Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Player FM - Internet Radio Done Right
Checked 9h ago
Adăugat two ani în urmă
Content provided by Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
Similar cu SANS Internet Storm Center's Daily Network Security News Podcast
The avforums podcast brings you the latest tech, movie and gaming news, plus special features, interviews and show reports from the world of audio visual home entertainment
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 19:00 UTC.
…
continue reading
Ever wondered how automation will change the world? Maybe you puzzle over what India could do to ease traffic congestion, or how China's aircraft carriers will transform Indian Ocean geopolitics? All Things Policy, a daily podcast brought to you by the Takshashila Institution, brings you all the answers. Every weekday, our researchers break down complex economic and geopolitical ideas through the lens of current events. For everyone from the busy executive to the curious student, All Things ...
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Entrepreneurship empowers everyone
…
continue reading
Babbage is our weekly podcast on science and technology, named after Charles Babbage—a 19th-century polymath and grandfather of computing. Host Alok Jha talks to our correspondents about the innovations, discoveries and gadgetry shaping the world. Published every Wednesday. If you’re already a subscriber to The Economist, you’ll have full access to all our shows as part of your subscription. For more information about Economist Podcasts+, including how to get access, please visit our FAQs pa ...
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
The economy and the markets are "under surveillance" as we cover the latest in finance, economics and investment. Listen to Jonathan Ferro, Lisa Abramowicz and Annmarie Hordern for the top interviews from Bloomberg Surveillance Television. And join Tom Keene and Paul Sweeney for the best conversations from Bloomberg Surveillance Radio. Watch Surveillance TV LIVE each mornings: http://bit.ly/3P7nstQ. Watch Surveillance Radio LIVE weekday mornings: http://bit.ly/3vTiACF.
…
continue reading
Player FM - Aplicație Podcast
Treceți offline cu aplicația Player FM !
Treceți offline cu aplicația Player FM !
))
Daily Deals
Podcasturi care merită ascultate
SPONSORIZAT
T
TechSurge: Deep Tech VC Podcast
1 Understanding the Elegant Math Behind Modern Machine Learning 1:14:43
1:14:43 
Redare mai Târziu 
Redare mai Târziu 
Liste 
Like 
Plăcut1:14:43
Redare mai Târziu
Redare mai Târziu
Liste
Like
PlăcutArtificial intelligence is evolving at an unprecedented pace—what does that mean for the future of technology, venture capital, business, and even our understanding of ourselves? Award-winning journalist and writer Anil Ananthaswamy joins us for our latest episode to discuss his latest book Why Machines Learn: The Elegant Math Behind Modern AI . Anil helps us explore the journey and many breakthroughs that have propelled machine learning from simple perceptrons to the sophisticated algorithms shaping today’s AI revolution, powering GPT and other models. The discussion aims to demystify some of the underlying math that powers modern machine learning to help everyone grasp this technology impacting our lives, even if your last math class was in high school. Anil walks us through the power of scaling laws, the shift from training to inference optimization, and the debate among AI’s pioneers about the road to AGI—should we be concerned, or are we still missing key pieces of the puzzle? The conversation also delves into AI’s philosophical implications—could understanding how machines learn help us better understand ourselves? And what challenges remain before AI systems can truly operate with agency? If you enjoy this episode, please subscribe and leave us a review on your favorite podcast platform. Sign up for our newsletter at techsurgepodcast.com for exclusive insights and updates on upcoming TechSurge Live Summits. Links: Read Why Machines Learn, Anil’s latest book on the math behind AI https://www.amazon.com/Why-Machines-Learn-Elegant-Behind/dp/0593185749 Learn more about Anil Ananthaswamy’s work and writing https://anilananthaswamy.com/ Watch Anil Ananthaswamy’s TED Talk on AI and intelligence https://www.ted.com/speakers/anil_ananthaswamy Discover the MIT Knight Science Journalism Fellowship that shaped Anil’s AI research https://ksj.mit.edu/ Understand the Perceptron, the foundation of neural networks https://en.wikipedia.org/wiki/Perceptron Read about the Perceptron Convergence Theorem and its significance https://www.nature.com/articles/323533a0…
