SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Wednesday, August 6th, 2025: Machinekeys and VIEWSTATEs; Perplexity Unethical Learning; SonicWall Updates

4 snips

Aug 6, 2025

The discussion delves into the dangers of lost Machine Keys and how they can be exploited for code execution through VIEWSTATE vulnerabilities in .NET. It unveils Perplexity's sneaky tactics of using stealthy crawlers to bypass website no-crawl rules. Additionally, recent threats targeting Gen 7 SonicWall firewalls with enabled SSLVPN are analyzed, highlighting a surge in cyber incidents that require attention and swift mitigation strategies.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

VIEWSTATE and Machine Key Risks

The .NET VIEWSTATE stores form state protected by a machine key for integrity and optionally encryption.
Losing machine keys allows attackers to create malicious VIEWSTATEs for remote code execution.

INSIGHT

Perplexity's Stealth Web Crawling

Perplexity uses stealth tactics like changing user agents and IPs to bypass no-crawl website directives.
These actions mimic attacker behavior, ignoring robots.txt and evading web protections.

ANECDOTE

AI Learning from Honeypot Attacks

Attack URLs from OpenAI's network have targeted storm center honeypots with WordPress exploits.
This implies AI systems may unintentionally learn from attack traffic on honeypots.

Get the Snipd Podcast app to discover more snips from this episode

Get the app