SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) ISC StormCast for Monday, December 16th, 2024
4 snips
Dec 16, 2024 A recent vulnerability in Struts 2 has sparked an uptick in exploit attempts, urging critical patches and improved upload capabilities. Meanwhile, Citrix highlights the risks of password spraying attacks on their Netscaler installations, advocating for multi-factor authentication. The introduction of six-day certificates by Let's Encrypt raises questions about the implications of shorter lifespans and effective renewal processes. In a concerning twist, around 30,000 devices in Germany were found pre-installed with malware, underscoring persistent security threats.
AI Snips
Chapters
Transcript
Episode notes
Struts 2 Patching
- Patch the Struts 2 vulnerability immediately if using the upload feature.
- Rewrite the upload feature because the fix isn't backwards compatible.
Citrix Netscaler Mitigation
- Implement multi-factor authentication for Citrix Netscaler installs.
- Accept only requests with the correct host name to mitigate password spraying attacks.
Let's Encrypt Certificates
- Ensure your Let's Encrypt certificate auto-renewal works seamlessly.
- Prepare for potential six-day certificate lifespans.