@jullrich.bsky.social
Collector of logs, packets, and malware. Dean of Research at SANS.edu. Go Sentinels!
merged in what way? no break in the audio?
19.09.2025 16:01 β π 1 π 0 π¬ 0 π 0SharePoint exploitation has entered the parasitic phase. We are seeing hits to >100 distinct possible web shell URLs. Some of them may just be guesses.
Sample:
spininstall[0-9].aspx,spinstallx.aspx,Error404.1.aspx,info3.aspx,error.aspx
spinstall0.thank_you_defeners_for_rapid_response.aspx :)
My presentation in San Diego tonight will be streamed online: sans.org/webcasts/dev...
Developers, Developers, Developers: Three Ways How Your Software Supply Chain is Attacked
To whoever uses the username "/usr/share/wordlists/logins.txt" to attempt to log in to our honeypots: You are using your brute forcing tool wrong! :) [at least use a file in your home directory so we can see your username... probably root?]
06.04.2025 19:26 β π 1 π 0 π¬ 0 π 0
Happy 50th Birthday, Microsoft, and thanks for all the vulnerabilities over the years that have helped me pay many of my bills!
04.04.2025 17:47 β π 2 π 0 π¬ 0 π 0
Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)
π Read more: www.helpnetsecurity.com/2025/04/03/a...
#cybersecurity #cybersecuritynews #vulnerability
@jullrich.bsky.social
14.03.2025 18:33 β π 0 π 0 π¬ 0 π 0
Some spam just makes you shake your head... what are they selling? IoT parenting solutions? There is an "Infant Industry"??
25.02.2025 17:21 β π 0 π 0 π¬ 0 π 0Scanning my news feed: Buffer overflows are a thing, Mirai is attacking routers, and SSL VPN gateway flaws are attacked. Come on: give me something to work with, give me hope! Can I get at a cool SSRF vuln? A Unicode encoding mistake? An IPv6 problem? SOMETHING TO PROVE THAT THAT ANYBODY CARES!!
12.02.2025 17:12 β π 0 π 0 π¬ 0 π 0
animated gif displaying the ISC logo, the text 16 years, 3920 episodes, 435 hours of content and thanks for listening.
16 years ago, I started the daily SANS Internet Storm Center Stormcast. Over 16 years, I recorded about 3,900 episodes and 26,000 minutes of content (sounds more impressive than 16 days :) ).
Subscribe to it wherever you find podcasts. (or Alexa Flash Briefings, YouTube)
isc.sans.edu/podcast.html
and Track 3 is still my favorite
Just noted this fun memorabilia in my GIAC certification history. Who remembers Track 1 ? Also got a Track 2 (Firewalls) ;-)
04.02.2025 18:48 β π 1 π 0 π¬ 0 π 0
text message advertising a job for a TikTok backup talent.
First time seeing this, one day before the expected TikTok shut down. Final attempts to monetize soon to be obsolete scripts? Anything else behind these obvious scams?
16.01.2025 14:05 β π 1 π 0 π¬ 0 π 0
The vulnerability Yee Ching wrote about in today's diary may be 12 years old. But Norton AnitVirus still can't distinguish an article about an attack from the attack itself. If your AV alerts are on isc.sans.edu, the site is safe. I promise :)
15.01.2025 12:36 β π 5 π 2 π¬ 1 π 0
I'm doing a 24-year DShield anniversary special sticker giveaway for a week. Free stickers... there will be a limited number each day. You need to log in, and you will need to use the code BLUESKY . isc.sans.edu/sticker.html
28.11.2024 16:33 β π 0 π 0 π¬ 0 π 0
screenshot of a message saying "Ullrich, Johannes" mentioned by "ULLRICH, JohannesB."
Is anybody else getting spam like this from "academia.com"? The reason I call it spam is that (a) I probably didn't mention myself on a platform I am not using (b) the only way to see what I said about myself requires $5.
I am aware of similar platforms like Researchgate and am using them.
screenshot of Microsoft Defender detail pane showing no details
Clicking on "details" isn't exactly helpful in MSFT Defender
16.11.2023 16:22 β π 0 π 0 π¬ 0 π 0
When your AI sales pitch falls flat..
23.10.2023 14:59 β π 3 π 0 π¬ 0 π 0
First test post⦠and well, just trying to setup this 5G access point as Comcast is down ⦠only one small issue with the default password
20.10.2023 14:09 β π 3 π 0 π¬ 0 π 0
