SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Tuesday Feb 19th: ModelScan AI Model Security; OpenSSH Vuln; Juniper Patches; Dell BIOS Vulnerability
Feb 19, 2025
Discover how ModelScan combats deserialization attacks on AI models, ensuring safety against malicious code. Learn about critical vulnerabilities in OpenSSH that could lead to server impersonation, emphasizing the importance of timely updates. Juniper fixes significant authentication bypass issues, while Dell addresses privilege escalation in BIOS across its product line. Each topic highlights the ongoing battle to secure our digital landscape.
AI Snips
Chapters
Transcript
Episode notes
AI Model Security
- Be cautious of pickle files when downloading machine learning models, as they can contain malicious Python code.
- Use ModelScan to inspect models for suspect commands and potential deserialization attacks.
OpenSSH Vulnerabilities
- Update OpenSSH to patch two vulnerabilities, one allowing server impersonation in specific configurations.
- Check and disable the
VerifyHostKeyDNSfeature if you don't publish SSH fingerprint records via DNS.
Juniper Patches
- Prioritize updating Juniper devices due to a critical authentication bypass vulnerability (CVE-2025-21589).
- This vulnerability has a CVSS score in the 9.8 range and affects a wide range of devices.