SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS ISC Stormcast Jan 31st 2025: Old Netgear Vuln in Depth; Lightning AI RCE; Canon Printer RCE; Deepseek Leak;
7 snips
Jan 31, 2025 Explore the alarming persistence of old vulnerabilities in Netgear routers, still a threat in 2025. Discover a risky remote code execution flaw in the AI platform Lightning AI that could be exploited with just a click. Delve into various vulnerabilities in Canon printers that could lead to significant security breaches. Lastly, learn about the exposure of the Deepseek ClickHouse database and why securing databases is more critical than ever.
AI Snips
Chapters
Transcript
Episode notes
Old Netgear Vulnerabilities
- Attacks targeting older Netgear router vulnerabilities (DGN 2200V1 and DGN 1000) are surprisingly common.
- These routers are no longer supported, making patching crucial but challenging.
Patch Your Routers
- Regularly patch your routers, ideally scheduling a monthly check for firmware updates.
- Many older router vulnerabilities are still actively exploited, highlighting the importance of updates.
End-of-Life Devices
- Determining the end-of-life status for devices like routers can be difficult, hindering security updates.
- A new cybersecurity label aims to address this by requiring devices to provide end-of-life information.