SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Tuesday, May 6th: Mirai Exploiting Samsung magicInfo 9; Kali Signing Key Lost;
May 6, 2025
A new twist in the ongoing threat landscape as the Mirai botnet now exploits a vulnerability in Samsung's MagicINFO CMS. Meanwhile, Kali Linux faces challenges after losing its signing key, requiring users to adapt to a new one. The dangers of default configurations in out-of-the-box Helm charts for Kubernetes are also highlighted, revealing how they can compromise security through exposed ports and lack of authentication. Stay informed to keep your systems secure!
AI Snips
Chapters
Transcript
Episode notes
Mirai Exploits Samsung MagicINFO CMS
- Mirai botnet now exploits a patched vulnerability in Samsung MagicInfo 9 CMS from last August.
- This CMS is a server content manager, not typical IoT, yet Mirai tries various download methods to infect it.
Patch Samsung CMS & Update Kali Key
- If you run Samsung MagicInfo 9 CMS, apply the August patch immediately to avoid Mirai exploits.
- Kali Linux users must manually install the new signing key due to key loss to prevent update failures.
Secure Kubernetes Helm Defaults
- Review default settings in Kubernetes Helm charts carefully before deployment.
- Fix exposed ports and missing authentication to secure your cluster properly.