Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Player FM - Internet Radio Done Right
2,366 subscribers
Checked 2h ago
Ditambah twelve tahun yang lalu
Kandungan disediakan oleh SANS ISC Handlers and Johannes B. Ullrich. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh SANS ISC Handlers and Johannes B. Ullrich atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
Sama dengan SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Technical interviews about software topics.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
America is divided, and it always has been. We're going back to the moment when that split turned into war. This is Uncivil: Gimlet Media's new history podcast, hosted by journalists Jack Hitt and Chenjerai Kumanyika. We ransack the official version of the Civil War, and take on the history you grew up with. We bring you untold stories about covert operations, corruption, resistance, mutiny, counterfeiting, antebellum drones, and so much more. And we connect these forgotten struggles to the ...
…
continue reading
Join Larry Mantle weekdays for lively and in-depth discussions of Los Angeles and Southern California news, politics, science, entertainment, the arts and more. More AirTalk at www.kpcc.org.
…
continue reading
Player FM - Aplikasi Podcast
Pergi ke luar talian dengan aplikasi Player FM !
Pergi ke luar talian dengan aplikasi Player FM !
))
Daily Deals
SANS Stormcast Tuesday Mar 4th: Mark of the Web Details; Sharepint and Click-Fix Phishing; Paragon Partionmanager BYOVD Exploit
Manage episode 469549109 series 19634
Kandungan disediakan oleh SANS ISC Handlers and Johannes B. Ullrich. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh SANS ISC Handlers and Johannes B. Ullrich atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
Mark of the Web: Some Technical Details
Windows implements the "Mark of the Web" (MotW) as an alternate data stream that contains not just the "zoneid" of where the file came from, but may include other data like the exact URL and referrer.
https://isc.sans.edu/diary/Mark%20of%20the%20Web%3A%20Some%20Technical%20Details/31732
Havoc Sharepoint with Microsoft Graph API
A recent phishing attack observed by Fortinet uses a simple HTML email to trick a user into copy pasting powershell into their system to execute additional code. Most of the malware interaction uses a Sharepoint site via Microsoft's Graph API futher hiding the malicious traffic
https://www.fortinet.com/blog/threat-research/havoc-sharepoint-with-microsoft-graph-api-turns-into-fud-c2
Paragon Partition Manager Exploit
A vulnerable Paragon Partition Manager has been user recently to escalate privileges for ransomware deployment. Even if you to not have PAragon installed: An attacker may just "bring the vulnerable driver" to your system.
https://kb.cert.org/vuls/id/726882
…
continue reading
Windows implements the "Mark of the Web" (MotW) as an alternate data stream that contains not just the "zoneid" of where the file came from, but may include other data like the exact URL and referrer.
https://isc.sans.edu/diary/Mark%20of%20the%20Web%3A%20Some%20Technical%20Details/31732
Havoc Sharepoint with Microsoft Graph API
A recent phishing attack observed by Fortinet uses a simple HTML email to trick a user into copy pasting powershell into their system to execute additional code. Most of the malware interaction uses a Sharepoint site via Microsoft's Graph API futher hiding the malicious traffic
https://www.fortinet.com/blog/threat-research/havoc-sharepoint-with-microsoft-graph-api-turns-into-fud-c2
Paragon Partition Manager Exploit
A vulnerable Paragon Partition Manager has been user recently to escalate privileges for ransomware deployment. Even if you to not have PAragon installed: An attacker may just "bring the vulnerable driver" to your system.
https://kb.cert.org/vuls/id/726882
3005 episod
SANS Stormcast Tuesday Mar 4th: Mark of the Web Details; Sharepint and Click-Fix Phishing; Paragon Partionmanager BYOVD Exploit
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
KongsiManage episode 469549109 series 19634
Kandungan disediakan oleh SANS ISC Handlers and Johannes B. Ullrich. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh SANS ISC Handlers and Johannes B. Ullrich atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
Mark of the Web: Some Technical Details
Windows implements the "Mark of the Web" (MotW) as an alternate data stream that contains not just the "zoneid" of where the file came from, but may include other data like the exact URL and referrer.
