SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Tuesday, August 12th, 2025: Erlang OTP SSH Exploits (Palo Alto Networks); Winrar Exploits; Netscaler Exploits; OpenSSH Pushing PQ Crypto;
Aug 12, 2025
Discover the latest cyber vulnerabilities that are causing a stir in the security world, including a critical exploit in Erlang/OTP SSH and active attacks on WinRAR. Learn how threat actors are capitalizing on Citrix Netscaler vulnerabilities and what patches are necessary to protect against them. Also, dive into OpenSSH's forward-thinking approach to quantum-safe encryption, signaling a significant leap in future cybersecurity measures. Stay informed and secure in an evolving threat landscape!
AI Snips
Chapters
Transcript
Episode notes
Patch Erlang/OTP SSH Immediately
- Patch exposed Erlang/OTP SSH installations now to block active exploits.
- Check those devices for compromise and rotate authentication secrets including 2FA tokens.
Update WinRAR And Inventory Embeds
- Update WinRAR to version 7.12 or later to remove the decompression exploit.
- Inventory apps and embedded DLLs because the vulnerable component may be bundled elsewhere.
Assume Compromise For Citrix Netscaler
- Assume systems exposed to the Citrix Netscaler flaw are compromised and need full cleanup.
- Change credentials, remove backdoors, and verify attackers are evicted permanently.