SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Explore the cunning tactics behind partial ZIP file downloads that help attackers sneak past security checks. Learn about the Ukrainian CERT's urgent advice on thwarting threats linked to AnyDesk remote access. Delve into the risky SSRF vulnerabilities discovered within Azure DevOps, revealing how they can be exploited by cybercriminals. This discussion highlights the importance of maintaining awareness against social engineering and unauthorized access in today's digital landscape.

Explore the intriguing world of honeypots and how they can extend the life of offensive security operations. Discover three critical vulnerabilities in SimpleHelp that urgently need patching to avert exploitation. Dive into the alarming findings about a new flaw that allows UEFI Secure Boot bypass, potentially putting countless systems at risk. Stay ahead of the curve in cybersecurity by understanding these pressing issues.

Rich Green, a SANS.edu graduate student and senior solutions engineer, dives into the transformative world of passkeys, highlighting their potential to enhance security beyond traditional passwords. He shares insights from his research on the cryptographic methods underlying passkeys and the challenges of implementing them in legacy systems. The discussion also addresses the latest issues with Citrix's Session Recording Agent and Ivanti's security advisories, offering a glimpse into the evolving landscape of cybersecurity.

A long-neglected vulnerability in Netgear routers is back in the spotlight, with attackers exploiting it to deploy crypto miners. There's a critical flaw in Google's OAuth that threatens sensitive data through defunct domains. Rsync also faces urgent security issues that require immediate patching. Meanwhile, Fortinet's advisory nudges the importance of updating firmware to secure defenses. Explore these pressing concerns and fortify your cybersecurity today!

Microsoft's latest Patch Tuesday updates reveal 209 fixed vulnerabilities, including critical ones that have been actively exploited. The discussion highlights specific risks these vulnerabilities pose to network security. Fortinet raises alarms about an unpatched Node.js authentication bypass that could grant attackers super-admin privileges on FortiOS devices. The podcast also emphasizes the importance of securing admin interfaces and managing software vulnerabilities effectively.

Discover the vulnerabilities plaguing Hikvision IP cameras as attackers exploit flawed password reset systems. Learn about a critical macOS flaw that allows system integrity to be bypassed through kernel extensions. Delve into a sophisticated Linux rootkit that remotely controls systems using zero-day vulnerabilities. Lastly, unravel a new ransomware scheme that targets AWS S3 buckets, leveraging SSE-C encryption to lock down data, highlighting the urgent need for protective measures and timely patching.

In the latest discussions, Windows Defender enhances its ability to detect malicious Chrome extensions, bolstering enterprise security. Attackers are using embedded OLE files in Office documents to evade detection, prompting new combat tools. A serious vulnerability in Ivanti's software raises concerns, while researchers reveal a hack of Apple's USB-C controller, exposing hardware security issues. With tax season approaching, there's a push for taxpayers to secure their IP PIN to prevent identity theft.

Delve into the world of cyber threats with insights into Redtail, a sophisticated cryptomining malware that uses advanced tactics to exploit vulnerabilities. Discover how malicious browser extensions manipulate search results to deceive users. Learn about a sneaky information stealer posing as a proof of concept exploit, preying on those testing vulnerabilities. Also, uncover critical vulnerabilities in the Palo Alto Networks' Expedition tool that could expose credentials and allow unauthorized commands.

Explore critical vulnerabilities affecting Ivanti Connect Secure and Policy Secure, with insights on urgent security updates. Discover the alarming command injection risks in Aviatrix Network Controllers, which allow for unauthorized code execution. Dive into the innovative tactics of researchers hijacking abandoned domains linked to backdoors, revealing new threats to system security. This information emphasizes the importance of staying vigilant in an ever-evolving cyber landscape.

Discover the alarming exploitation of a zero-day vulnerability in SonicWall SSL-VPN devices. Unearth security flaws in Moxa routers that allow privilege escalation. Learn about the new cryptocurrency mining malware targeting PHP servers. Meanwhile, the White House introduces the U.S. Cyber Trust Mark, aiming to help consumers identify secure connected devices. This insightful discussion emphasizes the importance of patch management and informed decisions in cybersecurity.