SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) ISC StormCast for Thursday, December 12th, 2024
Dec 12, 2024
Latest vulnerabilities in vSphere are under threat as attackers exploit them through automated scans. Apple has rolled out crucial updates across its ecosystem, addressing serious risks like privilege escalation. The podcast also highlights the urgent need to address vulnerabilities in WebKit and Cleo software, which pose risks of code execution and system failures. Furthermore, there's a strong call for heightened awareness and community connection in the face of these cyber threats.
AI Snips
Chapters
Transcript
Episode notes
Vulnerability Scanning Bots
- Attackers maintain bots that scan for numerous vulnerabilities, regularly updating their target list.
- Old vulnerabilities are retired, and new ones are added, demonstrating a dynamic and adaptive approach.
vSphere Vulnerability Scanning
- A SANS intern observed scans targeting vSphere vulnerabilities shortly after their disclosure.
- Attackers quickly incorporated these vulnerabilities into their existing scanning tools.
Apple OS Updates
- Apple released updates for all their operating systems, including iOS, iPadOS, macOS, and others.
- While important, there's no urgent need for immediate upgrades unless specific vulnerabilities pose a direct threat.