Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
Player FM - Aplicație Podcast
Treceți offline cu aplicația Player FM !
Treceți offline cu aplicația Player FM !
SANS ISC Stormcast, Jan 24, 2025: XSS in Email, SonicWall Exploited; Cisco Vulnerablities; AI and SOAR (@sans_edu research paper by Anthony Russo)
Manage episode 462860233 series 128829
Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
In today's episode, learn how an attacker attempted to exploit webmail XSS vulnerablities against us. Sonicwall released a critical patch fixing an already exploited vulnerability in its SMA 1000 appliance. Cisco fixed vulnerabilities in ClamAV and its Meeting Manager REST API. Learn from SANS.edu student Anthony Russo how to take advantage of AI for SOAR.
XSS Attempts via E-Mail
https://isc.sans.edu/diary/XSS%20Attempts%20via%20E-Mail/31620
An analysis of a recent surge in email-based XSS attack attempts targeting users and organizations. Learn the implications and mitigation techniques.
SonicWall PSIRT Advisory: CVE-2025-23006
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 CVE-2025-23006
Details of a critical vulnerability in SonicWall appliances (SNWLID-2025-0002) and what you need to do to secure your systems.
Cisco ClamAV Advisory: OLE2 Parsing Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA
A DoS vulnerability in the popular open source anti virus engine ClamAV
Cisco CMM Privilege Escalation Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc
A patch of a privilege escalation flaw in Cisco s CMM module.
…
continue reading
XSS Attempts via E-Mail
https://isc.sans.edu/diary/XSS%20Attempts%20via%20E-Mail/31620
An analysis of a recent surge in email-based XSS attack attempts targeting users and organizations. Learn the implications and mitigation techniques.
SonicWall PSIRT Advisory: CVE-2025-23006
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 CVE-2025-23006
Details of a critical vulnerability in SonicWall appliances (SNWLID-2025-0002) and what you need to do to secure your systems.
Cisco ClamAV Advisory: OLE2 Parsing Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA
A DoS vulnerability in the popular open source anti virus engine ClamAV
Cisco CMM Privilege Escalation Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc
A patch of a privilege escalation flaw in Cisco s CMM module.
2692 episoade
SANS ISC Stormcast, Jan 24, 2025: XSS in Email, SonicWall Exploited; Cisco Vulnerablities; AI and SOAR (@sans_edu research paper by Anthony Russo)
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Manage episode 462860233 series 128829
Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
In today's episode, learn how an attacker attempted to exploit webmail XSS vulnerablities against us. Sonicwall released a critical patch fixing an already exploited vulnerability in its SMA 1000 appliance. Cisco fixed vulnerabilities in ClamAV and its Meeting Manager REST API. Learn from SANS.edu student Anthony Russo how to take advantage of AI for SOAR.
XSS Attempts via E-Mail
https://isc.sans.edu/diary/XSS%20Attempts%20via%20E-Mail/31620
An analysis of a recent surge in email-based XSS attack attempts targeting users and organizations. Learn the implications and mitigation techniques.
SonicWall PSIRT Advisory: CVE-2025-23006
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 CVE-2025-23006
Details of a critical vulnerability in SonicWall appliances (SNWLID-2025-0002) and what you need to do to secure your systems.
Cisco ClamAV Advisory: OLE2 Parsing Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA
A DoS vulnerability in the popular open source anti virus engine ClamAV
Cisco CMM Privilege Escalation Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc
A patch of a privilege escalation flaw in Cisco s CMM module.
…
continue reading
XSS Attempts via E-Mail
https://isc.sans.edu/diary/XSS%20Attempts%20via%20E-Mail/31620
An analysis of a recent surge in email-based XSS attack attempts targeting users and organizations. Learn the implications and mitigation techniques.
SonicWall PSIRT Advisory: CVE-2025-23006
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 CVE-2025-23006
Details of a critical vulnerability in SonicWall appliances (SNWLID-2025-0002) and what you need to do to secure your systems.
Cisco ClamAV Advisory: OLE2 Parsing Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA
A DoS vulnerability in the popular open source anti virus engine ClamAV
Cisco CMM Privilege Escalation Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc
A patch of a privilege escalation flaw in Cisco s CMM module.
2692 episoade
所有剧集
×Bun venit la Player FM!
Player FM scanează web-ul pentru podcast-uri de înaltă calitate pentru a vă putea bucura acum. Este cea mai bună aplicație pentru podcast și funcționează pe Android, iPhone și pe web. Înscrieți-vă pentru a sincroniza abonamentele pe toate dispozitivele.