SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Thursday, September 4th, 2025: Dassault DELMIA Apriso Exploit Attempts; Android Updates; 1.1.1.1 Certificate Issued
4 snips
Sep 4, 2025 Recent cyber attack attempts target Dassault's DELMIA Apriso software due to a patched deserialization vulnerability. The discussion also covers Google's September Android updates, addressing exploited privilege escalation flaws. Additionally, the podcast highlights a certificate issued for Cloudflare's DNS service, raising concerns about network vulnerabilities and security flaws. Proactive measures are emphasized to combat these evolving cyber threats.
AI Snips
Chapters
Transcript
Episode notes
Honeypots Caught DELMIA Apriso Attacks
- Johannes describes honeypot detections targeting Dassault DELMIA Apriso, a manufacturing operations management package.
- He recounts recent deserialization vulnerabilities and stresses these complex systems often have hard-to-patch flaws.
Patch Manufacturing Software Proactively
- Apply patches promptly for manufacturing and ERP systems rather than waiting for active exploitation.
- Stay ahead of deserialization and other serious vulnerabilities because they are often difficult to fix under emergency conditions.
September Android Update Fixes Active Exploits
- Google released the September Android update fixing two privilege escalations that are already exploited.
- The bulletin also lists network-adjacent remote code execution issues that could be exploited from Wi-Fi or cellular networks.