SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Feb 13th 2025: Smart City Threats; Advanced Social Engineering Attacks; Wazuh Vulnerability; PAM Vulnerability; Ivanti Patches

5 snips

Feb 13, 2025

The discussion dives into the complex security challenges posed by smart cities, emphasizing the need for standardized vocabularies. It highlights North Korean state actors' cunning social engineering tactics targeting South Korean administrators. Additionally, listeners learn about vulnerabilities in Wazuh and the PAM module for Linux, which could lead to serious breaches. Finally, critical updates from Ivanti address multiple security flaws, stressing the importance of proactive measures in cybersecurity.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Smart City Threats

Smart cities are adopting new technologies, increasing cyberattack risks.
Researchers are developing ontologies like SCOPE to standardize threat vocabulary.

ANECDOTE

Advanced Social Engineering

North Korean attackers are targeting South Korean system administrators with advanced social engineering.
Attackers build relationships and trick admins into executing malicious PowerShell scripts via PDFs.

ADVICE

Wazuh Vulnerability

Update Wazuh to patch a critical deserialization vulnerability.
This vulnerability allows unauthenticated remote code execution via its API.

Get the Snipd Podcast app to discover more snips from this episode

Get the app