A brief daily summary of what is important in information security. The podcast is published every w
Sudo chroot Elevation of Privilege The sudo chroot option can be leveraged by any local user to ele
Scattered Spider Update The threat actor known as Scattered Spider is in the news again, this time
Open-VSX Flaw Puts Developers at Risk A flaw in the open-vsx extension marketplace could have let t
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543 Citrix patched a memory ove
Quick Password Brute Forcing Evolution Statistics After collecting usernames and passwords from our
Scans for Ichano AtHome IP Cameras A couple days ago, a few sources started scanning for the userna
ADS & Python Tools Didier explains how to use his tools cut-bytes.py and filescanner to extract inf
How Long Until the Phishing Starts? About Two Weeks After setting up a Google Workspace and adding
Extracting Data From JPEGs Didier shows how to efficiently extract data from JPEGs using his tool j
Katz Stealer in JPG Xavier found some multistage malware that uses an Excel Spreadsheet and an HTA
Automated Tools to Assist with DShield Honeypot Investigations https://isc.sans.edu/diary/Automated
Quasar RAT Delivered Through Bat Files Xavier is walking you through a quick reverse analysis of a
Microsoft Patch Tuesday Microsoft today released patches for 67 vulnerabilities. 10 of these vulner
OctoSQL & Vulnerability Data OctoSQL is a neat tool to query files in different formats using SQL.
Extracting With pngdump.py Didier extended his pngdump.py script to make it easier to extract addit
Be Careful With Fake Zoom Client Downloads Miscreants are tricking victims into downloading fake Zo
Phishing e-mail that hides malicious links from Outlook users Jan found a phishing email that hides
vBulletin Exploits CVE-2025-48827, CVE-2025-48828 We do see exploit attempts for the vBulletin flaw
Simple SSH Backdoor Xavier came across a simple SSH backdoor taking advantage of the ssh client pre
