SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Explore unusual SSH honeypot breaches that reveal bizarre command execution patterns. Uncover serious vulnerabilities in the OpenWRT router that could compromise its supply chain. The discussion also highlights essential Android updates that tackle baseband weaknesses. Finally, the hosts shed light on the false security assurances of RCS messaging, urging caution in its usage.

Discover the nuances of cookie security and the alarming vulnerabilities tied to NTLM hash leaks. Learn about the risks posed by compromised libraries, particularly the Ultralytics library infected with a crypto miner. The podcast also delves into a new attack vector that targets memory through SD card readers, showcasing the evolving landscape of cybersecurity threats. These insights underscore the importance of vigilance in protecting digital infrastructure.

Explore the intricate web of business email compromise, highlighting prevention strategies and the urgency of proactive management. Dive into alarming vulnerabilities in Mitel's MyCollab platform, featuring authentication bypass risks and the need for quick patches. The conversation also celebrates Alan Paller's induction into the Cybersecurity Hall of Fame, underscoring his impact on the field. Plus, discover insights on the Lorex 2K Indoor Wi-Fi Security Camera and HPE Aruba vulnerabilities, keeping you updated on the latest in cybersecurity developments.

Dive into the essential role of data analysis in cybersecurity, spotlighting its impact on tackling massive data challenges. The FBI issues a crucial warning for iPhone and Android users regarding text communications. Discover vulnerabilities in SailPoint's Identity IQ and the Solana web3.js library, along with insights on necessary patches. Explore the complexities of Rich Communication Services and their implications for security. This episode delves into the intersection of cybersecurity threats and innovative solutions.

Learn how everyday Word documents can be hiding malicious files and the tactics attackers use to exploit them. Discover the shocking arrest of a CEO in South Korea for incorporating DDoS capabilities into satellite receivers. The discussion also highlights critical vulnerabilities in Veeam software that allow for remote code execution and a Microsoft privilege escalation flaw linked to cybercriminal activity. It's a deep dive into the evolving world of cyber threats and security risks!

Explore the critical role of Credential Guard in preventing lateral movement in cybersecurity. Discover the alarming trend of exploiting corrupted Word documents in phishing attacks. Learn about essential best practices for managing API keys alongside the vulnerabilities in the IBM Security Verify Access Appliance. Delve into the importance of threat-informed defense strategies and how recent breaches highlight the need for swift action and robust mitigation measures.

The podcast dives into the latest cybersecurity threats, emphasizing the significance of honeypot systems in countering attacks. It discusses obfuscation techniques used by hackers in evolving infostealers. The conversation also reveals dangerous credit card skimmer malware targeting Magento, just in time for the busy shopping season. Additionally, it highlights the alarming rise of the first UEFI bootkit for Linux, showcasing the ever-evolving landscape of cyber dangers.

Discover how using tools like Zeek, Snort, and Grafana can help detect crypto mining malware. Learn about a new Russian APT strategy that exploits nearby Wi-Fi networks for covert access. Dive into the introduction of NachoVPN, a unique solution in the VPN world. Stay updated on crucial Keycloak security patches and PHP updates. The discussion also highlights concerning IoT vulnerabilities, particularly weak SSH passwords, just in time for the Thanksgiving holiday.

Quick & Dirty Obfuscated JavaScript Analysis https://isc.sans.edu/diary/Quick%20%26%20Dirty%20Obfuscated%20JavaScript%20Analysis/31468 Decrypting a PDF With a User Password https://isc.sans.edu/diary/Decrypting%20a%20PDF%20With%20a%20User%20Password/31466 The strange case of disappearing Russian servers https://isc.sans.edu/diary/The%20strange%20case%20of%20disappearing%20Russian%20servers/31476 QNAP Buggy Firmware Update https://community.qnap.com/t/firmware-qts-5-2-2-2950-build-20241114-released/254 7-ZIP Zstandard Decompression Integer Underflow https://www.zerodayinitiative.com/advisories/ZDI-24-1532/ https://7-zip.org/download.html

Increase In Phishing SVG Attachments https://isc.sans.edu/diary/Increase%20In%20Phishing%20SVG%20Attachments/31456 Logging blind spot revealed in FortiClient VPN https://pentera.io/blog/FortiClient-VPN_logging-blind-spot-revealed/ Needrestart Vulnerability https://www.qualys.com/2024/11/19/needrestart/needrestart.txt