Weekly Update 446
After an unusually long day of travelling from Iceland, we've finally made it to the land of Guinness, Leprechauns, and a tax haven for...
Industrial-strength April Patch Tuesday covers 135 CVEs – Sophos News
Microsoft on Tuesday released 135 patches affecting 19 product families. Ten of the addressed issues, all remote code execution issues, are considered by Microsoft...
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
î ‚Apr 08, 2025î „Ravie LakshmananNetwork Security / Vulnerability
Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker...
The 2025 Sophos Active Adversary Report – Sophos News
The Sophos Active Adversary Report celebrates its fifth anniversary this year. The report grew out of a simple question: What happens after attackers breach...
Accessing the MS-NRPC interface as the RPC client without authentication
In the first part of our research, I demonstrated how we revived the concept of no authentication (null session) after many years. This involved...
Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive [Guest Diary]
For the last 5 months, as part of my BACS internship with SANS, I have monitored two deployments of a DShield Sensor, sometimes referred...
