Battling Cryptojacking, Botnets, and IABs Cryptojacking often comes with less obvious addons, like SSH backdoors https://isc.sans.edu/diary/Battling%20Cryptojacking%2C%20Botnets%2C%20and%20IABs%20%5BGuest%20Diary%5D/32632 Microsoft Copilot Reprompt Attacks Adding a query parameter to the URL may prefill a Copilot prompt, altering the meaning of the prompts that follow. https://www.varonis.com/blog/reprompt Hijacking Bluetooth Accessories Using Google Fast Pair Google s Read More
Welcome to Episode 419 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben is once again live from Workplace Ninjas and is joined by John Joyner, an 18-year Microsoft MVP in Cloud Security and Azure Management. They discuss some of the announcements from Microsoft Ignite focused around Microsoft Read More
Infection repeatedly adds scheduled tasks and increases traffic to the same C2 domain https://isc.sans.edu/diary/Infection%20repeatedly%20adds%20scheduled%20tasks%20and%20increases%20traffic%20to%20the%20same%20C2%20domain/32628 BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow https://appomni.com/ao-labs/bodysnatcher-agentic-ai-security-vulnerability-in-servicenow/ Starlink Terminal GPS Spoofing/Jamming Detection in Iran https://github.com/narimangharib/starlink-iran-gps-spoofing/blob/main/starlink-iran.md
In this raw episode, we speak with Doug White, a veteran and retired law enforcement officer. Doug pulls no punches as he confronts the reality of post-traumatic stress in first responders. Doug reveals how over-identifying with the uniform can unravel lives, and shares the brutal toll decades of service take on Read More
Send a textDr. Noelle Pomeroy, PhD, joins Dr. Erich Schramm to discuss mental health, particularly from the perspective of relationships. The two discuss the value of therapy and the importance of talking with an expert in areas that are new to us, and then get into sexual health and relationships. Read More
Microsoft Patch Tuesday January 2026 Microsoft released patches for 113 vulnerabilities. This includes one already exploited vulnerability, one that was made public before today and eight critical vulnerabilities. https://isc.sans.edu/diary/January%202026%20Microsoft%20Patch%20Tuesday%20Summary/32624 Adobe Patches Adobe released patches for five products. The code execution vulnerabilities in ColdFusion and Acrobat Reader deserve special attention. https://helpx.adobe.com/security.html Read More
n8n supply chain attack Malicious npm pagackages were used to attempt to obtain user OAUTH credentials for NPM. https://www.endorlabs.com/learn/n8mare-on-auth-street-supply-chain-attack-targets-n8n-ecosystem Gogs 0-Day Exploited in the Wild An at the time unpachted flaw in Gogs was exploited to compromise git repos. https://www.wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit Telegram Proxy Link Abuse Telegram proxy links have been abused Read More
Send a textDr. Michael Koren joins Kevin Geddings to discuss atrial fibrillation. This heart condition is caused by rapid, irregular heartbeats originating in the upper chambers and is a critical risk factor for strokes. Dr. Koren talks about the current standard-of-care medicines for atrial fibrillation, blood thinners, and their shortcomings. Read More
Malicious Process Environment Block Manipulation The process environment block contains metadata about particular processes, but can be manipulated. https://isc.sans.edu/diary/Malicious+Process+Environment+Block+Manipulation/32614/ YARA-X 1.11.0 Release: Hash Function Warnings The latest version of YARA will warn users if a hash rule attempts to match an invalid hash. https://isc.sans.edu/diary/YARA-X%201.11.0%20Release%3A%20Hash%20Function%20Warnings/32616 VideoLAN Security Bulletin VLC 3.0.22 CVE-2025-51602 Read More
Analysis using Gephi with DShield Sensor Data Gephi is a neat tool to create interactive data visualizations. It can be applied to honeypot data to find data clusters. https://isc.sans.edu/diary/Analysis%20using%20Gephi%20with%20DShield%20Sensor%20Data/32608 zlib v1.3.1.2 Global Buffer Overflow in TGZfname() of zlib untgz Utility The untgz utility that is part of zlib suffers from Read More
In the finale of our Best of 2025 series, we’re highlighting the modes and legalities that usually stay "out of sight, out of mind." We start with Jason Aristides of Open Tug, who is bringing tech to the 12,000 miles of US inland waterways. Then, maritime law expert Lauren Beagen Read More
A phishing campaign with QR codes rendered using an HTML table Phishing emails are bypassing filters by encoding QR codes as HTML tables. https://isc.sans.edu/diary/A%20phishing%20campaign%20with%20QR%20codes%20rendered%20using%20an%20HTML%20table/32606 n8n vulnerabilities In recent days, several new n8n vulnerabilities were disclosed. Ensure that you update any on-premises installations and carefully consider what to use n8n for. Read More
In this encore presentation of Responder Resilience, we revisit the compelling journey of retired FDNY EMS Chief Lillian Bonsignore, who recently took on the role of Commissioner of the New York City Fire Department. A trailblazer with a remarkable 31-year career, she became the first female to achieve a 4-star Read More
Send a textThe Jacksonville Jaguars are AFC South champions once again, and we’re breaking down what it means for this team heading into the playoffs. From milestone moments to lingering concerns, the vibes are high in Duval as the Jags turn their focus to the Wild Card round—and another chance Read More
Send a textDr. Paul Miller joins Dr. Michael Koren to discuss ongoing research in the field of psychology. Dr. Miller expounds on the complex interplay between genetic predisposition, trauma, and the way the brain misprocesses memory, and the potential negative psychological outcomes. Dr. Miller then discusses treatments and the changing Read More
Tool Review: Tailsnitch Tailsnitch is a tool to audit your Tailscale configuration. It does a comprehensive analysis of your configuration and suggests (or even applies) fixes. https://isc.sans.edu/diary/Tool%20Review%3A%20Tailsnitch/32602 D-Link DSL Command Injection via DNS Configuration Endpoint A new vulnerability in very old D-Link DSL modems is currently being exploited. https://www.vulncheck.com/advisories/dlink-dsl-command-injection-via-dns-configuration-endpoint TOTOLINK Read More
It’s birthday week at Everything is Logistics! To celebrate, we’re digging into the vault to cover the heavy hitters: Janet Labuta explains why "importing is not for cowards," Kevin Lawton drops a truth bomb on why 90% of warehouses are still manual, Grace Sharkey helps us navigate the hype of Read More
Risks of OOB Access via IP KVM Devices Recently, cheap IP KVMs have become popular. But their deployment needs to be secured. https://isc.sans.edu/diary/Risks%20of%20OOB%20Access%20via%20IP%20KVM%20Devices/32598 Tailsnitch Tailsnitch is a tool to review your Tailscale configuration for vulnerabilities https://github.com/Adversis/tailsnitch Net-SNMP snmptrapd vulnerability A new vulnerability in snmptrapd may lead to remote code execution Read More
Send us a textHappy New Year! After a break for the holidays ya girls are back. Jaguars have won the AFC South by beating the snot out of the Titans. Shay-La and Danika talk about how this season turned out,playoffs vs the Bills. And these expensive ass playoff tickets!
Send a textDr. Michael Koren joins Kevin Geddings to give some advice on easy-to-accomplish resolutions for the new year. The doctor gives three resolutions:Get an advanced cholesterol Lp(a) checkGet a fatty liver testDo an Alzheimer's screeningThese are easy resolutions that can help guide health decisions for the year and beyond.Be Read More
