SANS Internet Storm Center, InfoCON: green SANS Internet Storm Center - Cooperative Cyber Security Monitor
- Infocon: greenon 12 March 2025 at 12:45 am
Microsoft Patch Tuesday: March 2025
- Microsoft Patch Tuesday: March 2025, (Tue, Mar 11th)on 11 March 2025 at 5:52 pm
The March patch Tuesday looks like a fairly light affair, with only 51 vulnerabilities total and only six rated as critical. However, this patch Tuesday also includes six patches for already exploited, aka "0-Day" vulnerabilities. None of the already exploited vulnerabilities are rated as critical.
- ISC Stormcast For Tuesday, March 11th, 2025 https://isc.sans.edu/podcastdetail/9358, (Tue, Mar 11th)on 11 March 2025 at 2:00 am
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
- Shellcode Encoded in UUIDs, (Mon, Mar 10th)on 10 March 2025 at 8:23 am
I returned from another FOR610[1] class last week in London. One key tip I give to my students is to keep an eye on "strange" API calls. In the Windows ecosystem, Microsoft offers tons of API calls to developers. The fact that an API is used in a program does not always mean we are facing malicious code, but sometimes, some of them are derived from their official purpose. One of my hunting rules for malicious scripts is to search for occurrences of the ctypes[2] library. It allows Python to call functions in DLLs or shared libraries.
- ISC Stormcast For Monday, March 10th, 2025 https://isc.sans.edu/podcastdetail/9356, (Mon, Mar 10th)on 10 March 2025 at 2:00 am
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.