RadioCSIRT — Your Cybersecurity Update for Sunday, November 9, 2025 (Ep. 480) Podcast Por arte de portada

RadioCSIRT — Your Cybersecurity Update for Sunday, November 9, 2025 (Ep. 480)

RadioCSIRT — Your Cybersecurity Update for Sunday, November 9, 2025 (Ep. 480)

Escúchala gratis

Ver detalles del espectáculo

Obtén 3 meses por US$0.99 al mes + $20 crédito Audible
Welcome to your weekend cybersecurity briefing 🕵️‍♂️🔥 🐧 Samba — Remote Command Execution (CVE-2025-10230) A critical vulnerability affects Samba in the WINS module. An unauthenticated attacker can inject commands through unfiltered NetBIOS names and execute arbitrary code on the server. CVSS score: 10.0 (Critical). This flaw allows full system compromise. Immediate patching is strongly recommended. 🧩 SuiteCRM — Session Persistence After Account Deactivation (CVE-2025-64489) Versions up to 7.14.7 and 8.9.0 fail to revoke sessions when accounts are deactivated. Inactive users can retain access and even reactivate themselves. Severity: High (CVSS 8.3). The issue is fixed in versions 7.14.8 and 8.9.1. 🔐 SuiteCRM — RBAC Enforcement Bypass (CVE-2025-64490) Inconsistent role enforcement allows low-privileged users to access or create items in disabled modules. This authorization flaw exposes sensitive data. The patch is available starting from version 8.9.1. 💣 NuGet — Time-Bomb Malware Hidden in .NET Packages Researchers discovered nine malicious packages published between 2023 and 2024, programmed to detonate between 2027 and 2028. Among them, Sharp7Extend targeted Siemens S7 industrial PLCs, corrupting communications and causing operational failures. All packages have been removed, but systems that used them should be considered compromised. 🧠 Whisper Leak — Inferring AI Chat Topics from Encrypted Traffic Microsoft revealed a side-channel attack capable of deducing chatbot conversation topics even through HTTPS encryption. By analyzing packet sizes and timing, attackers can identify sensitive subjects. Countermeasures have been deployed by OpenAI, Microsoft, and Mistral, including the addition of random text sequences to mask token lengths. 🐉 China-Linked Espionage — Breach of a U.S. Non-Profit A China-linked group compromised a U.S. policy organization in April 2025. The attackers exploited multiple public vulnerabilities and used DLL sideloading via vetysafe.exe to maintain stealthy access for weeks. Their objective: long-term espionage and data exfiltration using a RAT associated with APT41. 🧱 QNAP — Seven Critical Zero-Days Fixed After Pwn2Own 2025 Seven critical zero-days exploited on QNAP NAS devices allowed remote code execution and privilege escalation. The affected systems include QTS 5.2.x and QuTS hero h5.2.x / h5.3.x. Fixes were released on October 24, 2025 in builds QTS 5.2.7.3297 and QuTS hero 5.3.1.3292. QNAP urges immediate updates, password rotation, and network segmentation. ⚡️ Don’t think — patch! 🚀 📚 Sources: 🔗 Samba: https://cvefeed.io/vuln/detail/CVE-2025-10230 🔗 SuiteCRM (CVE-2025-64489): https://cvefeed.io/vuln/detail/CVE-2025-64489 🔗 SuiteCRM (CVE-2025-64490): https://cvefeed.io/vuln/detail/CVE-2025-64490 🔗 The Register – NuGet: https://www.theregister.com/2025/11/07/cybercriminals_plant_destructive_time_bomb/ 🔗 The Hacker News – Whisper Leak: https://thehackernews.com/2025/11/microsoft-uncovers-whisper-leak-attack.html 🔗 Security Affairs – China Espionage: https://securityaffairs.com/184351/apt/china-linked-hackers-target-u-s-non-profit-in-long-term-espionage-campaign.html 🔗 Cybersecurity News – QNAP: https://cybersecuritynews.com/qnap-zero-day-vulnerabilities-exploited/ 📞 Share your feedback: 📧 radiocsirt@gmail.com 🌐 www.radiocsirt.com 📰 radiocsirtintl.substack.com
Todavía no hay opiniones