Author Archives: SANS Internet Storm Center, InfoCON: green

Conflicts between URL mapping and URL based access control., (Mon, Nov 24th)

Posted on by

We continue to encounter high-profile vulnerabilities related to the use of URL mapping (or “aliases”) with URL-based access control. Last week, we wrote about the Oracle Identity Manager vulnerability. I noticed some scans for an older vulnerability with similar roots today:

Continue reading Conflicts between URL mapping and URL based access control., (Mon, Nov 24th)

Posted in Uncategorized

Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)

Posted on by

From time to time, it can be instructive to look at generic phishing messages that are delivered to one’s inbox or that are caught by basic spam filters. Although one usually doesn’t find much of interest, sometimes these little excursions into what should be a run-of-the-mill collection of basic, commonly used phishing techniques can lead one to find something new and unusual. This was the case with one of the messages delivered to our handler inbox yesterday…

Continue reading Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)

Posted in Uncategorized

Oracle Identity Manager Exploit Observation from September (CVE-2025-61757), (Thu, Nov 20th)

Posted on by

Searchlight Cyber today released a blog detailing CVE-2025-61757, a vulnerability they reported to Oracle. Oracle released a patch for the vulnerability as part of its October Critical Patch Update, which was released on October 21st.

Continue reading Oracle Identity Manager Exploit Observation from September (CVE-2025-61757), (Thu, Nov 20th)

Posted in Uncategorized