Network Security News Summary for Tuesday November 05th, 2024
Manage episode 448514075 series 3433692
Content provided by Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
Analyzing Encrypted PDFs; Okta Passwordless Password Leak; QuRouter Patch; Google AI Tool finds SQLite vuln Analyzing an Encrypted Phishing PDF https://isc.sans.edu/diary/Analyzing%20an%20Encrypted%20Phishing%20PDF/31404 Okta Verify Desktop MFA For Windows Password Less Login CVE-2024-9191 https://trust.okta.com/security-advisories/okta-verify-desktop-mfa-for-windows-passwordless-login-cve-2024-9191/ QNAP QuRouter Vulnerability and Patch https://www.qnap.com/en/security-advisory/qsa-24-45 From Naptime to Big Sleep https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html Authenticated SQL injection vulnerability - ManageEngine ADManager Plus CVE-2024-48878 https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2024-48878.html keywords: zoho; manage engine; admanager; naptime; big sleep; qnap; qurouter; Okta; PDF; qpdf; pdf-parser;
…
continue reading
1001 episoade
Network Security News Summary for Tuesday November 05th, 2024
SANS Internet Storm Center's Daily Network Security News Podcast
DistribuieManage episode 448514075 series 3433692
Content provided by Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
Analyzing Encrypted PDFs; Okta Passwordless Password Leak; QuRouter Patch; Google AI Tool finds SQLite vuln Analyzing an Encrypted Phishing PDF https://isc.sans.edu/diary/Analyzing%20an%20Encrypted%20Phishing%20PDF/31404 Okta Verify Desktop MFA For Windows Password Less Login CVE-2024-9191 https://trust.okta.com/security-advisories/okta-verify-desktop-mfa-for-windows-passwordless-login-cve-2024-9191/ QNAP QuRouter Vulnerability and Patch https://www.qnap.com/en/security-advisory/qsa-24-45 From Naptime to Big Sleep https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html Authenticated SQL injection vulnerability - ManageEngine ADManager Plus CVE-2024-48878 https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2024-48878.html keywords: zoho; manage engine; admanager; naptime; big sleep; qnap; qurouter; Okta; PDF; qpdf; pdf-parser;
…
continue reading
1001 episoade
Toate episoadele
×
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Tuesday Mar 4th: Mark of the Web Details; Sharepint and Click-Fix Phishing; Paragon Partionmanager BYOVD Exploit (#) 6:17
SANS Stormcast Tuesday Mar 4th: Mark of the Web Details; Sharepint and Click-Fix Phishing; Paragon Partionmanager BYOVD Exploit Mark of the Web: Some Technical Details Windows implements the "Mark of the Web" (MotW) as an alternate data stream that contains not just the "zoneid" of where the file came from, but may include other data like the exact URL and referrer. https://isc.sans.edu/diary/Mark%20of%20the%20Web%3A%20Some%20Technical%20Details/31732 Havoc Sharepoint with Microsoft Graph API A recent phishing attack observed by Fortinet uses a simple HTML email to trick a user into copy pasting powershell into their system to execute additional code. Most of the malware interaction uses a Sharepoint site via Microsoft's Graph API futher hiding the malicious traffic https://www.fortinet.com/blog/threat-research/havoc-sharepoint-with-microsoft-graph-api-turns-into-fud-c2 Paragon Partition Manager Exploit A vulnerable Paragon Partition Manager has been user recently to escalate privileges for ransomware deployment. Even if you to not have PAragon installed: An attacker may just "bring the vulnerable driver" to your system. https://kb.cert.org/vuls/id/726882 keywords: paragon; partition; manager; sharepoint; clickfix; click-fix; phishing; motw…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Monday Mar 3rd: AI Training Data Leaks; MITRE Caldera Vuln; modsecurity bypass (#) 7:09
