Exploit Against FreePBX (CVE-2025-57819) with code execution., (Tue, Oct 7th) FreePBX因SQL注入漏洞允许攻击者修改数据库并执行任意代码。攻击者可插入恶意命令至cron_jobs表，创建自毁PHP脚本（如uname -a），并利用cron任务持续重建。该漏洞于2023年8月28日公开并被利用，建议及时更新系统修复。... 2025-10-7 16:23:36 | 阅读: 13 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu freepbx php rspgf database asterisk

ISC Stormcast For Tuesday, October 7th, 2025 https://isc.sans.edu/podcastdetail/9644, (Tue, Oct 7th) ISC Stormcast播客讨论网络威胁与防御策略，由Johannes Ullrich主持，当前威胁级别为绿色。... 2025-10-7 02:0:3 | 阅读: 16 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc security feeds 6th 1st

Quick and Dirty Analysis of Possible Oracle E-Business Suite Exploit Script (CVE-2025-61882), (Mon, Oct 6th) Oracle发布安全公告披露E-Business Suite漏洞，并提供补丁。分析显示攻击者利用CSRF令牌和SSRF技术通过恶意请求连接外部服务器。HTTP请求中使用无效版本1.2可能用于绕过过滤器。... 2025-10-6 03:50:24 | 阅读: 33 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu mozilla chrome windows security evilhost

ISC Stormcast For Monday, October 6th, 2025 https://isc.sans.edu/podcastdetail/9642, (Mon, Oct 6th) ISC Stormcast播客内容涉及网络安全威胁与防护，值班人员为Johannes Ullrich，当前威胁级别为绿色。页面提供课程信息及多种安全工具链接。... 2025-10-6 02:45:14 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 6th isc feeds security

ISC Stormcast For Friday, October 3rd, 2025 https://isc.sans.edu/podcastdetail/9640, (Fri, Oct 3rd) ISC Stormcast播客于2025年10月3日发布，讨论网络安全威胁，并提到即将在Denver举行的Application Security课程时间为10月4日至9日。当前的威胁级别为绿色，由Johannes Ullrich负责值班。... 2025-10-3 02:0:2 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers security 9th 4th isc

More .well-known Scans, (Thu, Oct 2nd) 文章讨论了".well-known"目录中的重要文件及其用途，并指出攻击者常扫描这些文件进行侦察。提醒不要随意删除必要文件，并建议设置".well-known/security.txt"以增强安全性。... 2025-10-2 14:8:39 | 阅读: 17 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu openid attacker developers attackers security

ISC Stormcast For Thursday, October 2nd, 2025 https://isc.sans.edu/podcastdetail/9638, (Thu, Oct 2nd) 文章描述了一个安全中心的网页内容，包括登录选项、课程信息（如“Application Security”）、播客链接（ISC Stormcast）、工具列表（如DShield Sensor）以及联系信息等。页面还显示当前威胁级别为绿色。... 2025-10-2 02:0:3 | 阅读: 16 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu security isc feeds 9th papers

ISC Stormcast For Wednesday, October 1st, 2025 https://isc.sans.edu/podcastdetail/9636, (Wed, Oct 1st) 文章介绍网络威胁情报与安全事件分析，提供ISC Stormcast播客和DShield工具等资源，并实时更新威胁动态。... 2025-10-1 02:0:2 | 阅读: 13 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu 9th security isc 4th

[Guest Diary] Comparing Honeypot Passwords with HIBP, (Wed, Oct 1st) Draden Barwick开发了一个工具，利用HaveIBeenPwned的API分析DShield蜜罐收集的密码尝试数据，识别未出现在已知泄露中的密码。该工具通过解析日志文件提取唯一密码，并检查其是否被HIBP记录过。结果显示有1,196个密码未被发现过，并揭示了攻击者常用的密码模式和目标。... 2025-9-30 23:1:11 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu passwords cowrie jq hibp eventid

"user=admin". Sometimes you don't even need to log in., (Tue, Sep 30th) 文章讨论了信息安全中的常见漏洞，特别是通过HTTP cookie获取用户身份信息以进行攻击的问题。举例说明了多个设备和系统的漏洞利用情况，包括TBK DVR、LB-LINK路由器、Tenda O3V2无线接入点等，并指出这些漏洞被广泛利用。... 2025-9-30 15:2:21 | 阅读: 15 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu cmx goform gw username

ISC Stormcast For Tuesday, September 30th, 2025 https://isc.sans.edu/podcastdetail/9634, (Tue, Sep 30th) ISC Stormcast播客于2025年9月30日发布，由Johannes Ullrich主持，讨论网络安全相关话题。... 2025-9-30 02:0:3 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc feeds 4th papers 9th

Apple Patches Single Vulnerability CVE-2025-43400, (Mon, Sep 29th) 苹果发布iOS 26.0.1等更新修复安全漏洞，影响多个操作系统版本及旧版系统。该漏洞涉及字体解析器，可能导致应用终止或内存损坏，尚未被利用。... 2025-9-29 20:28:54 | 阅读: 14 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu affects security visionos sonoma memory

Increase in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400), (Mon, Sep 29th) 文章描述了Palo Alto设备中CVE-2024-3400漏洞的利用方式，攻击者通过上传文件到特定路径并尝试执行代码。当前攻击主要集中在 honeypot 上的 /global-protect/portal/images 路径，上传成功返回 403 错误，失败则返回 404 错误。... 2025-9-29 18:42:46 | 阅读: 15 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu client chrome alto mozilla honeypot

ISC Stormcast For Monday, September 29th, 2025 https://isc.sans.edu/podcastdetail/9632, (Mon, Sep 29th) read file error: read notes: is a directory... 2025-9-29 02:5:18 | 阅读: 7 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers security 9th feeds

New tool: convert-ts-bash-history.py, (Fri, Sep 26th) 作者介绍了自己开发的脚本 `convert-ts-bash-history.py`，用于解析 `.bash_history` 文件并生成包含文件路径、时间和命令的 PSV 格式输出。该工具适用于快速分析 Bash 历史记录，并支持通过排序按时间排列结果。作者还提到未来可能增加 CSV 格式输出和其他功能改进，并提醒用户注意 Bash 历史记录仅在 shell 退出时写入磁盘。... 2025-9-26 22:26:21 | 阅读: 15 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu clausing timestamps github miami psv

ISC Stormcast For Friday, September 26th, 2025 https://isc.sans.edu/podcastdetail/9630, (Fri, Sep 26th) read file error: read notes: is a directory... 2025-9-26 04:5:15 | 阅读: 12 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu feeds security 4th 9th

Webshells Hiding in .well-known Places, (Thu, Sep 25th) read file error: read notes: is a directory... 2025-9-25 14:24:49 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu php acme honeypots webshells

ISC Stormcast For Thursday, September 25th, 2025 https://isc.sans.edu/podcastdetail/9628, (Thu, Sep 25th) read file error: read notes: is a directory... 2025-9-25 03:40:13 | 阅读: 15 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu isc stormcast thursday 25th

Exploit Attempts Against Older Hikvision Camera Vulnerability, (Wed, Sep 24th) read file error: read notes: is a directory... 2025-9-24 15:11:36 | 阅读: 16 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu hikvision cameras security 7921

ISC Stormcast For Wednesday, September 24th, 2025 https://isc.sans.edu/podcastdetail/9626, (Wed, Sep 24th) read file error: read notes: is a directory... 2025-9-24 03:15:14 | 阅读: 11 | 收藏 | SANS Internet Storm Center, InfoCON: green - isc.sans.edu papers 9th security feeds