SANS ISC Archives - Help Net Security

SANS ISC

Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations

December 15, 2021

Due to the extraordinary widespread use of the open-source Apache Log4j library, the saga of the Log4Shell (CVE-2021-44228) vulnerability is nowhere near finished. As Dr. …

Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation

December 13, 2021

Several days have passed since the dramatic reveal of CVE-2021-44228 (aka Log4Shell), an easily exploitable (without authentication) RCE flaw in Apache Log4j, a popular …

Phishers tricking users via fake LinkedIn Private Shared Document

February 18, 2021

Phishers are trying to trick users into opening a “LinkedIn Private Shared Document” and entering their login credentials into a fake LinkedIn login page, security …

Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)

October 29, 2020

A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. Oracle …

Attackers are probing Citrix controllers and gateways through recently patched flaws

July 10, 2020

Earlier this week, Citrix released security updates for Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins …

Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

July 8, 2020

Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …

Better cybersecurity hinges on understanding actual risks and addressing the right problems

July 7, 2020

SANS Technology Institute’s Internet Storm Center (ISC) has been a valuable warning service and source of critical cyber threat information to internet users, …

Kwampirs threat actor continues to breach transnational healthcare orgs

March 31, 2020

The Kwampirs (aka Orangeworm) attack group continues to target global healthcare entities in this time of crisis, the FBI has warned. “Targeted entities range from major …

First patches for the Citrix ADC, Gateway RCE flaw released

January 21, 2020

As attackers continue to hit vulnerable Citrix (formerly Netscaler) ADC and Gateway installations, Citrix has released permanent fixes for some versions and has promised to …

January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSA

January 14, 2020

As forecasted, January 2020 Patch Tuesday releases by Microsoft and Adobe are pretty light: the “star of the show” is CVE-2020-0601, a Windows flaw flagged by the …

Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing

January 13, 2020

With several exploits targeting CVE-2019-19781 having been released over the weekend and the number of vulnerable endpoints still being over 25,000, attackers are having a …

Critical Exim flaw exploitable locally and remotely, patch ASAP!

June 7, 2019

A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the …

SANS ISC

Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations

Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation

Phishers tricking users via fake LinkedIn Private Shared Document

Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)

Attackers are probing Citrix controllers and gateways through recently patched flaws

Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

Better cybersecurity hinges on understanding actual risks and addressing the right problems

Kwampirs threat actor continues to breach transnational healthcare orgs

First patches for the Citrix ADC, Gateway RCE flaw released

January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSA

Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing

Critical Exim flaw exploitable locally and remotely, patch ASAP!

Don't miss

New infosec products of the week: January 28, 2022

Why we can’t put all our trust into AI

Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials

Malware resets Android devices after performing fraudulent wire transfers

How would zero trust prevent a Log4Shell attack?