SANS Stormcast Monday Mar 3rd: AI Training Data Leaks; MITRE Caldera Vuln; modsecurity bypass Common Crawl includes Common Leaks The "Common Crawl" dataset, a large dataset created by spidering website, contains as expected many API keys and other secrets. This data is often used to train large language models https://trufflesecurity.com/blog/research-finds-12-000-live-api-keys-and-passwords-in-deepseek-s-training-data Github Repositories Exposed by Copilot As it is well known, Github's Copilot is using data from public GitHub repositories to train it's model. However, it appears that repositories who were briefly left open and later made private have been included as well, allowing Copilot users to retrieve files from these repositories. https://www.lasso.security/blog/lasso-major-vulnerability-in-microsoft-copilot MITRE Caldera Framework Allows Unauthenticated Code Execution The MITRE Caldera adversary emulation framework allows for unauthenticted code execution by allowing attackers to specify compiler options https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0e modsecurity Rule Bypass Attackers may bypass the modsecurity web application firewall by prepending encoded characters with 0. https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-42w7-rmv5-4x2j keywords: ai; copilot; api keys; mitre; caldera; common crawl;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Friday Feb 28th: Njrat devtunnels.ms; Apple FindMe Abuse; XSS Exploited; @sans_edu Ben Powell EDR vs. Ransomware (#) 14:28
14:28 Redare mai Târziu Redare mai Târziu Liste Like Plăcut14:28
Redare mai Târziu Redare mai Târziu Liste Like PlăcutSANS Stormcast Friday Feb 28th: Njrat devtunnels.ms; Apple FindMe Abuse; XSS Exploited; @sans_edu Ben Powell EDR vs. Ransomware Njrat Compaign Using Microsoft dev Tunnels: A recent version of the Njrat remote admin tool is taking advantage of Microsoft's developer tunnels (devtunnels.ms) as a command and control channel. https://isc.sans.edu/diary/Njrat%20Campaign%20Using%20Microsoft%20Dev%20Tunnels/31724 NrootTag Apple FindMy Abuse Malware could use a weakness in the keys used for Apple FindMy to abuse it to track victims. Updates were released with iOS 18.2, but to solve the issue the vast majority of Apple users must update. https://nroottag.github.io/ 360XSS: Mass Website Exploitation via Virtual Tour Framework The Krpano VR library which is often used to implement 3D virtual tours on real estate websites, is currently being abused to inject spam messages. The XSS vulnerabilty could allow attackers to inject even more malicious JavaScript. https://olegzay.com/360xss/ SANS.edu Research: Proof is in the Pudding: EDR Configuration Versus Ransomware. Benjamin Powell https://www.sans.edu/cyber-research/proof-pudding-edr-configuration-versus-ransomware/ keywords: sans.edu; ben power; krpano; vr; 360; xss; findmy; ios; njrat; microsoft; devtunnels;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Thursday Feb 27th: High Exfil Ports; Malicious VS Code Theme; Developer Workstation Safety; NAKIVO PoC; OpenH264 and rsync vuln; (#) 6:46
SANS Stormcast Thursday Feb 27th: High Exfil Ports; Malicious VS Code Theme; Developer Workstation Safety; NAKIVO PoC; OpenH264 and rsync vuln; Attacker of of Ephemeral Ports Attackers often use ephermeral ports to reach out to download additional resources or exfiltrate data. This can be used, with care, to detect possible compromises. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Malware%20Source%20Servers%3A%20The%20Threat%20of%20Attackers%20Using%20Ephemeral%20Ports%20as%20Service%20Ports%20to%20Upload%20Data/31710 Compromised Visal Studio Code Extension downloaded by Millions Amit Assaraf identified a likely compromised Visual Studio Code theme that was installed by millions of potential victims. Amit did not disclose the exact malicious behaviour, but is asking for victims to contact them for details. https://medium.com/@amitassaraf/a-wolf-in-dark-mode-the-malicious-vs-code-theme-that-fooled-millions-85ed92b4bd26 ByBit Theft Due to Compromised Developer Workstation ByBit and Safe{Wallet} disclosed that the record breaking ethereum theft was due to a compromised Safe{Wallet} developer workstation. A replaced JavaScript file targeted ByBit and altered a transaction signed by ByBit. https://x.com/benbybit/status/1894768736084885929 https://x.com/safe/status/1894768522720350673 PoC for NAKIVO Backup Replication Vulnerability This vulnerability allows the compromise of NAKIVO backup systems. The vulnerability was patched silently in November, and never disclosed by NAKIVO. Instead, WatchTowr now disloses details including a proof of concept exploit. https://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/ OpenH264 Vulnerability https://github.com/cisco/openh264/security/advisories/GHSA-m99q-5j7x-7m9x rsync vulnerability exploited https://www.cisa.gov/known-exploited-vulnerabilities-catalog keywords: rsync, openh254, nakivo; bybit; safewallet; visual studio code;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Wednesday Feb 26th: M365 Infostealer Botnet; Mixing OpenID Keys; Malicious Medical Image Apps (#) 5:59
SANS Stormcast Wednesday Feb 26th: M365 Infostealer Botnet; Mixing OpenID Keys; Malicious Medical Image Apps Massive Botnet Targets M365 with Password Spraying A large botnet is targeting service accounts in M365 with credentials stolen by infostealer malware. https://securityscorecard.com/wp-content/uploads/2025/02/MassiveBotnet-Report_022125_03.pdf Mixing up Public and Private Keys in OpenID The complex OpenID specificiation and the flexibility it supports enables careless administrators to publich private keys instead or in addition to public keys https://blog.hboeck.de/archives/909-Mixing-up-Public-and-Private-Keys-in-OpenID-Connect-deployments.html Healthcare Malware Hunt Part 1: Medial images are often encoded in the DICOM format, an image format unique to medical imaging. Patients looking for viewers for DICOM images are tricked into downloading malware. https://www.forescout.com/blog/healthcare-malware-hunt-part-1-silver-fox-apt-targets-philips-dicom-viewers/ keywords: dicom; medical; malware; openid; m365; infostealer…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Tuesday Feb 25th: Unfurl Updates; Google Ditches SMS; Paypal Phish; Exim, libXML, Parallels Vuln (#) 6:10
SANS Stormcast Tuesday Feb 25th: Unfurl Updates; Google Ditches SMS; Paypal Phish; Exim, libXML, Parallels Vuln Unfurl Update Released Unfurl released an Update fixing a few bugs and adding support to decode BlueSky URLs. https://isc.sans.edu/diary/Unfurl%20v2025.02%20released/31716 Google Confirms GMail To Ditch SMS Code Authentication Google no longer considers SMS authentication save enough for GMail. Instead, it pushes users to use Passkeys, or QR code based app authentication https://www.forbes.com/sites/daveywinder/2025/02/23/google-confirms-gmail-to-ditch-sms-code-authentication/ Beware of Paypal New Address Feature Abuse Attackers are using "address change" e-mails to send links to phishing sites or trick users into calling fake tech support phone numbers. Attackers are just adding the malicious content as part of the address. The e-mail themselves are legitimate PayPal emails and will pass various spam and phishing filters. https://www.bleepingcomputer.com/news/security/beware-paypal-new-address-feature-abused-to-send-phishing-emails/ Exim SQL Injection Vulnerability Exim, with sqlite support and ETRN enabled, is vulnerable to a simple SQL injection exploit. A PoC has been released https://www.exim.org/static/doc/security/CVE-2025-26794.txt https://github.com/OscarBataille/CVE-2025-26794? XMLlib patches https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 0-Day in Parallels https://jhftss.github.io/Parallels-0-day/ keywords: 0-day, parallels, exim; sql; injection; paypal; phishing; sms; google; qmail; unfurl…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Monday Feb 24th: sigs.py update; Google Introdusing Quantum Safe Sigs; MSFT Update Win 11 issues; LTE/5G Vulns; (#) 5:21
SANS Stormcast Monday Feb 24th: sigs.py update; Google Introdusing Quantum Safe Sigs; MSFT Update Win 11 issues; LTE/5G Vulns; Tool Update: Sigs.py Jim updates sigs.py. The tool verifies hashes for files and automatically recognizes what hash is used. https://isc.sans.edu/diary/Tool%20update%3A%20sigs.py%20-%20added%20check%20mode/31706 Google Announcing Quantum Safe Digital Signatures in Cloud KMS Google announced the option to use quantum safe digital signatures for its cloud key management system. https://cloud.google.com/blog/products/identity-security/announcing-quantum-safe-digital-signatures-in-cloud-kms Windows 11 Patch issues The February Patch Tuesday appears to have caused issues with a number of Windows 11 systems. In particular the usability of the file manager appears to be affected. https://www.windowslatest.com/2025/02/16/windows-11-kb5051987-breaks-file-explorer-install-fails-on-windows-11-24h2/ LTE/5G Vulnerabilities Researchers at the university of Florida have identified a large number of vulnerabilities in 5G and LTE networks. https://nathanielbennett.com/publications/ransacked.pdf keywords: ransacked; lte; 5g; windows 11; microsoft; patches; quantum; google; kms; signatures; hashes; sigs.py…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Friday Feb 21st: Kibana Queries; Mongoose Injection; U-Boot Flaws; Unifi Protect Camera Vulnerabilities; Protecting Network Devices as Endpoint (Austin Clark @sans_edu) (#) 12:30
