SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, September 19th, 2025: Honeypot File Analysis (@sans_edu); SonicWall Breach; DeepSeek Bias; Chrome 0-day
4 snips
Sep 19, 2025 Delve into the intriguing world of cybersecurity with a spotlight on file uploads in a Dshield honeypot. Discover the shocking breach of SonicWall accounts through brute force attacks and the ensuing data concerns. Learn about the biases found in code produced by the Chinese AI engine DeepSeek, highlighting how political affiliations can influence software quality. Plus, get the lowdown on a recently exploited Chrome 0-day vulnerability, now patched for your safety. Tune in for insights into these pressing security matters!
AI Snips
Chapters
Transcript
Episode notes
Honeypot Triage Finds Multi-Arch Bot Scripts
- Nathan Smithson examined the 'download' directory on a Cowrie honeypot to triage uploads.
- He found common bot scripts that download multi-architecture binaries and attempt execution to maximize success on varied systems.
Audit And Reset SonicWall Backups Immediately
- Check MySonicWall accounts to see if backups are enabled and verify affected serial numbers.
- Reset all passwords, avoid reusing them, and rebuild SonicWall configurations if your account was compromised.
DeepSeek Shows Political Bias In Generated Code
- Cloudflare's research suggests DeepSeek produces less secure code for organizations not aligned with China's politics.
- The disparity may stem from training data selection or intentional bias, which affects trust in code-generation models.