7°C
ciel dégagé
This is a current list of where and when I am scheduled to speak: I’m giving the Ross Anderson Lecture at the University of Cambridge’s Churchill College at 5:30 PM GMT on Thursday, March 19, 2026. I’m speaking at RSAC 2026 in San Francisco,...
Gavel is a Linux box hosting a PHP auction website with an exposed .git directory. I’ll recover the source code with git-dumper and exploit a novel SQL injection technique that bypasses PDO’s backtick-quoted prepared statements to dump the...
Introduction This diary describes a Remcos RAT infection that I generated in my lab on Thursday, 2026-03-11. This infection was from the SmartApeSG campaign that used a ClickFix-style fake CAPTCHA page. My previous in-depth diary about a...
This is a fix for option –yarastrings. oledump_V0_0_84.zip (http)MD5: 24EA0DEAA6FCB2FA234F33DD179BBAAFSHA256: C966607C864AAE1D956279B4C3087D37BD003072ED39143512979E771BA5462A
Some good news: squid stocks seem to be recovering in the waters off the Falkland Islands. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.
In 2025, Google, Amazon, Microsoft and Meta collectively spent US$380 billion on building artificial-intelligence tools. That number is expected to surge still higher this year, to $650 billion, to fund the building of physical infrastructure,...
Dear blog readers,I recently took the time and effort and do some research on the recently made public Coruna iOS iPhone client-side exploits serving web malware exploitation kits.Here are the details.Related MD5s for the javascript detected...
On Wednesday, a phishing message made its way into our handler inbox that contained a fairly typical low-quality lure, but turned out to be quite interesting in the end nonetheless. That is because the accompanying credential stealing web page...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
This is a fix for option –yarastrings. pdf-parser_V0_7_14.zip (http)MD5: EB3808ACE5497B428138594AFDC5205FSHA256: 6A60223D52B75F8AFF8C8CF19A58699A20829AC758C251B405B08EC734EF6A4A
Apple announcement: …iPhone and iPad are the first and only consumer devices in compliance with the information assurance requirements of NATO nations. This enables iPhone and iPad to be used with classified information up to the NATO restricted...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
[This is a Guest Diary by Adam Thorman, an ISC intern as part of the SANS.edu BACS program] Introduction Have you ever installed a new device on your home or company router? Even when setup instructions are straightforward, end users often skip...
This update adds option forcedecompress when using options -f and -s. More info: Analyzing “Zombie Zip” Files (CVE-2026-0866). zipdump_v0_0_35.zip (http)MD5: F4A48AE14C1B258D688BF61D9ACF5E54SHA256:...
Introduction This blog post is a follow-up to our previous post describing how we managed to extract the firmware of a smartwatch. It contains many references and details introduced in our previous post, readers are therefore advised to read it...
Canada has a choice to make about its artificial intelligence future. The Carney administration is investing $2-billion over five years in its Sovereign AI Compute Strategy. Will any value generated by “sovereign AI” be captured in Canada, making...
A new vulnerability (CVE-2026-0866) has been published: Zombie Zip. It's a method to create a malformed ZIP file that will bypass detection by most anti-virus engines. The malformed ZIP file can not be opened with a ZIP utility, a custom loader...
This is a fix for option –yarastrings. zipdump_v0_0_34.zip (http)MD5: F2BB1DF9A4E1BA323D85C3F8F71B5E69SHA256: 2455A026DB2BE1678AD8F1AAC2D148D40A7AB7412CCE180C3E9E1FC4B39B9378
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
This is a fix for option –yarastrings. pecheck-v0_7_20.zip (http)MD5: DB34684DA9A5DEC0E94746328318FFE1SHA256: F6B702206E4DAE3971778263F4B234F7E77BA91A3A1F59419D12CA312316CA96
Aucun article de sécurité disponible