6°C
ciel dégagé
The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006. I’m actually impressed to see a declassification only two decades after decommission.
Today, I received an interesting email with a malicious attachment. When I had a look at the automatic scan results, it seemed to be a malicious script to create a Chrome Injector to steal data. Because InfoStealers are very common these days, it...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Last week, a new AI agent framework was introduced to automate "live". It targets office work in particular, focusing on messaging and interacting with systems. The tool has gone viral not so much because of its features, which are similar to...
Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year. It’s possible for users to store those keys on a device they own, but Microsoft also recommends BitLocker users store their keys on...
Bamboo offers a Squid HTTP proxy through which I’ll access a PaperCut NG instance. I’ll use Spose to scan through the proxy and discover the print management application. I’ll exploit an authentication bypass vulnerability in PaperCut and use...
Je me suis rendu compte récemment que le fait de faire mes projets en stream me bouffait toute mon énergie, ce qui avait pour conséquence un très faible nombre de billets de blog publiés ces dernières années. Il est peut-être temps pour moi de...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Yesterday, a single IP address (%%ip:204.76.203.210%%) scanned a number of our sensors for what looks like an anthropic API node. The IP address is known to be a Tor exit node. The requests are pretty simple: GET /anthropic/v1/models Host:...
There’s a new report about two AI coding assistants, used by 1.5 million developers, that are surreptitiously sending a copy of everything they ingest to China. Maybe avoid using them.
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Je me suis rendu compte récemment que le fait de faire mes projets en stream me bouffait toute mon énergie, ce qui avait pour conséquence un très faible nombre de billets de blog publiés ces dernières années. Il est peut-être temps pour moi de...
Here is an overview of content I published in January: Blog posts: Update: hash.py Version 0.0.14 Update: zipdump.py Version 0.0.33 SANS ISC Diary entries: YARA-X 1.11.0 Release: Hash Function Warnings Wireshark 4.6.3 Released “How many states...
CodeTwo is a Linux box hosting a developer sandbox where users can execute JavaScript code. The site uses js2py, which I’ll exploit via CVE-2024-28397 to escape the sandbox and get remote code execution. From there, I’ll find MD5 password hashes...
A new species of squid. pretends to be a plant: Scientists have filmed a never-before-seen species of deep-sea squid burying itself upside down in the seafloor—a behavior never documented in cephalopods. They captured the bizarre scene while...
Charlie, one of our readers, has fowarded an interesting phishing email. The email was sent to users of the Vivladi Webmail service. While not overly convincing, the email is likely sufficient to trick a non-empty group of users: The e-mail gets...
From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Members of the NetExec team created a small lab as a CTF for the Barbhack conference that took place in August 2025 in the South of France. There are four Windows servers on an Active Directory domain. I’ll find a leaked password on a printer...
Aucun article de sécurité disponible