https://isc.sans.edu/diary/Mark%20of%20the%20Web%3A%20Some%20Technical%20Details/31732
Havoc Sharepoint with Microsoft Graph API
A recent phishing attack observed by Fortinet uses a simple HTML email to trick a user into copy pasting powershell into their system to execute additional code. Most of the malware interaction uses a Sharepoint site via Microsoft's Graph API futher hiding the malicious traffic
https://www.fortinet.com/blog/threat-research/havoc-sharepoint-with-microsoft-graph-api-turns-into-fud-c2
Paragon Partition Manager Exploit
A vulnerable Paragon Partition Manager has been user recently to escalate privileges for ransomware deployment. Even if you to not have PAragon installed: An attacker may just "bring the vulnerable driver" to your system.
https://kb.cert.org/vuls/id/726882
…
continue reading
Windows implements the "Mark of the Web" (MotW) as an alternate data stream that contains not just the "zoneid" of where the file came from, but may include other data like the exact URL and referrer.
https://isc.sans.edu/diary/Mark%20of%20the%20Web%3A%20Some%20Technical%20Details/31732
Havoc Sharepoint with Microsoft Graph API
A recent phishing attack observed by Fortinet uses a simple HTML email to trick a user into copy pasting powershell into their system to execute additional code. Most of the malware interaction uses a Sharepoint site via Microsoft's Graph API futher hiding the malicious traffic
https://www.fortinet.com/blog/threat-research/havoc-sharepoint-with-microsoft-graph-api-turns-into-fud-c2
Paragon Partition Manager Exploit
A vulnerable Paragon Partition Manager has been user recently to escalate privileges for ransomware deployment. Even if you to not have PAragon installed: An attacker may just "bring the vulnerable driver" to your system.
https://kb.cert.org/vuls/id/726882
3005 episod
All episodes
×
XORsearch: Searching With Regexes Didier explains a workaround to use his tool XORsearch to search for regular expressions instead of simple strings. https://isc.sans.edu/diary/XORsearch%3A%20Searching%20With%20Regexes/31834 MCP Security Notification: Tool Poisoning Attacks Invariant labs summarized a critical weakness in the Model Context Protocol (MCP) that allows for "Tool Poisoning Attacks." Many major providers such as Anthropic and OpenAI, workflow automation systems like Zapier, and MCP clients like Cursor are susceptible to this attack https://invariantlabs.ai/blog/mcp-security-notification-tool-poisoning-attacks Making :visited more private Google Chrome changed how links are marked as visited . This new partitioning scheme was introduced to improve privacy. Instead of marking a link as visited on any page where it is displayed, it is only marked as visited if the user clicks on the link while visiting the particular site where the link is displayed. https://developer.chrome.com/blog/visited-links…
1 SANS Stormcast Monday April 7th 2025: New Username Report; Quickshell Vulnerability; Apache Traffic Director Request Smuggeling 6:14
New SSH Username Report A new ssh/telnet username reports makes it easier to identify new usernames attackers are using against our telnet and ssh honeypots https://isc.sans.edu/diary/New%20SSH%20Username%20Report/31830 Quickshell Sharing is Caring: About an RCE Attack Chain on Quick Share The Google Quick Share protocol is susceptible to several vulnerabilities that have not yet been fully patched, allowing for some file overwrite issues that could lead to the accidental execution of malicious code. https://www.blackhat.com/asia-25/briefings/schedule/index.html#quickshell-sharing-is-caring-about-an-rce-attack-chain-on-quick-share-43874 Apache Traffic Director Request Smuggling Vulnerability https://www.openwall.com/lists/oss-security/2025/04/02/4…
1 SANS Stormcast Friday, Apr 4th: URL Frequency Analysis; Ivanti Flaw Exploited; WinRAR MotW Vuln; Tax filing scams; Oracle Breach Update 6:16
Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive Using frequency analysis, and training the model with honeypot data as well as log data from legitimate websites allows for a fairly simple and reliable triage of web server logs to identify possible malicious activity. https://isc.sans.edu/diary/Exploring%20Statistical%20Measures%20to%20Predict%20URLs%20as%20Legitimate%20or%20Intrusive%20%5BGuest%20Diary%5D/31822 Critical Unexploitable Ivanti Vulnerability Exploited CVE-2025-22457 In February, Ivanti patched CVE-2025-22457. At the time, the vulnerability was not considered to be exploitable. Mandiant now published a blog disclosing that the vulnerability was exploited as soon as mid-march https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/ WinRAR MotW Vulnerability CVE-2025-31334 WinRAR patched a vulnerability that would not apply the Mark of the Web correctly if a compressed file included symlinks. This may make it easier to trick a victim into executing code downloaded from a website. https://nvd.nist.gov/vuln/detail/CVE-2025-31334 Microsoft Warns of Tax-Related Scam With the US personal income tax filing deadline only about a week out, Microsoft warns of commonly deployed scams that they are observing related to income tax filings https://www.microsoft.com/en-us/security/blog/2025/04/03/threat-actors-leverage-tax-season-to-deploy-tax-themed-phishing-campaigns/ Oracle Breach Update https://www.bloomberg.com/news/articles/2025-04-02/oracle-tells-clients-of-second-recent-hack-log-in-data-stolen…
1 SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail 9:23
Surge in Scans for Juniper t128 Default User Lasst week, we dedtect a significant surge in ssh scans for the username t128 . This user is used by Juniper s Session Smart Routing, a product they acquired from 128 Technologies which is the reason for the somewhat unusual username. https://isc.sans.edu/diary/Surge%20in%20Scans%20for%20Juniper%20%22t128%22%20Default%20User/31824 Vulnerable Verizon API Allowed for Access to Call Logs An API Verizon offered to users of its call filtering application suffered from an authentication bypass vulnerability allowing users to access any Verizon user s call history. While using a JWT to authenticate the user, the phone number used to retrieve the call history logs was passed in a not-authenticated header. https://evanconnelly.github.io/post/hacking-call-records/ Google Offering End-to-End Encryption to G-Mail Business Users Google will add an end-to-end encryption feature to commercial GMail users. However, for non GMail users to read the emails they first must click on a link and log in to Google. https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses…
Apple Patches Everything Apple released updates for all of its operating systems. Most were released on Monday with WatchOS patches released today on Tuesday. Two already exploited vulnerabilities, which were already patched in the latest iOS and macOS versions, are now patched for older operating systems as well. A total of 145 vulnerabilities were patched. https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20March%2031st%202025%20Edition/31816 VMWare Workstation and Fusion update check broken VMWare s automatic update check in its Workstation and Fusion products is currently broken due to a redirect added as part of the Broadcom transition https://community.broadcom.com/vmware-cloud-foundation/question/certificate-error-is-occured-during-connecting-update-server NIM Postgres Vulnerability NIM Developers using prepared statements to send SQL queries to Postgres may expose themselves to a SQL injection vulnerability. NIM s Postgres library does not appear to use actual prepared statements; instead, it assembles the code and the user data as a string and passes them on to the database. This may lead to a SQL injection vulnerability https://blog.nns.ee/2025/03/28/nim-postgres-vulnerability/…
1 SANS Stormcast Tuesday Apr 1st: Apache Camel Exploits; New Cert Authorities Requirements; Possible Oracle Breach 7:36
