ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
404 Media reports (alternate site): The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification...
Apple yesterday released iOS/iPadOS 26.4.2 and iOS/iPadOS 18.7.8. This update fixes a single Notification Services vulnerability, CVE-2026-28950: Impact: Notifications marked for deletion could be unexpectedly retained on the device Description:...
ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
ICE Uses Graphite Spyware
Date inconnueICE has admitted that it uses spyware from the Israeli company Graphite.
ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program [1].] Introduction A few weeks ago, my honeypot logged an incident that changed how I think about modern attacks....
Mexican Surveillance Company
Date inconnueGrupo Seguritech is a Mexican surveillance company that is expanding into the US.
A .WAV With A Payload, (Tue, Apr 21st)
Date inconnueThere have been reports of threat actors using a .wav file as a vector for malware. It's a proper .wav file, but they didn't use staganography. The .wav file will play, but you'll just hear noise: That's because the TAs have just replaced the...
ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Is “Satoshi Nakamoto” Really Adam Back?
Date inconnueThe New York Times has a long article where the author lays out an impressive array of circumstantial evidence that the inventor of Bitcoin is the cypherpunk Adam Back. I don’t know. The article is convincing, but it’s written to be convincing. I...
Handling the CVE Flood With EPSS, (Mon, Apr 20th)
Date inconnueEvery morning, security people around the world face the same ritual: opening their vulnerability feed to find a lot of new CVE entries that appeared overnight. Over the past decade, this flood has become a defining challenge of modern defensive...
ISC Stormcast For Monday, April 20th, 2026 https://isc.sans.edu/podcastdetail/9898, (Mon, Apr 20th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Update: cut-bytes.py Version 0.0.18
Date inconnueThis is a fix for escape sequences that trigger warnings in the latest Python versions. cut-bytes_V0_0_18.zip (http)MD5: C5FE455A5371C6675EDF16200D7C5657SHA256: A4F2A2CFE3614F32F9127F1BAA898260B7C3DF6DEA9544513A375519DE7A5595
HTB: AirTouch
Date inconnueAirTouch simulates a wireless network environment. I’ll start by pulling a default password from SNMP to SSH as a consultant user inside a container with virtual wireless interfaces. From there, I’ll capture and crack a WPA2-PSK handshake to join...
Friday Squid Blogging: New Giant Squid Video
Date inconnuePretty fantastic video from Japan of a giant squid eating another squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.
Pentests assistés par IA
Date inconnueAvertissement : il est formellement interdit de faire un pentest sur un site sans l’autorisation explicite et traçable de son propriétaire et de son hébergeur. Un pentester (testeur d’intrusion) est un professionnel de la cybersécurité chargé de...
Mythos and Cybersecurity
Date inconnueLast week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to release to the public. Instead, access has been...
ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)
Date inconnue(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Introduction This diary provides indicators from a Lumma Stealer infection that was followed by Sectop RAT (ArechClient2). I searched for cracked versions of popular copyright-protected software, and I downloaded the initial malware after...
Aucun article de sécurité disponible