Security Bulletin

Cisco is committed to supporting Veterans through various programs, including the new Veteran Leadership Program, which helps Veterans transition into civilian careers and leverages their unique… Read more on Cisco Blogs

The first thing to do, when analyzing a potentially malicious PDF, is to look for the /Encrypt name as explained in diary entry Analyzing an Encrypted Phishing PDF.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

In yesterday's diary entry " zipdump & Evasive ZIP Concatenation" I showed how one can inspect the PKZIP records that make up a ZIP file.

On Friday's Stormcast, Johannes talks about Evasive ZIP Concatenation, a technique where 2 (or more) ZIP files are concatenated together to evade detection.

The SANS Holiday Hack Challenge is open early this year:

Large language models (LLMs) can help app security firms find and fix software vulnerabilities. Malicious actors are on to them, too, but here's why defenders may retain the edge.

Direct cyberattacks on vehicles are all but unheard of. In theory though, the opportunity is there to cause real damage — data extraction, full system compromise, even gaining access to safety-critical systems.

It remains unclear how the attackers gained access to Newpark Resources' system, or what they plan to do with any stolen data the strike may have spewed out.

CISA urges security teams to run the patch right away and don’t let devices running Palo Alto Expedition software on the public internet.

The European Union's Digital Operational Resilience Act requires financial entities to focus on third-party risk, resilience, and testing.