12:30 Redare mai Târziu Redare mai Târziu Liste Like Plăcut12:30
Redare mai Târziu Redare mai Târziu Liste Like PlăcutSANS Stormcast Friday Feb 21st: Kibana Queries; Mongoose Injection; U-Boot Flaws; Unifi Protect Camera Vulnerabilities; Protecting Network Devices as Endpoint (Austin Clark @sans_edu) Using ES|QL In Kibana to Query DShield Honeypot Logs Using the "Elastic Search Piped Query Language" to query DShield honeypot logs https://isc.sans.edu/diary/Using%20ES%7CQL%20in%20Kibana%20to%20Queries%20DShield%20Honeypot%20Logs/31704 Mongoose Flaws Put MongoDB at risk The Object Direct Mapping library Mongoose suffers from an injection vulnerability leading to the potenitial of remote code exeuction in MongoDB https://www.theregister.com/2025/02/20/mongoose_flaws_mongodb/ U-Boot Vulnerabilities The open source boot loader U-Boot does suffer from a number of issues allowing the bypass of its integrity checks. This may lead to the execution of malicious code on boot. https://www.openwall.com/lists/oss-security/2025/02/17/2 Unifi Protect Camera Update https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f keywords: unifi; protect; u-boot; honeypot; kibana; logs;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Wednesday Feb 20th: XWorm Cocktail; Quantum Computing Breakthrough; Signal Phishing (#) 7:02
SANS Stormcast Wednesday Feb 20th: XWorm Cocktail; Quantum Computing Breakthrough; Signal Phishing XWorm Cocktail: A Mix of PE data with PowerShell Code Quick analysis of an interesting XWrom sample with powershell code embedded inside an executable https://isc.sans.edu/diary/XWorm+Cocktail+A+Mix+of+PE+data+with+PowerShell+Code/31700 Microsoft's Majorana 1 Chip Carves New Path for Quantum Computing Microsoft announced a breack through in Quantum computing. Its new prototype Majorana 1 chip takes advantage of exotic majorana particles to implement a scalable low error rate solution to building quantum computers https://news.microsoft.com/source/features/ai/microsofts-majorana-1-chip-carves-new-path-for-quantum-computing/ Russia Targeting Signal Messenger Signal is well regarded as a secure end to end encrypted messaging platform. However, a user may be tricked into providing access to their account by scanning a QR code masquerading as a group channel invitation. https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger/ keywords: russia; signal; ukraine; quantum; majorana; xworm; powershell…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Tuesday Feb 19th: ModelScan AI Model Security; OpenSSH Vuln; Juniper Patches; Dell BIOS Vulnerability (#) 6:55
SANS Stormcast Tuesday Feb 19th: ModelScan AI Model Security; OpenSSH Vuln; Juniper Patches; Dell BIOS Vulnerability ModelScan: Protection Against Model Serialization Attacks ModelScan is a tool to inspect AI models for deserialization attacks. The tool will detect suspect commands and warn the user. https://isc.sans.edu/diary/ModelScan%20-%20Protection%20Against%20Model%20Serialization%20Attacks/31692 OpenSSH MitM and DoS Vulnerabilities OpenSSH Patched two vulnerabilities discovered by Qualys. One may be used for MitM attack in specfic configurations of OpenSSH. https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt Juniper Authentication Bypass Juniper fixed an authentication bypass vulnerability that affects several prodcuts. The patch was released outside the normal patch schedule. https://supportportal.juniper.net/s/article/2025-02-Out-of-Cycle-Security-Bulletin-Session-Smart-Router-Session-Smart-Conductor-WAN-Assurance-Router-API-Authentication-Bypass-Vulnerability-CVE-2025-21589?language=en_US DELL BIOS Patches DELL released BIOS updates fixing a privilege escalation issue. The update affects a large part of Dell's portfolio https://www.dell.com/support/kbdoc/en-en/000258429/dsa-2025-021 keywords: dell, bios; juniper; openssh; modelscan;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast: Securing the Edge; PostgreSQL Exploit; Ivanti Exploit; WinZip Vulnerablity; Xerox Patch (#) 4:39
