SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Thursday Mar 6th: DShield ELK Analysis; Jailbreaking AMD CPUs; VIM Vulnerability; Snail Mail Ransomware
Mar 6, 2025
Explore the world of cybersecurity with fascinating insights into the DShield SIEM's ELK dashboard for traffic analysis. Uncover the shocking details of a new AMD CPU microcode vulnerability revealed by Google, complete with a proof of concept. Dive into a VIM flaw that could let attackers execute arbitrary code through specially crafted files. And watch out for a peculiar snail mail scam, where fraudsters are impersonating ransomware groups to extort payments from executives. A mix of cautionary tales and technical discussions!
AI Snips
Chapters
Transcript
Episode notes
DShield ELK Analysis
- Use DShield's ELK stack to analyze honeypot data.
- This helps understand attacker behavior and learn from it.
AMD CPU Jailbreaking
- A recently patched AMD microcode vulnerability allowed CPU jailbreaking.
- The vulnerability involved a weak hash function in the CPU update process.
VIM Vulnerability
- Update Vim to patch a vulnerability related to opening tar files.
- Attackers could execute arbitrary code by crafting malicious tar archives.