SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Tuesday, July 29th, 2025:Parasitic Exploits; Cisco ISE Exploit; MyASUS Vuln
Jul 29, 2025
Explore the alarming rise in parasitic exploits targeting SharePoint, where attackers are utilizing backdoors to infiltrate systems. Discover a recently patched vulnerability in Cisco ISE that’s now being actively exploited, allowing unauthenticated users to execute potentially harmful code. Additionally, learn about the MyASUS tool's security flaw, which mishandles access tokens and could expose sensitive functions to cyber threats. Timely patching is emphasized as essential to protect against these growing risks.
AI Snips
Chapters
Transcript
Episode notes
SharePoint Exploits Persist
- SharePoint servers remain vulnerable due to backdoors left by attackers after initial exploits.
- Attackers vary URLs used in attacks to blend in and evade detection.
Urgent SharePoint Server Advice
- If your SharePoint server is exposed and unpatched, rebuild and patch it without delay.
- Rotate machine keys and closely review logs for signs of compromise or backdoors.
Cisco ISE Vulnerabilities Exploited
- Newly patched vulnerabilities in Cisco ISE now have public available exploits.
- Attackers can achieve unauthenticated remote code execution through these flaws.