Windows Netlogon RCE CVE-2026-41089 Exploited
CVE-2026-41089 Windows Netlogon RCE exploited in the wild. Oracle WebLogic CVE-2024-21182 active. Red Hat npm supply chain attack hits 32 packages.
Posts
PAN-OS Auth Bypass CVE-2026-0257 Exploited in the Wild
CVE-2026-0257 PAN-OS auth bypass exploited 4 days post-disclosure. Microsoft MFA outage blocks enrollments. 19-year Linux kernel root flaw goes public.
Windows Event Log Forensics: What Each Event ID Actually Means
Windows event log forensics decoded — 4624, 4625, 4672, 4688, 4634, 7045, 1102 and how to read them in an investigation.
Chain of Custody: The Single Mistake That Loses Court Cases
Chain of custody in digital forensics — what to document, the seven failure modes that get evidence thrown out, and the form fields a court actually requires.
Cisco AI Defense — A Technical Walkthrough of the Five Pillars
Cisco AI Defense secures the AI lifecycle — discovery, validation, runtime protection, supply chain, and shadow-AI control. A solutions engineer's deep …
Disk Imaging in Forensics: dd vs FTK Imager vs Autopsy
Forensic disk imaging compared — dd, FTK Imager, and Autopsy. When to use each, write-blocker requirements, hash verification, and court-admissible output.
Cisco ISE BYOD Onboarding Guide — Self-Service Without Tickets
Complete Cisco ISE BYOD onboarding guide — dual-SSID flow, internal CA, native supplicant provisioning, MyDevices portal, and lifecycle management.
PAN-OS IKEv2 and DNS Proxy RCEs — CVE-2026-0263
CVE-2026-0263 and CVE-2026-0264 deliver RCE in PAN-OS VPN and DNS processing. FortiClient EMS CVE-2026-35616 exploited in the wild.
Carnival Breach — ShinyHunters Steal 5.9M Records
ShinyHunters breach Carnival for 5.9M records. Google unifies Mandiant, Wiz, and Gemini. JINX-0164 deploys macOS backdoors against crypto firms.
Cisco ISE TACACS+ Device Admin Guide — Done Safely
Complete Cisco ISE TACACS+ device admin guide — Device Admin persona, shell profiles, command sets, AD integration, and the safe AAA chain pattern.