SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast: Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution
5 snips
Mar 10, 2025 Discover the lurking dangers of web shells, which attackers use to infiltrate vulnerable servers while staying one step ahead. Learn about hidden backdoors in the popular ESP32 chipsets that could compromise IoT devices, thanks to recent findings from a conference presentation. Finally, be shocked by the Akira group's tactic of deploying ransomware through unsuspecting webcams, illustrating a new wave of innovative cyber threats. Enhance your security awareness with these intriguing insights!
AI Snips
Chapters
Transcript
Episode notes
Webshell Detection
- Check web servers for common webshell file names.
- Implement robust web application lifecycle management to track files.
ESP32 Chipset Vulnerability
- Undocumented commands in ESP32 chips pose security risks for IoT devices.
- These commands, accessible via Bluetooth, can enable hidden functionality like memory reading.
Chipset Auditing Toolkit
- Tarlogic released a toolkit for auditing chipsets and finding hidden commands.
- Use this toolkit to improve security audits of IoT and industrial control systems.