SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch
Jun 6, 2025
Beware of fake Zoom client downloads! Scammers are sending deceptive invites that lead to malicious updates. The Python tarfile module has a vulnerability that needs attention, as its new filter isn't functioning as intended. Additionally, HP has addressed a critical remote code execution flaw in their Insight Remote Support software. Stay informed and cautious in the digital landscape!
AI Snips
Chapters
Transcript
Episode notes
Fake Zoom Client Scam Example
- Xavier encountered a scam involving fake Zoom meeting invitations.
- Clicking the link leads victims to malware disguised as a Zoom client update.
Python tarfile Filter Limitations
- The new "filter" option in Python's tarfile module aims to mitigate insecure extraction.
- However, some filter modes, including the default, don't properly prevent permission changes, posing risks.
Update Python and Use Safe Extraction
- Always update Python to benefit from security fixes like the improved tarfile module filters.
- Be cautious when extracting archives to avoid security risks like privilege escalation.