SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Stormcast, Jan 21, 2025: Downloading Partial ZIP files; Remote Tools Used in Attakcs; Azure DevOps SSRF
Jan 21, 2025
Explore the cunning tactics behind partial ZIP file downloads that help attackers sneak past security checks. Learn about the Ukrainian CERT's urgent advice on thwarting threats linked to AnyDesk remote access. Delve into the risky SSRF vulnerabilities discovered within Azure DevOps, revealing how they can be exploited by cybercriminals. This discussion highlights the importance of maintaining awareness against social engineering and unauthorized access in today's digital landscape.
06:20
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Attackers exploit partial ZIP file downloads via HTTP range headers to bypass file verification systems and deliver malware efficiently.
- The Ukrainian CERT warns against social engineering tactics using AnyDesk for unauthorized remote access, stressing the need for user awareness training.
Deep dives
Downloading Partial Zip Files Efficiently
A method for downloading partial zip files from websites is discussed, highlighting its practical applications in scenarios where only a portion of a large file is necessary. This approach utilizes the HTTP range header, which allows users to request specific parts of a file without downloading it in its entirety. By initially downloading just the beginning of the zip file to access the index, users can identify the precise offsets for the individual files they need. This technique not only saves bandwidth but also time, making it especially useful when handling large files that contain multiple components.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
