ISC Stormcast For Wednesday, January 21st, 2026 https://isc.sans.edu/podcastdetail/9774, (Wed, Jan 21st)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Could ChatGPT Convince You to Buy Something?
Date inconnueEighteen months ago, it was plausible that artificial intelligence might take a different path than social media. Back then, AIâs development hadnât consolidated under a small number of big tech firms. Nor had it capitalized on consumer...
IDNs or âInternational Domain Namesâ have been with us for a while now (see RFC3490[1]). They are (ab)used in many attack scenarios because.. it works! Who can immediately spot the difference between: https://youtube.com/ And:...
ISC Stormcast For Tuesday, January 20th, 2026 https://isc.sans.edu/podcastdetail/9772, (Tue, Jan 20th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
EVerest security audit
Date inconnueIntroduction Quarkslab conducted the first public third-party security assessment of EVerest, an open-source firmware stack for electric vehicle charging stations, deployed in hundreds of thousands of charging points worldwide. The audit was...
AI-Powered Surveillance in Schools
Date inconnueIt all sounds pretty dystopian: Inside a white stucco building in Southern California, video cameras compare faces of passersby against a facial recognition database. Behavioral analysis AI reviews the footage for signs of violent behavior....
I've seen many API requests for different LLMs in the honeypot logs. Like this one: The prompt is always the same: "How many states are there in the United States?". This is recon to find open LLMs. Not necessarily to exploit them, but to use...
Update: zipdump.py Version 0.0.33
Date inconnueThis update adds pseudo-field sha256 which can be used to calculate the sha256 hash of the content (compressed or decompressed):-E sha256:data-E sha256:data:decompress-E sha256:decompress-E sha256:extra zipdump_v0_0_33.zip (http)MD5:...
HTB: HackNet
Date inconnueHackNet hosts a social media site for hackers built with Django. Iâll find an HTML injection in the username field that, combined with how the likes page renders usernames, leads to server-side template injection. While Django templates are...
Update: hash.py Version 0.0.14
Date inconnueThis is a bug fix version. hash_V0_0_14.zip (http)MD5: 66A205915A280CC474541053739B8EDDSHA256: C459B75F132BB4AA394D8EA27A79F409C446AAA67536946673EC824EA9219F9F
Wireshark 4.6.3 Released, (Sat, Jan 17th)
Date inconnueWireshark release 4.6.3 fixes 4 vulnerabilities and 9 bugs. Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI and the Corporate Capture of Knowledge
Date inconnueMore than a decade after Aaron Swartzâs death, the United States is still living inside the contradiction that destroyed him. Swartz believed that knowledge, especially publicly funded knowledge, should be freely accessible. Acting on that, he...
ISC Stormcast For Friday, January 16th, 2026 https://isc.sans.edu/podcastdetail/9770, (Fri, Jan 16th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
New Vulnerability in n8n
Date inconnueThis isnât good: We discovered a critical vulnerability (CVE-2026-21858, CVSS 10.0) in n8n that enables attackers to take over locally deployed instances, impacting an estimated 100,000 servers globally. No official workarounds are available for...
[This is a Guest Diary by Matthew Presnal, an ISC intern as part of the SANS.edu BACS program] Cryptojacking and botnets can pose a greater threat than a simple drain of resources. These organizations have been known to engage in âDDoS for Hireâ...
ISC Stormcast For Thursday, January 15th, 2026 https://isc.sans.edu/podcastdetail/9768, (Thu, Jan 15th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Hacking Wheelchairs over Bluetooth
Date inconnueResearchers have demonstrated remotely controlling a wheelchair over Bluetooth. CISA has issued an advisory. CISA said the WHILL wheelchairs did not enforce authentication for Bluetooth connections, allowing an attacker who is in Bluetooth range...
Infection repeatedly adds scheduled tasks and increases traffic to the same C2 domain, (Wed, Jan 14th)
Date inconnueIntroduction In recent weeks, Lumma Stealer infections have followed a specific pattern in follow-up activity. This pattern adds scheduled tasks for the same action, which increases traffic to the same C2 domain. This diary documents an example...
Upcoming Speaking Engagements
Date inconnueThis is a current list of where and when I am scheduled to speak: Iâm speaking at the David R. Cheriton School of Computer Science in Waterloo, Ontario, Canada on January 27, 2026, at 1:30 PM ET. Iâm speaking at the UniversitĂ© de MontrĂ©al in...
ISC Stormcast For Wednesday, January 14th, 2026 https://isc.sans.edu/podcastdetail/9766, (Wed, Jan 14th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Aucun article de sécurité disponible