SANS Stormcast: Securing the Edge; PostgreSQL Exploit; Ivanti Exploit; WinZip Vulnerablity; Xerox Patch My Very Personal Guidance and Strategies to Protect Network Edge Devices A quick summary to help you secure edge devices. This may be a bit opinionated, but these are the strategies that I find work and are actionable. https://isc.sans.edu/diary/My%20Very%20Personal%20Guidance%20and%20Strategies%20to%20Protect%20Network%20Edge%20Devices/31660 PostgreSQL SQL Injection A followup to yesterday's segment about the PostgreSQL vulnerability. Rapid7 released a Metasploit module to exploit the vulnerability. https://github.com/rapid7/metasploit-framework/pull/19877 Ivanti Connect Secure Exploited The Japanese CERT observed exploitation of January's Connect Secure vulnerability https://blogs.jpcert.or.jp/ja/2025/02/spawnchimera.html WinZip Vulnerability WinZip patched a buffer overflow vulenrability that may be triggered by malicious 7Z files https://www.zerodayinitiative.com/advisories/ZDI-25-047/ Xerox Printer Patch Xerox patched two vulnerabililites in its enterprise multifunction printers that may be exploited for lateral movement. https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox-VersaLinkPhaser-and-WorkCentre.pdf keywords: xerox; winzip; ivanti; connect secure; postgresql; sql; edge;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Monday Feb 17th: Fake BSOD; Volatile IPs; Postgresql libpq SQL Injection; OAUTH Phishing (#) 8:33
SANS Stormcast Monday Feb 17th: Fake BSOD; Volatile IPs; Postgresql libpq SQL Injection; OAUTH Phishing Fake BSOD Delivered by Malicious Python Script Xavier found an odd malicious Python script that displays a blue screen of death to users. The purpose isn't quite clear. It could be a teach support scam tricking users into calling the 800 number displayed, or a simple anti-reversing trick https://isc.sans.edu/diary/Fake%20BSOD%20Delivered%20by%20Malicious%20Python%20Script/31686 The Danger of IP Volatility Accounting for IP addresses is important, and if not done properly, may lead to resources being exposed after IP addresses are released. https://isc.sans.edu/diary/The%20Danger%20of%20IP%20Volatility/31688 PostgreSQL SQL Injection Functions in PostgreSQL's libpq do not properly escape parameters which may lead to SQL injection issues if the functions are used to create input for pqsql. https://www.postgresql.org/support/security/CVE-2025-1094/ Multiple Russian Threat Actors Targeting Microsoft Device Code Auth The OAUTH device code flow is used to attach devices with limited input capability to a user's account. However, this can be abused via phishing attacks. https://www.volexity.com/blog/2025/02/13/multiple-russian-threat-actors-targeting-microsoft-device-code-authentication/ keywords: oauth; postgresql; ip; volatility; bsod…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Feb 14th 2025: DShield Honeypot SIEM; PAN OS Auth Bypass; Salt Typhone vs. Cisco; Crowdstrike Patch (#) 6:03
SANS Stormcast Feb 14th 2025: DShield Honeypot SIEM; PAN OS Auth Bypass; Salt Typhone vs. Cisco; Crowdstrike Patch DShield SIEM Docker Updates Interested in learning more about the attacks hitting your honeypot? Guy assembled a neat SIEM to create dashboards summarizing the attacks. https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/31680 PANOS Path Confusion Auth Bypass Palo Alto Networks fixed a path confusion vulnerability introduced by the overly complex midle box chain in PANOS. https://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os/ https://www.theregister.com/2025/02/13/palo_alto_firewall/ China's Volt Typhoon Continues to use Cisco Vulns Recorded Future wrote up some recent attacks of the Red Mike / Volt Typhoon groups going after telecom providers by compromissing Cisco systems via an older vulnerabilty https://www.wired.com/story/chinas-salt-typhoon-spies-are-still-hacking-telecoms-now-by-exploiting-cisco-routers/ Crowdstrike Patches Linux Client https://www.crowdstrike.com/security-advisories/cve-2025-1146/ keywords: crowdstrike; falcon; china; volt typhoon; redmike; cisco; panos; nginx; apache; php; dshield; siem;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Feb 13th 2025: Smart City Threats; Advanced Social Engineering Attacks; Wazuh Vulnerability; PAM Vulnerability; Ivanti Patches (#) 5:59
