SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Friday, February 16th, 2024

Feb 16, 2024

Jennifer Walker, an expert in detecting rogue Ethernet switches, shares her insights on innovative Layer 1 techniques for identifying hidden devices in network infrastructures. The conversation dives into the challenges posed by undocumented rogue switches and explores detection methods beyond traditional approaches. Walker discusses the role of Time Domain Reflectometry in diagnosing issues and highlights the importance of robust network monitoring strategies amidst increasing complexity. They also touch on the latest cyber threats, including rising smishing campaigns.

13:11

Creator website

Episode guests

Jennifer Walker

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Scammers are increasingly using Amazon Web Services' SNS to deliver fraudulent SMS messages impersonating the USPS, highlighting the need for user vigilance.

The Linux kernel's new role as a CVE numbering authority aims to improve vulnerability documentation, promising clearer information and increased transparency in security practices.

Deep dives

New Tactics in SMS Scams

Recent developments indicate that scammers are now targeting Amazon Web Services' Simple Notification Service (SNS) to send fraudulent SMS messages impersonating the United States Postal Service. This shift in tactics comes as companies like Twilio have implemented stricter regulations on mass messaging, making compromised accounts less valuable. The transition to AWS SNS suggests a strategic move by malicious actors to exploit alternative platforms for delivering deceptive messages. Users should remain vigilant to these unsolicited messages, as they frequently attempt to trick recipients into revealing personal information.

Intro

4min

Exploring Detection Methods for Rogue Ethernet Switches

2min

Exploring Network Troubleshooting Techniques

2min

Exploring Time Domain Reflectometry in Network Diagnostics

3min

Detecting Rogue Devices in Network Monitoring

3min

USPS Anchors Snowballing Smishing Campaigns
https://www.sentinelone.com/labs/sns-sender-active-campaigns-unleash-messaging-spam-through-the-cloud/
Linux Issuing CVEs
http://www.kroah.com/log/blog/2024/02/13/linux-is-a-cna/
Analyzing Pulse Secure Firmware and Bypassing Integrity Checking
https://eclypsium.com/blog/flatlined-analyzing-pulse-secure-firmware-and-bypassing-integrity-checking/
Jennifer Walker: Detecting Rogue Ethernet Switches Using Layer 1 Techniques
https://www.sans.edu/cyber-research/detecting-rogue-ethernet-switches-using-layer-1-techniques/

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Friday, February 16th, 2024

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

New Tactics in SMS Scams

Increased Transparency in Linux Vulnerability Reporting

Detecting Rogue Ethernet Switches

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights