SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) ISC StormCast for Monday, December 9th, 2024
10 snips
Dec 9, 2024 Discover the nuances of cookie security and the alarming vulnerabilities tied to NTLM hash leaks. Learn about the risks posed by compromised libraries, particularly the Ultralytics library infected with a crypto miner. The podcast also delves into a new attack vector that targets memory through SD card readers, showcasing the evolving landscape of cybersecurity threats. These insights underscore the importance of vigilance in protecting digital infrastructure.
AI Snips
Chapters
Transcript
Episode notes
Cookie Vulnerabilities
- Inconsistent cookie standards and implementations create vulnerabilities.
- These inconsistencies allow attackers to bypass web application firewalls (WAFs).
Mitigating NTLM Leaks
- Control outbound SMB connections to prevent NTLM hash leaks.
- Patching individual vulnerabilities is insufficient due to their frequency.
Ultralytics Library Compromise
- The Ultralytics library, popular for AI, contained a crypto miner.
- Update to the latest version to fix the issue.