows. The payload of the Excel file attempts to download and execute an infostealer to exfiltrate passwords via email. https://isc.sans.edu/diary/CVE-2017-11882%20Will%20Never%20Die/32196 Windows Kerberos Elevation of Privilege Vulnerability Yesterday, Microsoft released Read More
Join our very own Bonnie Rumilly, LCSW, EMTB, and Stacy Raymond, PsyD, in this engaging episode as they share their expertise on building a practice tailored for clinicians working with First Responders. They will offer effective strategies for integrating support networks, managing insurance and payment hurdles, and fostering a therapeutic Read More
Send a textRadiologist Sue Jane Grosso-Rivas, MD joins cardiologist and clinical researcher Michael J. Koren, MD to share her inspiring journey from aspiring secretary to Medical Co-Director of Breast Imaging at Summit Health. The doctoral duo discuss how Dr. Grosso-Rivas’s career was shaped by a school counselor who recognized her Read More
