🚨 An actor using the CL0P brand is exploiting an Oracle E-Business Suite zero-day (CVE-2025-61882) in an extortion campaign.
Our latest blog post examines:
🔹 Campaign details
🔹 In-memory Java implant framework
🔹 Guidance and IOCs for defenders
👉 https://t.co/vakO2okge1
16 years ago, I started the daily SANS Internet Storm Center "Stormcast." Hoping that it still helps to make the tens of thousands of listeners "Sound Smarter" as they get to work in the morning. It can be challenging to stay updated in information security and to cut through the noise to figure out what matters, what is new, and how to respond to recent threats. I hope this podcast adds more signal than noise each day. Because security is best if it is a bit boring. Over 16 years, I recorded about 3,900 episodes and 26,000 minutes of content (sounds more impressive than 16 days 😉 ). Subscribe to it wherever you find podcasts. Works on Alexa flash briefings, YouTube, and more.
https://t.co/ifcOwtT7IN
Thanks to all the listeners, the SANS ISC Handlers,
@SANS_EDU@SANSInstitute
@paraschopra Your password should be something like ="AZ"&RANDBETWEEN(0,100000)
Now it has a comma to break CSVs, and has a command to generate a random password if the hacker loads the DB as an XLS
@EugenioTheCat@helloericma@deeper_network No I never said it was the bottom, but I am holding long term and took a great opportunity to go from making ~2 DPR a day to making 19 DPR a day at a discount.