SANS Stormcast Feb 13th 2025: Smart City Threats; Advanced Social Engineering Attacks; Wazuh Vulnerability; PAM Vulnerability; Ivanti Patches An Ontology for Threats: Cybercrime and Digital Forensic Investigation on Smart City Infrastructure Smart cities is a big topic for many local governments. With building these complex systems, attacks will follow. https://isc.sans.edu/diary/An%20ontology%20for%20threats%2C%20cybercrime%20and%20digital%20forensic%20investigation%20on%20Smart%20City%20Infrastructure/31676 North Korean state actor tricking admins into executing PowerShell North Korean state actors are spending quite a bit of effort setting up relationships with South Korean system administrators, culminating in them getting tricked into executing malicious PowerShell scripts. https://x.com/MsftSecIntel/status/1889407814604296490 Wazuh Vulnerability A deserialization vulnerability in Wazuh may lead to an unauthenticated remote code execution vulnerability https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh PAM PKCS11 Vulnerablity Several vulnerabilities in the Linux PAM module processing smart card authentication can be used to bypass authentication https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13 Ivanti Patches Ivanti released its monhtly update, fixing a number of critical vulnerabilities in Connect Secure and other prodcuts https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US keywords: ivanti; pam; pkcs11; linux; wazuh; korea; powershell; ontology; smart city…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Feb 12th 2025: MSFT Patch Tuesday; Adobe Patches; FortiNet Acknowledges Exploitation of FortiOS (#) 5:54
SANS Stormcast Feb 12th 2025: MSFT Patch Tuesday; Adobe Patches; FortiNet Acknowledges Exploitation of FortiOS Microsoft Patch Tuesday Microsoft released patches for 55 vulnerabilities. Three of them are actagorized as critical, two are already exploited and another two have been publicly disclosed. The LDAP server vulnerability could become a huge deal, but it is not clear if an exploit will appear. https://isc.sans.edu/diary/Microsoft%20February%202025%20Patch%20Tuesday/31674 Adobe Patches Adobe released patches for seven products. Watch out in particular for the Adobe Commerce issues https://helpx.adobe.com/security/security-bulletin.html Fortinet Acknowledges Exploitation of Vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-24-535 keywords: fortinet; adobe; microsoft;…
Bun venit la Player FM!
Player FM scanează web-ul pentru podcast-uri de înaltă calitate pentru a vă putea bucura acum. Este cea mai bună aplicație pentru podcast și funcționează pe Android, iPhone și pe web. Înscrieți-vă pentru a sincroniza abonamentele pe toate dispozitivele.
Daily Deals
Similar cu SANS Internet Storm Center's Daily Network Security News Podcast
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
The avforums podcast brings you the latest tech, movie and gaming news, plus special features, interviews and show reports from the world of audio visual home entertainment
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 19:00 UTC.
…
continue reading
Ever wondered how automation will change the world? Maybe you puzzle over what India could do to ease traffic congestion, or how China's aircraft carriers will transform Indian Ocean geopolitics? All Things Policy, a daily podcast brought to you by the Takshashila Institution, brings you all the answers. Every weekday, our researchers break down complex economic and geopolitical ideas through the lens of current events. For everyone from the busy executive to the curious student, All Things ...
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Entrepreneurship empowers everyone
…
continue reading
Babbage is our weekly podcast on science and technology, named after Charles Babbage—a 19th-century polymath and grandfather of computing. Host Alok Jha talks to our correspondents about the innovations, discoveries and gadgetry shaping the world. Published every Wednesday. If you’re already a subscriber to The Economist, you’ll have full access to all our shows as part of your subscription. For more information about Economist Podcasts+, including how to get access, please visit our FAQs pa ...
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
The economy and the markets are "under surveillance" as we cover the latest in finance, economics and investment. Listen to Jonathan Ferro, Lisa Abramowicz and Annmarie Hordern for the top interviews from Bloomberg Surveillance Television. And join Tom Keene and Paul Sweeney for the best conversations from Bloomberg Surveillance Radio. Watch Surveillance TV LIVE each mornings: http://bit.ly/3P7nstQ. Watch Surveillance Radio LIVE weekday mornings: http://bit.ly/3vTiACF.
…
continue reading
Player FM - Aplicație Podcast
Treceți offline cu aplicația Player FM !
Treceți offline cu aplicația Player FM !
))