Apache Camel Exploit Attempt by Vulnerability Scans A recently patched vulnerability in Apache Camel has been integrated into some vulnerability scanners, like for example OpenVAS. We do see some exploit attempts in our honeypots, but they appear to be part of internal vulnerablity scans https://isc.sans.edu/diary/Apache%20Camel%20Exploit%20Attempt%20by%20Vulnerability%20Scan%20%28CVE-2025-27636%2C%20CVE-2025-29891%29/31814 New Security Requirements for Certificate Authorities Starting in July, certificate authorities need to verify domain ownership data from multiple viewpoints around the internet. They will also have to use linters to verify certificate requests. https://security.googleblog.com/2025/03/new-security-requirements-adopted-by.html Possible Oracle Breach Oracle still denies being the victim of a data berach as leaked data may show different. https://doublepulsar.com/oracle-attempt-to-hide-serious-cybersecurity-incident-from-customers-in-oracle-saas-service-9231c8daff4a https://www.theregister.com/2025/03/30/infosec_news_in_brief/ https://www.darkreading.com/cyberattacks-data-breaches/oracle-still-denies-breach-researchers-persist…
1 SANS Stormcast Monday, March 31st: Comparing Phishing Sites; DOH and MX Abuse Phishing; opkssh 7:15
A Tale of Two Phishing Sties Two phishing sites may use very different backends, even if the site itself appears to be visually very similar. Phishing kits are often copied and modified, leading to sites using similar visual tricks on the user facing site, but very different backends to host the sites and reporting data to the miscreant. https://isc.sans.edu/diary/A%20Tale%20of%20Two%20Phishing%20Sites/31810 A Phihsing Tale of DOH and DNS MX Abuse Infoblox discovered a new variant of the Meerkat phishing kit that uses DoH in Javascript to discover MX records, and generate better customized phishing pages. https://blogs.infoblox.com/threat-intelligence/a-phishing-tale-of-doh-and-dns-mx-abuse/ Using OpenID Connect for SSH Cloudflare opensourced it's OPKSSH too. It integrates SSO systems supporting OpenID connect with SSH. https://github.com/openpubkey/opkssh/…
1 SANS Stormcast Friday, March 28th: Sitecore Exploited; Blasting Past Webp; Splunk and Firefox Vulnerabilities 6:15
Sitecore "thumbnailsaccesstoken" Deserialization Scans (and some new reports) CVE-2025-27218 Our honeypots detected a deserialization attack against the CMS Sitecore using a thumnailaccesstoken header. The underlying vulnerability was patched in January, and security firm Searchlight Cyber revealed details about this vulnerability a couple of weeks ago. https://isc.sans.edu/diary/Sitecore%20%22thumbnailsaccesstoken%22%20Deserialization%20Scans%20%28and%20some%20new%20reports%29%20CVE-2025-27218/31806 Blasting Past Webp Google s Project Zero revealed details how the NSO BLASTPASS exploit took advantage of a Webp image parsing vulnerability in iOS. This zero-click attack was employed in targeted attack back in 2023 and Apple patched the underlying vulnerability in September 2023. But this is the first byte by byte description showing how the attack worked. https://googleprojectzero.blogspot.com/2025/03/blasting-past-webp.html Splunk Vulnerabilities Splunk patched about a dozen of vulnerabilities. None of them are rated critical, but a vulnerability rated High allows authenticated users to execute arbitrary code. https://advisory.splunk.com/ Firefox 0-day Patched Mozilla patched a sandbox escape vulnerability that is already being exploited. https://www.mozilla.org/en-US/security/advisories/mfsa2025-19/…
1 SANS Stormcast Thursday Mar 27th: Classifying Malware with ML; Malicious NPM Packages; Google Chrome 0-day 4:50
Leveraging CNNs and Entropy-Based Feature Selection to Identify Potential Malware Artifacts of Interest This diary explores a novel methodology for classifying malware by integrating entropy-driven feature selection with a specialized Convolutional Neural Network (CNN). Motivated by the increasing obfuscation tactics used by modern malware authors, we will focus on capturing high-entropy segments within files, regions most likely to harbor malicious functionality, and feeding these distinct byte patterns into our model. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Leveraging%20CNNs%20and%20Entropy-Based%20Feature%20Selection%20to%20Identify%20Potential%20Malware%20Artifacts%20of%20Interest/31790 Malware found on npm infecting local package with reverse shell Researchers at Reversinglabs found two malicious NPM packages, ethers-provider2, and ethers-providerz that patch the well known (and not malicious) ethers package to add a reverse shell and downloader. https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell Google Patched Google Chrome 0-day Google patched a vulnerability in Chrome that was already exploited in attacks against media and educational organizations in Russia https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html…
