SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) cover image

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Wednesday Apr 16th: File Upload Service Abuse; OpenSSH 10.0 Released; Apache Roller Vuln; Possible CVE Changes

Apr 16, 2025
Data exfiltration is on the rise as attackers exploit free online services like gofile.io and pastebin. Meanwhile, OpenSSH 10.0 has been released, introducing quantum-safe ciphers and improved security by separating authentication services. Apache Roller has a newly addressed vulnerability with a notable CVSS score, while ongoing discussions about CVE funding may lead to temporary disruptions, though diverse support might see it through.
05:54
Creator website

Podcast summary created with Snipd AI

Quick takeaways

  • Attackers are exploiting legitimate online services like gofile.io for data exfiltration, necessitating effective monitoring strategies to detect these activities early.
  • OpenSSH 10.0 introduces enhancements like quantum-safe ciphers and improved authentication processes, albeit with no immediate need for user upgrades.

Deep dives

Abuse of Free File Transfer Services

The discussion centers on the misuse of legitimate file transfer services for malicious purposes. Attackers often opt for well-known platforms like gofile.io, which is frequently used for data exfiltration, due to the lower suspicion associated with them. Even though anonfile.com has been defunct for years, some malicious scripts still attempt to fallback to it, highlighting the persistence of outdated methods in cybersecurity threats. To mitigate these risks, implementing DNS rules to monitor connections to these domains can be an effective strategy for malware detection in networks.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner