SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Monday, May 18th 2025: xorsearch python functions; pwn2own Berlin; senior govt official impersonation; dynamic domain risk
May 19, 2025
Discover the latest advancements in cybersecurity with a deep dive into xorsearch's new Python functions that enhance output filtering. Learn about the thrilling exploits unveiled at Pwn2Own Berlin, highlighting privilege escalation and virtual machine escapes. The FBI rings alarm bells over a malicious messaging campaign impersonating senior US officials. Plus, find out how the Scattered Spider group is evolving its tactics, using legitimate dynamic domain systems to evade detection.
AI Snips
Chapters
Transcript
Episode notes
xorsearch Enhances Output Filtering
- Didier's xorsearch tool now supports Python functions to filter extracted strings.
- This enhancement improves output manipulation, making results more readable.
Pwn2Own Spotlight on Escalation Exploits
- Pwn2Own Berlin 2025 focused heavily on privilege escalation and virtual machine escape exploits.
- Vulnerabilities in Red Hat, Windows 11, VirtualBox, and VMware were demonstrated and reported.
Counter Senior Official Impersonations
- Beware of scams impersonating senior US officials via SMS and voice messages.
- Implement business rules beyond technical defenses to counter quick-moving phishing and deepfake threats.