My Next Class

… more classes

Increased Elasticsearch Recognizance Scans
Our honeypots noted an increase in reconnaissance scans for Elasticsearch. In particular, the endpoint /_cluster/settings is hit hard.
https://isc.sans.edu/diary/Increased%20Elasticsearch%20Recognizance%20Scans/32212

Microsoft Patch Tuesday Issues
Microsoft noted some issues deploying the most recent patches with WSUS. There are also issues with certain SSDs if larger files are transferred.
https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-24h2#3635msgdesc
https://www.tomshardware.com/pc-components/ssds/latest-windows-11-security-patch-might-be-breaking-ssds-under-heavy-workloads-users-report-disappearing-drives-following-file-transfers-including-some-that-cannot-be-recovered-after-a-reboot

SAP Vulnerabilities Exploited CVE-2025-31324, CVE-2025-42999
Details explaining how to take advantage of two SAP vulnerabilities were made public
https://onapsis.com/blog/new-exploit-for-cve-2025-31324/

Login here to join the discussion.