SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Stormcast, Jan 21, 2025: Downloading Partial ZIP files; Remote Tools Used in Attakcs; Azure DevOps SSRF

6 snips

Jan 21, 2025

Explore the cunning tactics behind partial ZIP file downloads that help attackers sneak past security checks. Learn about the Ukrainian CERT's urgent advice on thwarting threats linked to AnyDesk remote access. Delve into the risky SSRF vulnerabilities discovered within Azure DevOps, revealing how they can be exploited by cybercriminals. This discussion highlights the importance of maintaining awareness against social engineering and unauthorized access in today's digital landscape.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Partial ZIP File Downloads

Download partial ZIP files to save bandwidth and time, especially for large files.
Use the HTTP range header to specify the desired parts of the file.

ANECDOTE

AnyDesk Impersonation in Ukraine

Attackers impersonate security auditors and request system access via AnyDesk in Ukraine.
This social engineering tactic exploits the legitimate use of AnyDesk by CERT-UA.

INSIGHT

SSRF Vulnerabilities and DNS Rebinding

Server-Side Request Forgery (SSRF) vulnerabilities are increasingly critical due to the rise of API-driven web applications.
DNS rebinding bypasses hostname-based security measures, making SSRF exploitation more potent.

Get the Snipd Podcast app to discover more snips from this episode

Get the app