SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail

Apr 3, 2025

A surge in scans targeting the Juniper username 't128' raises concerns about potential vulnerabilities. Verizon's API flaw allowed unauthorized access to users' call logs, exposing serious privacy issues. Additionally, Google introduces end-to-end encryption for Gmail's business users, but with a caveat: non-Gmail recipients must jump through hoops to read encrypted messages, prompting debates about user security and phishing risks.

09:23

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

A significant rise in scanning attempts for the default 't128' username in Juniper products highlights the necessity of disabling weak credentials.

A vulnerability in Verizon's API allowed unauthorized access to call logs, showcasing the critical need for secure authentication practices.

Deep dives

Significance of Username-Password Combinations

A notable spike in attempts to access a specific username-password combination related to Juniper's products was observed, indicating a possible security vulnerability. The combination includes 't128' as the username and '128t routes' as the password, both of which are default credentials that should ideally be disabled. This rise in attempts, reaching around 20,000 per day, suggests that this combination might be exposed in various systems. Users are advised to conduct internal scans to ensure there are no systems that are still utilizing this weak combination, as security settings may not function as intended.

Insights on Juniper Password Vulnerabilities and Verizon API Security Flaws

6min

Exploring the Challenges of End-to-End Encrypted Email Solutions

4min

Surge in Scans for Juniper t128 Default User
Lasst week, we dedtect a significant surge in ssh scans for the username t128 . This user is used by Juniper s Session Smart Routing, a product they acquired from 128 Technologies which is the reason for the somewhat unusual username.
https://isc.sans.edu/diary/Surge%20in%20Scans%20for%20Juniper%20%22t128%22%20Default%20User/31824
Vulnerable Verizon API Allowed for Access to Call Logs
An API Verizon offered to users of its call filtering application suffered from an authentication bypass vulnerability allowing users to access any Verizon user s call history. While using a JWT to authenticate the user, the phone number used to retrieve the call history logs was passed in a not-authenticated header.
https://evanconnelly.github.io/post/hacking-call-records/
Google Offering End-to-End Encryption to G-Mail Business Users
Google will add an end-to-end encryption feature to commercial GMail users. However, for non GMail users to read the emails they first must click on a link and log in to Google.
https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Significance of Username-Password Combinations

Vulnerability in Verizon's API

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights