SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials
7 snips
Jun 23, 2025 Explore the fascinating world of alternate data streams in NTFS with innovative tools like cut-bytes.py and filescanner. Discover how Microsoft is tightening security on Windows 365 Cloud PCs with enhanced defaults. Unpack the recent directory traversal vulnerability in zend.to and its implications for file sharing. Lastly, dive into the unexpected quirks of Go's JSON and XML parsers, revealing how they can lead to security surprises. This blend of topics provides a rich landscape of current cybersecurity challenges.
AI Snips
Chapters
Transcript
Episode notes
Extract Info from NTFS ADS
- Use Didier's tools cut-bytes.py and filescanner to extract info from NTFS alternate data streams.
- These tools help analyze metadata like the mark of the web for downloaded files.
Windows 365 Cloud PCs Security
- Microsoft improved Windows 365 Cloud PCs' security by disabling clipboard and USB passthrough by default.
- Virtualization-based security features make cloud PCs harder to compromise like real physical PCs.
Path Traversal in File Sharing Apps
- File sharing software like zend.to often contain serious path traversal vulnerabilities.
- These can allow unintended file read/write access across users, showing software fragility in secure file exchange.