SANS Internet Storm Center's Daily Network Security News Podcast

De: Johannes B. Ullrich
Escúchala gratis

  • Resumen

  • A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
    (c) SANS Institute 2021 This work is licensed under a Creative Commons License - Attribution-NonCommercial-ShareAlike - http://creativecommons.org/licenses/by-nc-sa/4.0/
    Más Menos
Política y Gobierno
Más Menos
Episodios
  • SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; (#)

    SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; (#)
    Apr 24 2025
    SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; Attacks against Teltonika Networks SMS Gateways Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords. https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888 Commvault Vulnerability CVE-2205-34028 Commvault, about a week ago, published an advisory and a fix for a vulnerability in its backup software. watchTowr now released a detailed writeup and exploit for the vulnerability https://labs.watchtowr.com/fire-in-the-hole-were-breaching-the-vault-commvault-remote-code-execution-cve-2025-34028/ Exploitation Trends Q1 2025 Vulncheck published a summary of exploitation trends, pointing out that about a quarter of vulnerabilities are exploited a day after a patch is made available. https://vulncheck.com/blog/exploitation-trends-q1-2025 inetpub directory issues The inetpub directory introduced by Microsoft in its April patch may lead to a denial of service against applying patches on Windows if an attacker can create a junction for that location pointing to an existing system binary like Notepad. https://doublepulsar.com/microsofts-patch-for-cve-2025-21204-symlink-vulnerability-introduces-another-symlink-vulnerability-9ea085537741 keywords: inetpub; vulncheck; patches; watchTowr; teltonika; sms
    Más Menos
    7 m
  • SANS Stormcast Thursday, April 24th: Honeypot iptables Maintenance; XRPL.js Compromise; Erlang/OTP SSH Vuln affecting Cisco (#)

    SANS Stormcast Thursday, April 24th: Honeypot iptables Maintenance; XRPL.js Compromise; Erlang/OTP SSH Vuln affecting Cisco (#)
    Apr 23 2025
    SANS Stormcast Thursday, April 24th: Honeypot iptables Maintenance; XRPL.js Compromise; Erlang/OTP SSH Vuln affecting Cisco Honeypot Iptables Maintenance and DShield-SIEM Logging In this diary, Jesse is talking about some of the tasks to maintain a honeypot, like keeping filebeats up to date and adjusting configurations in case your dynamic IP address changes https://isc.sans.edu/diary/Honeypot%20Iptables%20Maintenance%20and%20DShield-SIEM%20Logging/31876 XRPL.js Compromised An unknown actor was able to push malicious updates of the XRPL.js library to NPM. The library is officially recommended for writing Riple (RPL) cryptocurrency code. The malicious library exfiltrated secret keys to the attacker https://www.aikido.dev/blog/xrp-supplychain-attack-official-npm-package-infected-with-crypto-stealing-backdoor https://github.com/XRPLF/xrpl.js/security/advisories/GHSA-33qr-m49q-rxfx Cisco Equipment Affected by Erlang/OTP SSH Vulnerability Cisco published an advisory explaining which of its products are affected by the critical Erlang/OTP SSH library vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy keywords: SIEM, filebeats, iptables, honeypot; ripl; xrp; supply chain; npm; erlang/otp; erlang; ssh;
    Más Menos
    6 m
  • SANS Stormcast Wednesday, April 23rd: More xorsearch Updates; DKIM Replay Attack; SSL.com Vulnerability Fixed (#)

    SANS Stormcast Wednesday, April 23rd: More xorsearch Updates; DKIM Replay Attack; SSL.com Vulnerability Fixed (#)
    Apr 22 2025
    SANS Stormcast Wednesday, April 23rd: More xorsearch Updates; DKIM Replay Attack; SSL.com Vulnerability Fixed xorsearch.py: Ad Hoc YARA Rules Adhoc YARA rules allow for easy searches using command line arguments without having to write complete YARA rules for simple use cases like string and regex searches https://isc.sans.edu/diary/xorsearch.py%3A%20%22Ad%20Hoc%20YARA%20Rules%22/31856 Google Spoofed via DKIM Replay Attack DKIM replay attacks are a known issue where the attacker re-uses a prior DKIM signature. This will work as long as the headers signed by the signature are unchanged. Recently, this attack has been successful against Google. https://easydmarc.com/blog/google-spoofed-via-dkim-replay-attack-a-technical-breakdown/ SSL.com E-Mail Validation Bug SSL.com did not properly verify which domain a particular email address is authorized to receive certificates for. This could have been exploited against webmail providers. https://bugzilla.mozilla.org/show_bug.cgi?id=1961406 keywords: dmarc, dkim; google; replay; ad-hoc; yara; xorsearch
    Más Menos
    6 m
adbl_web_global_use_to_activate_webcro768_stickypopup

Lo que los oyentes dicen sobre SANS Internet Storm Center's Daily Network Security News Podcast

Calificaciones medias de los clientes
Total
  • 5 out of 5 stars
  • 5 estrellas
    5
  • 4 estrellas
    0
  • 3 estrellas
    0
  • 2 estrellas
    0
  • 1 estrella
    0
Ejecución
  • 5 out of 5 stars
  • 5 estrellas
    5
  • 4 estrellas
    0
  • 3 estrellas
    0
  • 2 estrellas
    0
  • 1 estrella
    0
Historia
  • 5 out of 5 stars
  • 5 estrellas
    5
  • 4 estrellas
    0
  • 3 estrellas
    0
  • 2 estrellas
    0
  • 1 estrella
    0

Reseñas - Selecciona las pestañas a continuación para cambiar el origen de las reseñas.

Reseñas de Audible.com

Opiniones de Amazon
Ordenar por:
Filtrar por:
  • Total
    5 out of 5 stars
  • Ejecución
    5 out of 5 stars
  • Historia
    5 out of 5 stars
Imagen de perfil para Joe Cincotta

Essential daily listening

This podcast is essential for any technologist, not just security folks. Keeping your finger on the pulse of cybersecurity is difficult, this podcast makes it much easier.

Denunciar

Se ha producido un error. Vuelve a intentarlo dentro de unos minutos.

Has calificado esta reseña.

Reportaste esta reseña

  • Total
    5 out of 5 stars
  • Ejecución
    5 out of 5 stars
  • Historia
    5 out of 5 stars
Imagen de perfil para Preston

One of the Best

I've been listening to this podcast for years on a near daily basis. Has provided time-sensitive info on many occasions.

Denunciar

Se ha producido un error. Vuelve a intentarlo dentro de unos minutos.

Has calificado esta reseña.

Reportaste esta reseña