More Scans for SMS Gateways and APIs Attackers are not just looking for SMS Gateways like the scans we reported on last week, but they are also actively scanning for other ways to use APIs and add on tools to send messages using other people s credentials. https://isc.sans.edu/diary/More%20Scans%20for%20SMS%20Gateways%20and%20APIs/31902 AirBorne: AirPlay Read More
Business owner, podcast host, and SPI Logistics freight agent Dave Gulas is back on the show to talk about how he uses podcasting to create content for his customers and leads. By using education, he’s able to stay top of mind and earn future opportunities by delivering value long before Read More
SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics Mark Baggett released SRUM-DUMP Version 3. The tool simplifies data extraction from Widnows System Resource Usage Monitor (SRUM). This database logs how much resources software used for 30 days, and is invaluable to find out what software was executed when and if Read More
Send a textJames Gladstone makes a bold statement in his first draft as Jaguars GM by trading up to secure Travis Hunter, signaling a new era of aggressive team building in Jacksonville.• Trading picks 5, 36, 126, and a 2026 first-round pick to move up to pick 2 • Travis Hunter Read More
Example of a Payload Delivered Through Steganography Xavier and Didier published two diaries this weekend, building on each other. First, Xavier showed an example of an image being used to smuggle an executable past network defenses, and second, Didier showed how to use his tools to extract the binary. https://isc.sans.edu/diary/Example%20of%20a%20Payload%20Delivered%20Through%20Steganography/31892 Read More
Attacks against Teltonika Networks SMS Gateways Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords. https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888 Commvault Vulnerability CVE-2205-34028 Commvault, about a week ago, published an advisory and a fix for a vulnerability in its backup software. watchTowr now released Read More
Welcome to Episode 400 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben and Scott explore how IT professionals and developers can leverage Microsoft 365 Copilot’s declarative agents and the Copilot Studio Agent Builder to enhance productivity and streamline workflows within their organizations. Declarative agents allow you to Read More
Tariff news changes by the hour, and freight pros can’t afford to fall behind. In this solo episode, Blythe shares how she used AI tools to get smart on global trade policy fast and prep for a talk on tariffs with real confidence. From building a research system to generating a Read More
Honeypot Iptables Maintenance and DShield-SIEM Logging In this diary, Jesse is talking about some of the tasks to maintain a honeypot, like keeping filebeats up to date and adjusting configurations in case your dynamic IP address changes https://isc.sans.edu/diary/Honeypot%20Iptables%20Maintenance%20and%20DShield-SIEM%20Logging/31876 XRPL.js Compromised An unknown actor was able to push malicious updates of Read More
In this episode, we welcome Dr. Rachelle Zemlok, a first responder psychologist specializing in the unique challenges first responder families face. We explore the vital importance of family support in this demanding job. Dr. Zemlok shares invaluable insights and practical strategies to help families thrive amidst the stresses of first Read More
Send a textDr. Michael Koren sits down with Dr. Murali Ramaswamy to explore the concept of Research as a Care Option. They compare this with the misconception of research as a treatment option to reveal how clinical trials provide structured environments that often lead to better health outcomes regardless of Read More
xorsearch.py: Ad Hoc YARA Rules Adhoc YARA rules allow for easy searches using command line arguments without having to write complete YARA rules for simple use cases like string and regex searches https://isc.sans.edu/diary/xorsearch.py%3A%20%22Ad%20Hoc%20YARA%20Rules%22/31856 Google Spoofed via DKIM Replay Attack DKIM replay attacks are a known issue where the attacker re-uses Read More
From de minimis drama to geopolitical trade shakeups, tariffs are doing more than raising prices, they're forcing a full rewrite of how e-commerce logistics gets done. Harshida Acharya, Chief Strategy Officer at Fulfillment IQ and host of the eCOM Logistics Podcast, joins the show to explain what these policy changes really Read More
Send a textLuke Easterling, NFL Draft expert from Athlon Sports, provides deep insights on the Jaguars' options with the fifth overall pick in the 2025 NFL Draft and discusses key prospects who could transform the team.• Jaguars should prioritize selecting a star player at pick #5 rather than trading down, Read More
It's 2025, so why are malicious advertising URLs still going strong? Phishing attacks continue to take advantage of Google s advertising services. Sadly, this is still the case for obviously malicious links, even after various anti-phishing services flag the URL. https://isc.sans.edu/diary/It%27s%202025...%20so%20why%20are%20obviously%20malicious%20advertising%20URLs%20still%20going%20strong%3F/31880 ChatGPT Fingerprinting Documents via Unicode ChatGPT apparently started leaving Read More
Send a textDr. Michael Koren joins Kevin Geddings to discuss how tariffs could significantly impact pharmaceutical prices. They talk about how barriers to import may affect both prescription and especially over-the-counter medication prices. They move onto the difficulty of starting new drug manufacturing in the US and how clinical trials Read More
Microsoft Entra User Lockout Multiple organizations reported widespread alerts and account lockouts this weekend from Microsoft Entra. The issue is caused by a new feature Microsoft enabled. This feature will lock accounts if Microsoft believes that the password for the account was compromised. https://www.bleepingcomputer.com/news/microsoft/widespread-microsoft-entra-lockouts-tied-to-new-security-feature-rollout/ https://learn.microsoft.com/en-us/entra/identity/authentication/feature-availability Erlang/OTP SSH Exploit An exploit Read More
RedTail: Remnux and Malware Management A description showing how to set up a malware analysis in the cloud with Remnux and Kasm. RedTail is a sample to illustrate how the environment can be used. https://isc.sans.edu/diary/RedTail%2C%20Remnux%20and%20Malware%20Management%20%5BGuest%20Diary%5D/31868 Critical Erlang/OTP SSH Vulnerability Researchers identified a critical vulnerability in the Erlang/OTP SSH library. Due Read More
Apple Updates Apple released updates for iOS, iPadOS, macOS, and VisionOS. The updates fix two vulnerabilities which had already been exploited against iOS. https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Vulnerability/31866 Oracle Updates Oracle released it quarterly critical patch update. The update addresses 378 security vulnerabilities. Many of the critical updates are already known vulnerabilities in open-source Read More
In this inspiring episode, we sit down with Rick Cheatham, a seasoned Life and Career Transformation Coach and retired Fire Captain. Rick shares his profound journey of resilience, navigating personal challenges including overcoming addiction, coping with the murder of his son, and enduring a life-changing injury. Discover how he transformed Read More
