Sans News Feed
- How has use of framing protection security headers changed in the past 3 years?, (Wed, Jun 10th) June 10, 2026Back in 2023, I wrote a diary[1] discussing how commonly X-Frame-Options and CSP headers containing the frame-ancestors directive were used on 1 million most popular domains on the internet (based on the Tranco list[2]), and how they were set. Given that three years have passed since then, I thought it might be interesting to repeat […]
- ISC Stormcast For Wednesday, June 10th, 2026 https://isc.sans.edu/podcastdetail/9966, (Wed, Jun 10th) June 10, 2026
- Microsoft June 2026 Patch Tuesday, (Tue, Jun 9th) June 9, 2026Microsoft today released patches for 204 vulnerabilities. 38 of these vulnerabilities are considered critical, and three have been disclosed before today. Six of the vulnerabilities affect Microsoft cloud solutions and do not require any user action. In addition, Microsoft incorporated 360 different vulnerabilities affecting Chromium into its Edge browser.
- ISC Stormcast For Tuesday, June 9th, 2026 https://isc.sans.edu/podcastdetail/9964, (Tue, Jun 9th) June 9, 2026
- TeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th) June 8, 2026This diary continues the Internet Storm Center's tracking of the TeamPCP supply chain campaign, first documented in the SANS white paper When the Security Scanner Became the Weapon and most recently in the handler diary Activity Through 2026-05-24. Since that update, the story moved into two new places: the United States government, which formally caught […]
- ISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th) June 8, 2026
- The Evil MSI Background is Back!, (Fri, Jun 5th) June 5, 2026A few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1]. Yesterday, I spotted another one! It seems that the technic is getting more and more popular. This time, it started with a mail containing a WeTransfer link.
- ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th) June 5, 2026
- Microsoft's Coreutils for Windows, (Thu, Jun 4th) June 4, 2026I've been using the GnuWin32 CoreUtils for Windows for many years now (it gives you many *nix core commands on Windows).
- ISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th) June 4, 2026