12°C
nuageux
The Dutch government is telling people to prepare to be self-sufficient for at least 72 hours in case of a major emergency when many services (electricity, water, internet) could be unavailable. This campaign is called âDenk Vooruitâ (Think...
Video from Reddit shows what could go wrong when you try to pet aâlooks like a Humboldtâsquid. As usual, you can also use this squid post to talk about the security stories in the news that I havenât covered. Blog moderation policy.
The Trump administration has pursued a staggering range of policy pivots this past year that threaten to weaken the nationâs ability and willingness to address a broad spectrum of technology challenges, from cybersecurity and privacy to...
At least some of this is coming to light: Doublespeed, a startup backed by Andreessen Horowitz (a16z) that uses a phone farm to manage at least hundreds of AI-generated social media accounts and promote products has been hacked. The hack reveals...
Xavier's diary entry "Abusing DLLs EntryPoint for the Fun" inspired me to do some tests with TLS Callbacks and DLLs. TLS stands for Thread Local Storage. TLS Callbacks are an execution mechanism in Windows PE files that lets code run...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
This is a small fix for an escape sequence warning. pecheck-v0_7_19.zip (http)MD5: A53F4648119CC9A44FB684EAC2C84C08SHA256: 67637A257967807800AF04D45E0B8DA8F32D38AA772C3596DAE7E0CD4ECFCE52
Iâm sure thereâs a story here: Sources say the man had tailgated his way through to security screening and passed security, meaning he was not detected carrying any banned items. The man deceived the BA check-in agent by posing as a family member...
Since the end of the year is quickly approaching, it is undoubtedly a good time to look back at what the past twelve months have brought to us⊠And given that the entire cyber security profession is about protecting various systems from âbad...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
In blog post âQuickpost: USB Electric Razorâ I mention USB trigger boards. A USB trigger board is a small electronic device that receives power via a USB-C connector, and delivers power with a voltage that it negotiates with the USB power source....
I have already talked about various React2Shell exploit attempts we have observed in the last weeks. But new varieties of the exploit are popping up, and the most recent one is using this particular version of the exploit: POST /app HTTP/1.1...
For two days in September, Afghanistan had no internet. No satellite failed; no cable was cut. This was a deliberate outage, mandated by the Taliban government. It followed a more localized shutdown two weeks prior, reportedly instituted âto...
Lors dâune expertise, la premiĂšre de mes missions Ă©tait de venir prendre au tribunal deux ordinateurs mis sous scellĂ©s. En gĂ©nĂ©ral, il me sont amenĂ© par des policiers ou des gendarmes, mais parfois le magistrat me demande de venir les chercher....
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Direct navigation â the act of visiting a website by manually typing a domain name in a web browser â has never been riskier: A new study finds the vast majority of âparkedâ domains â mostly expired or dormant domain names, or common misspellings...
New report: âThe Partyâs AI: How Chinaâs New AI Systems are Reshaping Human Rights.â From a summary article: China is already the worldâs largest exporter of AI powered surveillance technology; new surveillance technologies and platforms...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Exploits for React2Shell (CVE-2025-55182) remain active. However, at this point, I would think that any servers vulnerable to the "plain" exploit attempts have already been exploited several times. Here is today's most popular exploit payload:...
Cast your mind back to May of this year: Congress was in the throes of debate over the massive budget bill. Amidst the many seismic provisions, Senator Ted Cruz dropped a ticking time bomb of tech policy: a ten-year moratorium on the ability of...
Aucun article de sécurité disponible