SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, July 25th, 2025: ficheck.py; Mital and SonicWall Patches
4 snips
Jul 25, 2025 A new file integrity tool, ficheck.py, has been launched, replacing an outdated Perl option for modern Linux systems. Mitel issued a patch for a severe authentication vulnerability in their MX-ONE product, risking unauthorized access. SonicWall addressed an alarming file upload issue in its SMA 100 series firewalls, though exploiting it requires valid credentials. The discussion emphasizes the crucial need for continuous system updates and vigilance in cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
Use ficheck.py for file integrity
- Use ficheck.py as a modern, Python-based drop-in replacement for the old Perl file integrity tool, fcheck.
- It works fast, performs well, and uses the old configuration file, making it great for incident response and quick file integrity checks.
Parasitic Scans Seek Backdoors
- Scans targeting SharePoint backdoors show "parasitic scans" where attackers try to exploit already compromised systems.
- Attackers also use varied filenames to hide backdoors, like naming files "error404.1" to appear innocent.
Patch Mitel MX-ONE Vulnerability
- Patch Mitel MX-ONE products promptly to fix an authentication bypass vulnerability allowing admin-level access.
- Avoid exposing MX-ONE systems to the internet and keep them restricted internally where possible.