Some New Data Feeds and Little Incident We started offering additional data feeds, and an SEO spamer attempted to make us change a link from an old podcast episode. https://isc.sans.edu/diary/Some%20new%20Data%20Feeds%2C%20and%20a%20little%20%22incident%22./31786 Veeam Deserialization Vulnerability Veeam released details regarding the latest vulnerablity in Veeam, pointing out the insufficient patch applied to a Read More
Send us a textIts the start of the leauge year with NFL Free Agency. Did the Jaguars make any big splashes like in the past? It seems this new regime is going in a different direction. Will it work? Hell if we know, just hope the shit works,
Cargo thieves aren’t just stealing freight—they’re outpacing traditional security methods with fraudulent carriers, fake BOLs, and even high-speed heists. Cargo theft has surged 50% year-over-year, leaving shippers and brokers scrambling for protection. But while criminals are getting smarter, so is technology. On this episode of Everything is Logistics, Jonathan Ryan, CPTO of Read More
Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 CVE-2024-20440 Attackers added last September's Cisco Smart Licensing Utility vulnerability to their toolset. These attacks orginate most likely from botnets and the same attackers are scanning for a wide range of additional vulnerabilities. The vulnerability is a static credential issue and trivial Read More
In this encore episode, get ready to meet charismatic firefighter/paramedic Jason Patton, the creative force behind Fire Department Chronicles. In this episode, we dive into crucial conversations about mental health and wellness for first responders while enjoying Jason's signature humor. Discover how a good laugh can enhance firefighter retention and Read More
Send a textKen Amaro, a former broadcaster with 42 years of experience and current Jacksonville City Councilman for District 1, joins Eric Ross, RN. Ken shares his decade-long journey with Type 2 diabetes from diagnosis through management and lifestyle adaptations, dropping motivational nuggets and tips he's learned along the way. Read More
Python Bot Delivered Through DLL Side-Loading A "normal", but vulnerable to DLL side-loading PDF reader may be used to launch additional exploit code https://isc.sans.edu/diary/Python%20Bot%20Delivered%20Through%20DLL%20Side-Loading/31778 Tomcat RCE Correction To exploit the Tomcat RCE I mentioned yesterday, two non-default configuration options must be selected by the victim. https://x.com/dkx02668274/status/1901893656316969308 SAML Roulette: The Hacker Read More
Warehouse robotics is evolving fast, yet 90% of warehouses still don’t use automation. Why? Despite the rise of AI, autonomous mobile robots (AMRs), and drone-based inventory tracking, most operations remain stuck in outdated, manual processes. The real challenge isn’t just cost—it’s about knowledge gaps, change management, and finding the right tech Read More
Static Analysis of GUID Encoded Shellcode Didier explains how to decode shell code embeded as GUIDs in malware, and how to feed the result to his tool 1768.py which will extract Cobal Strike configuration information from the code. https://isc.sans.edu/diary/Static%20Analysis%20of%20GUID%20Encoded%20Shellcode/31774 SAMLStorm: Critical Authentication Bypass in xml-crypto and Node.js libraries xml-crypto, a Read More
Send a textOn this week's Monday Morning Minute, Dr. Michael Koren joins Kevin Geddings to answer the question "can I participate in clinical trials even if I'm not sick?" They discuss how having "healthy participants" is critical for some clinical trials. They look at a current study that examines how Read More
Mirai Bot Now Incorporating Malformed DrayTek Vigor Router Exploits One of the many versions of the Mirai botnet added some new exploit strings attempting to take advantage of an old DrayTek Vigor Router vulnerability, but they got the URL wrong. https://isc.sans.edu/diary/Mirai%20Bot%20now%20incroporating%20%28malformed%3F%29%20DrayTek%20Vigor%20Router%20Exploits/31770 Compromised GitHub Action The popular GitHub action tj-actions/changed-files was Read More
File Hashes Analysis with Power BI Guy explains in this diary how to analyze Cowrie honeypot file hashes using Microsoft's BI tool and what you may be able to discover using this tool. https://isc.sans.edu/diary/File%20Hashes%20Analysis%20with%20Power%20BI%20from%20Data%20Stored%20in%20DShield%20SIEM/31764 Apache Camel Vulnerability Apache released two patches for Camel in close succession. Initially, the vulnerability was Read More
Welcome to Episode 397 of the Microsoft Cloud IT Pro Podcast. In this episode, Scott and Ben dive into the world of local LLMs—large language models that run entirely on your device. We’re going to explore why more IT pros and developers are experimenting with them, the kinds of models Read More
Freight brokers waste hours on missed calls and rate negotiations. What if AI could handle those conversations instantly?Roger Boza, Chief Technology Advisor at CloneOps, explains how AI-powered voice agents are transforming brokerage operations. From real-time rate negotiations to eliminating phone call bottlenecks, Boza breaks down how AI streamlines freight without Read More
Log4J Scans for VMWare Hyhbrid Cloud Extensions An attacker is scanning various login pages, including the authentication feature in the VMWare HCX REST API for Log4j vulnerabilities. The attack submits the exploit string as username, hoping to trigger the vulnerability as Log4j logs the username https://isc.sans.edu/diary/Scans%20for%20VMWare%20Hybrid%20Cloud%20Extension%20%28HCX%29%20API%20(Log4j%20-%20not%20brute%20forcing)/31762 Patch Tuesday Fallout Yesterday's Read More
This episode explores the vital connection between mental health and law enforcement. Dr. Medina Baumgart shares insights on the critical role of embedded clinicians, the mental health challenges retired officers face, and the importance of peer support programs. Discover effective strategies for building trust between clinicians and police personnel, explore Read More
Send a textIn this episode, Dr. Michael Koren is joined by Dr. Sunil Joshi, the Chief Health Officer of the city of Jacksonville, Florida. Dr. Joshi runs through five health initiatives to lower the premature death rate in the city and county. The doctors discuss health inequalities, the social and Read More
Microsoft Patch Tuesday Microsoft Patched six already exploited vulnerabilities today. In addition, the patches included a critical patch for Microsoft's DNS server and about 50 additional patches. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%3A%20March%202025/31756 Apple Updates iOS/macOS Apple released an update to address a single, already exploited, vulnerability in WebKit. This vulnerability affects iOS, macOS and Read More
Freight fraud is escalating at an alarming rate. Cargo theft, double brokering, and identity fraud have increased by 500% year over year, leaving brokers and carriers struggling to stay ahead. In this episode of Everything is Logistics, host Blythe Brumleve sits down with Reid Clements of Highway to discuss how identity Read More
Shellcode Encoded in UUIDs Attackers are using UUIDs to encode Shellcode. The 128 Bit (or 16 Bytes) encoded in each UUID are converted to shell code to implement a cobalt strike beacon https://isc.sans.edu/diary/Shellcode%20Encoded%20in%20UUIDs/31752 Moxa CVE-2024-12297 Expanded to PT Switches Moxa in January first releast an update to address a fronted Read More