1 SANS Stormcast Wednesday Mar 26th: XWiki Exploit; File Converter Correction; VMWare Vulnerability; Draytek Router Reboots; MMC Exploit Details; 6:14
XWiki Search Vulnerablity Exploit Attempts (CVE-2024-3721) Our honeypot detected an increase in exploit attempts for an XWiki command injection vulnerablity. The vulnerability was patched last April, but appears to be exploited more these last couple days. The vulnerability affects the search feature and allows the attacker to inject Groovy code templates. https://isc.sans.edu/diary/X-Wiki%20Search%20Vulnerability%20exploit%20attempts%20%28CVE-2024-3721%29/31800 Correction: FBI Image Converter Warning The FBI's Denver office warned of online file converters, not downloadable conversion tools https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam VMWare Vulnerability Broadcom released a fix for a VMWare Tools vulnerability. The vulnerability allows users of a Windows virtual machine to escalate privileges within the machine. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518 Draytek Reboots Over the weekend, users started reporting Draytek routers rebooting and getting stuck in a reboot loop. Draytek now published advise as to how to fix the problem. https://faq.draytek.com.au/docs/draytek-routers-rebooting-how-to-solve-this-issue/ Microsoft Managemnt Console Exploit CVE-2025-26633 TrendMicro released details showing how the MMC vulnerability Microsoft patched as part of its patch tuesday this month was exploited. https://www.trendmicro.com/en_us/research/25/c/cve-2025-26633-water-gamayun.html…
1 SANS Stormcast Tuesday Mar 25th: Privacy Awware Bots; Ingress Nightmare; Malicious File Converters; VSCode Extension Leads to Ransomware 5:55
Privacy Aware Bots A botnet is using privacy as well as CSRF prevention headers to better blend in with normal browsers. However, in the process they may make it actually easier to spot them. https://isc.sans.edu/diary/Privacy%20Aware%20Bots/31796 Critical Ingress Nightmare Vulnerability ingress-nginx fixed four new vulnerabilities, one of which may lead to a Kubernetes cluster compromise. Note that at the time I am making this live, not all of the URLs below are available yet, but I hope they will be available shortly after publishing this podcast https://www.darkreading.com/application-security/critical-ingressnightmare-vulns-kubernetes-environments https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities https://kubernetes.io/blog/ FBI Warns of File Converter Scams File converters may include malicious ad ons. Be careful where you get your software from. https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam VSCode Extension Includes Ransomware https://x.com/ReversingLabs/status/1902355043065500145…
1 SANS Stormcast Monday Mar 24th: Critical Next.js Vulnerability; Microsoft Trust Signing Platform Abuse 7:10
Critical Next.js Vulnerability CVE-2025-29927 A critical vulnerability in how the x-middleware-subrequest header is verified may lead to bypassing authorization in Next.js applications. https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffw https://www.runzero.com/blog/next-js/ Microsoft Trust Signing Service Abused Attackers abut the Microsoft Trust Signing Service, a service meant to help developers create signed software, to obtain short lived signatures for malware. https://www.bleepingcomputer.com/news/security/microsoft-trust-signing-service-abused-to-code-sign-malware/…
1 SANS Stormcast Friday Mar 21st: New Data Feeds; SEO Spam; Veeam Deserialization; IBM AIX RCE; 8:24
