SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Internet Stormcast Feb 5th 2025: Feed Updates and Rosti; Resurrecting Dead S3 Buckets; Let's Encrypt Changes; Edge Device Security
4 snips
Feb 5, 2025 Updates on data feeds highlight the introduction of the Rosti Feed, while concerns about reviving dead S3 buckets spark intriguing discussions. Let's Encrypt's move to stop sending expiration emails raises questions about certificate management. Meanwhile, new guidelines from CISA focus on fortifying edge devices like firewalls and VPN concentrators, emphasizing the need for vigilance in cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
SANS Data Feeds Update
- SANS Internet Storm Center updated their data feed documentation and added the Rosti feed.
- Use their free API to access these feeds, but avoid using them as blocklists.
Resurrecting Dead S3 Buckets
- Abandoned S3 buckets can be resurrected and used to inject malicious data into websites.
- If an S3 bucket used by your web application gets deleted, update the application or discontinue its use.
Let's Encrypt Expiration Emails Ending
- Let's Encrypt will stop sending certificate expiration emails due to cost and low value.
- Set up your own monitoring or use a service like RedSift, which offers free monitoring for up to 250 certificates.