SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Dive into the world of TeamTNT as they exploit web servers, leaving behind stealthy malware. Discover the alarming rise of social engineering attacks targeting Okta users and what that means for security. The discussion also touches on possible regulations for TP-Link routers due to cybersecurity threats. Finally, catch up on CISA’s latest best practices for mobile communications, ensuring you're equipped to handle evolving cyber risks.

A malicious Python script is being used to covertly install AnyDesk for unauthorized access, highlighting the dangers of social engineering. The vulnerabilities in the SS7 protocol are alarming, as attackers can intercept communications due to its trust-based design. Additionally, there’s a pressing need to address a critical vulnerability found in Crush FTP. Overall, the discussion emphasizes the importance of enhancing security awareness and protecting against emerging cyber threats.

Discover the tactics of the MUT1244 attack group, known for distributing backdoored code aimed at security researchers. Unpack a critical vulnerability found in the Golang crypto library, raising concerns about cybersecurity. Additionally, learn about the Meeten malware, a cross-platform threat targeting crypto wallets on both macOS and Windows. This fascinating dive into current cyber threats reveals just how complex and evolving the landscape of digital security really is.

A recent vulnerability in Struts 2 has sparked an uptick in exploit attempts, urging critical patches and improved upload capabilities. Meanwhile, Citrix highlights the risks of password spraying attacks on their Netscaler installations, advocating for multi-factor authentication. The introduction of six-day certificates by Let's Encrypt raises questions about the implications of shorter lifespans and effective renewal processes. In a concerning twist, around 30,000 devices in Germany were found pre-installed with malware, underscoring persistent security threats.

The latest discussions cover critical security updates for Windows 10 and 11, stressing the necessity of TPM 2.0. They reveal vulnerability woes with Microsoft Azure's multi-factor authentication. Additionally, there's an alarming review of a security flaw in Apache's Struts 2 library. The podcast also exposes the tactics of a Russian group, Secret Blizzard, which are using tools from other factions to launch attacks on Ukraine. It's a riveting mix of cybersecurity insights and global threat awareness.

Latest vulnerabilities in vSphere are under threat as attackers exploit them through automated scans. Apple has rolled out crucial updates across its ecosystem, addressing serious risks like privilege escalation. The podcast also highlights the urgent need to address vulnerabilities in WebKit and Cleo software, which pose risks of code execution and system failures. Furthermore, there's a strong call for heightened awareness and community connection in the face of these cyber threats.

The latest cybersecurity updates from Microsoft tackle 71 vulnerabilities, with 16 deemed critical, emphasizing the importance of timely patching. Ivanti reveals serious authentication issues while Microsoft plans to phase out NTLM authentication. A rediscovered feature in Visual Studio Code could enhance security, alongside a discussion on mitigating NTLM relay attacks. Stay informed to protect your digital environment.

Explore unusual SSH honeypot breaches that reveal bizarre command execution patterns. Uncover serious vulnerabilities in the OpenWRT router that could compromise its supply chain. The discussion also highlights essential Android updates that tackle baseband weaknesses. Finally, the hosts shed light on the false security assurances of RCS messaging, urging caution in its usage.

Discover the nuances of cookie security and the alarming vulnerabilities tied to NTLM hash leaks. Learn about the risks posed by compromised libraries, particularly the Ultralytics library infected with a crypto miner. The podcast also delves into a new attack vector that targets memory through SD card readers, showcasing the evolving landscape of cybersecurity threats. These insights underscore the importance of vigilance in protecting digital infrastructure.

Explore the intricate web of business email compromise, highlighting prevention strategies and the urgency of proactive management. Dive into alarming vulnerabilities in Mitel's MyCollab platform, featuring authentication bypass risks and the need for quick patches. The conversation also celebrates Alan Paller's induction into the Cybersecurity Hall of Fame, underscoring his impact on the field. Plus, discover insights on the Lorex 2K Indoor Wi-Fi Security Camera and HPE Aruba vulnerabilities, keeping you updated on the latest in cybersecurity developments.