SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Thursday May 29th 2025: LLM Assisted Analysis; MSP Ransomware; Everetz Vulnerability

May 29, 2025

A compelling exploration reveals how AI can assist in analyzing cyber attacks, sparked by a student's investigation with a honeypot sample. The risks of ransomware are highlighted, particularly with vulnerabilities in SimpleHelp that cybercriminals exploit to target managed service providers. Additionally, the podcast delves into a serious OS command injection vulnerability found in Everetz equipment, which remains unpatched, raising alarms about the need for prompt security measures.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ANECDOTE

AI Helps Decode Malware Artifact

Jennifer Wilson showed how to use ChatGPT to analyze a strange filename from a honeypot sample.
The analysis revealed it was related to Telegram Desktop encryption keys, illustrating AI-assisted forensic investigation.

ADVICE

Patch MSP Tools to Prevent Ransomware

Managed service providers must keep tools like SimpleHelp patched to avoid ransomware access.
Victims relying on MSPs face risks if MSPs' systems are vulnerable or unpatched.

INSIGHT

MSPs as Attack Vectors

Attackers target managed service providers to indirectly control victim networks.
This strategy is dangerous, giving attackers broad access through trusted MSPs managing multiple clients.

Get the Snipd Podcast app to discover more snips from this episode

Get the app