SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) ISC StormCast for Wednesday, December 4th, 2024
8 snips
Dec 4, 2024 Learn how everyday Word documents can be hiding malicious files and the tactics attackers use to exploit them. Discover the shocking arrest of a CEO in South Korea for incorporating DDoS capabilities into satellite receivers. The discussion also highlights critical vulnerabilities in Veeam software that allow for remote code execution and a Microsoft privilege escalation flaw linked to cybercriminal activity. It's a deep dive into the evolving world of cyber threats and security risks!
AI Snips
Chapters
Transcript
Episode notes
Analyzing Word Documents for Embedded Threats
- Analyze Word documents for embedded files by treating them as zip files.
- Use tools like FileMagic.py and OliDump.py to dissect the contents.
DDoS Feature in Satellite Receivers
- A South Korean satellite receiver manufacturer added a DDoS tool at a broadcasting company's request.
- Authorities arrested the CEO, and roughly a quarter-million receivers were affected.
Veeam Vulnerabilities
- Veeam users should address two vulnerabilities in their service provider console.
- One vulnerability allows remote code execution (9.9 CVSS), the other NTLM hash leaks (7.1 CVSS).