SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Discover the intriguing world of SVG steganography, where messages can be cleverly hidden in vector graphics. Tune in to hear about a critical vulnerability in Fortinet products that’s already facing exploitation in the wild. The podcast also delves into an emerging threat: remote prompt injection in GitLab Duo, exposing potential risks linked to source code manipulation. Uncover how these issues could compromise both data security and integrity in the tech landscape.

Learn how to create resilient backup connectivity for your home network and avoid hidden backdoors. Discover the dangers of abusing dMSA in Active Directory that can lead to privilege escalation. Delve into a serious flaw in the samlify library that allows SAML Single Sign-On bypass, potentially enabling attackers to assume other users' identities. The discussion emphasizes the need for timely updates and secure configurations to protect against evolving cybersecurity threats.

Scammers are exploiting trust with a new variant of crypto confidence scams, luring victims into pricey VIP memberships under false pretenses. The danger extends to browser security, as malicious Chrome extensions impersonate reputable services to steal sensitive information. Developers aren't safe either; malicious Visual Studio Code extensions target them specifically to exfiltrate secrets. This episode covers the evolving landscape of online threats, highlighting the need for vigilance against cunning tactics.

Researchers are now being encouraged to identify themselves during internet scans for transparency. Unused CNAME records pose a potential risk, allowing attackers to hijack public cloud resources. Additionally, a vulnerability in openpgp.js could enable spoofing of message signatures, raising concerns for encrypted communications. The discussion emphasizes the balance between ethical research practices and cybersecurity challenges in the digital landscape.

Discover the shocking use of AutoIT scripts to install a remote admin tool, turning simple downloads into potential security nightmares. A popular tool's website faced a breach, leaving users vulnerable. Learn about a Trojaned version of KeePass that misled victims into downloading malware disguised as a trusted app. Plus, find out how malware-infested software for a UV printer circulated for months, raising alarms about compromised downloads. Stay vigilant in the world of cybersecurity!

Discover the latest advancements in cybersecurity with a deep dive into xorsearch's new Python functions that enhance output filtering. Learn about the thrilling exploits unveiled at Pwn2Own Berlin, highlighting privilege escalation and virtual machine escapes. The FBI rings alarm bells over a malicious messaging campaign impersonating senior US officials. Plus, find out how the Scattered Spider group is evolving its tactics, using legitimate dynamic domain systems to evade detection.

Increased scanning for SonicWall vulnerabilities raises alarms, with many attacks traced back to a budget hosting provider. Google addresses two critical flaws in Chrome, one of which is actively being exploited. A deep dive into RVTools reveals potential compromises that extend beyond simple SEO tactics, suggesting a backdoor entry. Finally, a report discusses XSS attacks affecting open-source webmail systems, underscoring the ongoing challenges in cybersecurity.

Delve into the alarming world of phishing as attackers exploit Google’s open redirects. Learn about Adobe's recent patch addressing serious vulnerabilities in ColdFusion. Discover the latest updates from Samsung concerning their magicInfo 9 CMS, highlighting persistent security challenges. Also, Ivanti tackles a critical flaw in their ITSM software, underlining the importance of robust security measures to prevent exploitation. Tune in for essential insights on staying safe in the digital landscape!

Microsoft's latest Patch Tuesday reveals a staggering 78 vulnerabilities, with several already being exploited. A critical remote code execution flaw particularly affects users running Microsoft Edge in Internet Explorer mode. Ivanti's recent patches address serious authentication bypass and remote code execution vulnerabilities. Meanwhile, Fortinet has also responded to an already exploited API vulnerability by issuing urgent fixes. Stay informed on these critical updates to keep your systems secure!

Apple has released extensive updates to fix vulnerabilities across its operating systems. The discussion highlights the ongoing issue of default IoT passwords, specifically how the Mirai botnet is targeting Unipi devices. A critical flaw in the Output Messenger app is being exploited in sophisticated attacks, and there’s good news for Commvault users, as their recent patch successfully addresses a vulnerability. Plus, there’s a mention of an upcoming honeypot workshop that you won’t want to miss!