Some New Data Feeds and Little Incident We started offering additional data feeds, and an SEO spamer attempted to make us change a link from an old podcast episode. https://isc.sans.edu/diary/Some%20new%20Data%20Feeds%2C%20and%20a%20little%20%22incident%22./31786 Veeam Deserialization Vulnerability Veeam released details regarding the latest vulnerablity in Veeam, pointing out the insufficient patch applied to a prior deserialization vulnerability. https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/ IBM AIX Vulnerablity The AIX NIM service is vulnerable to an unauthenticated remote code execution vulnerability https://www.ibm.com/support/pages/node/7186621 thanks Chris Mosby for Spotify comment…
1 SANS Stormcast Thursday Mar 20th: Cisco Smart Licensing Attacks; Vulnerable Drivers again; Synology Advisories Updated 7:09
Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 CVE-2024-20440 Attackers added last September's Cisco Smart Licensing Utility vulnerability to their toolset. These attacks orginate most likely from botnets and the same attackers are scanning for a wide range of additional vulnerabilities. The vulnerability is a static credential issue and trivial to exploit after the credentials were published last fall. https://isc.sans.edu/diary/Exploit%20Attempts%20for%20Cisco%20Smart%20Licensing%20Utility%20CVE-2024-20439%20and%20CVE-2024-20440/31782 Legacy Driver Exploitation Through Bypassing Certificate Verification Ahnlab documented a new type of "bring your own vulnerable driver" vulnerability. In this case, an old driver used by an anit-malware and anti-rootkit system can be used to shut down arbitrary processeses, including security related processeses. https://asec.ahnlab.com/en/86881/ Synology Vulnerability Updates Synology updates some security advisories it release last year adding addition details and vulnerable systems. https://www.synology.com/en-global/security/advisory/Synology_SA_24_20 https://www.synology.com/en-global/security/advisory/Synology_SA_24_24…
1 SANS Stormcast Wednesday Mar 19th 2025: Python DLL Side Loading; Tomcast RCE Correction; SAML Roulette; Windows Shortcut 0-Day 7:18
Python Bot Delivered Through DLL Side-Loading A "normal", but vulnerable to DLL side-loading PDF reader may be used to launch additional exploit code https://isc.sans.edu/diary/Python%20Bot%20Delivered%20Through%20DLL%20Side-Loading/31778 Tomcat RCE Correction To exploit the Tomcat RCE I mentioned yesterday, two non-default configuration options must be selected by the victim. https://x.com/dkx02668274/status/1901893656316969308 SAML Roulette: The Hacker Always Wins This Portswigger blog explains in detail how to exploit the ruby-saml vulnerablity against GitLab. https://portswigger.net/research/saml-roulette-the-hacker-always-wins Windows Shortcut Zero Day Exploit Attackers are currently taking advantage of an unpatched vulnerability in how Windows displays Shortcut (.lnk file) details. Trendmicro explains how the attack works and provides PoC code. Microsoft is not planning to fix this issue https://www.trendmicro.com/en_us/research/25/c/windows-shortcut-zero-day-exploit.html…
Selamat datang ke Player FM
Player FM mengimbas laman-laman web bagi podcast berkualiti tinggi untuk anda nikmati sekarang. Ia merupakan aplikasi podcast terbaik dan berfungsi untuk Android, iPhone, dan web. Daftar untuk melaraskan langganan merentasi peranti.
Daily Deals
Daily Deals
Sama dengan SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Technical interviews about software topics.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
America is divided, and it always has been. We're going back to the moment when that split turned into war. This is Uncivil: Gimlet Media's new history podcast, hosted by journalists Jack Hitt and Chenjerai Kumanyika. We ransack the official version of the Civil War, and take on the history you grew up with. We bring you untold stories about covert operations, corruption, resistance, mutiny, counterfeiting, antebellum drones, and so much more. And we connect these forgotten struggles to the ...
…
continue reading
Join Larry Mantle weekdays for lively and in-depth discussions of Los Angeles and Southern California news, politics, science, entertainment, the arts and more. More AirTalk at www.kpcc.org.
…
continue reading
Player FM - Aplikasi Podcast
Pergi ke luar talian dengan aplikasi Player FM !
Pergi ke luar talian dengan aplikasi Player FM !
