SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Apple Patches Two Exploited Vulnerabilities https://isc.sans.edu/diary/Apple%20Fixes%20Two%20Exploited%20Vulnerabilities/31452 Oracle Patch for Agile Product Lifecycle Management CVE-2024-21287 https://www.oracle.com/security-alerts/alert-cve-2024-21287.html OFBiz Patches CVE-2024-47208 CVE-2024-48962 https://nvd.nist.gov/vuln/detail/CVE-2024-47208 https://seclists.org/oss-sec/2024/q4/95 D-Link Warns of Vulnerability in EOL Devices https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10415

Detecting the Presence of a Debugger in Linux https://isc.sans.edu/diary/Detecting%20the%20Presence%20of%20a%20Debugger%20in%20Linux/31450 Palo Alto Patches https://security.paloaltonetworks.com/CVE-2024-0012 https://security.paloaltonetworks.com/CVE-2024-9474 VMware vCenter Server Attacks https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968e Veritas Enterprise Vault Vulnerability https://www.veritas.com/support/en_US/security/VTS24-014

Unpatched vulnerabilities in Citrix systems are under scrutiny, highlighting risks related to session recording features. Data exposure concerns in Microsoft Power Pages stress the need for user education. The discussion expands to effective access management strategies and important security updates for the Audit Plus application, which has faced SQL injection threats. Additionally, a community night event in Singapore is announced, signaling a collective push for addressing cybersecurity challenges.

An ancient backdoor in TP-Link routers has resurfaced, raising concerns about outdated vulnerabilities. Attackers are strategically targeting GitHub projects with malicious commits to frame researchers. The podcast dives into the ongoing issues with Palo Alto and Fortinet vulnerabilities, emphasizing the criticality of proactive security measures for organizations. Stay informed about these emerging threats and safeguard your systems!

This episode dives into Microsoft's November Patch Tuesday, revealing 83 vulnerabilities, including critical threats that could lead to serious data breaches. It also discusses the alarming trend of APT actors embedding malware in macOS applications. Additionally, insights are shared on CISA's list of routinely exploited vulnerabilities, underscoring the importance of proactive cyber defense measures. Tune in for compelling discussions on the ever-evolving landscape of cybersecurity!

Discover critical vulnerabilities in Veeam Backup and Dell Sonic OS that can pose serious security risks. Learn about the threats from social engineering tactics affecting emergency data requests in the US. Dive into new tools for analyzing malicious PDFs and uncover various vulnerabilities in the Mazda infotainment system and Ruby SAML libraries. The discussion highlights the urgency for improved cybersecurity measures in today's tech landscape.

Discover intriguing tools for cybersecurity, like a data extraction method for PK zip files and a security checker for Docker. Delve into iOS 18's controversial reboot feature that complicates law enforcement access to locked devices. Learn about vulnerabilities in Palo Alto Networks and D-Link products, emphasizing the importance of disabling public access and updating firmware to protect against threats. Stay informed about the latest in cyber security as the landscape continues to evolve!

Discover the alarming risks associated with a poisoned Steam Account Checker that steals information. Dive into vulnerabilities found in Cisco's wireless systems and learn about dangerous file upload practices. The discussion also reveals the threats posed by evasive concatenated ZIP files targeting Windows users. Additional spotlight is on a critical flaw in Veeam Backup. Plus, there's excitement around the upcoming SANS Holiday Hack Challenge, offering a festive opportunity to sharpen your cybersecurity skills!

This discussion highlights a staggering rise in cyber attacks, pinpointing an IP address linked to 62 million attempts. Concerns about smart appliances spying on users are also examined. The conversation pivots to emerging threats, including the creative use of ICMP packets for malware command control. Listeners will learn about a proof of concept exploit for a patched Apple vulnerability and be updated on critical security flaws in HP's Aruba devices. It's a captivating blend of current threats and cybersecurity vigilance.

Explore the world of advanced malware techniques, including a Python RAT that allows live streaming of victims' screens. Discover how November's Android Security Bulletin addresses critical vulnerabilities, while a new tactic involves delivering malware via virtual machines, complicating detection efforts. The risks of fake DocuSign invoices are also highlighted, emphasizing the need for strong verification practices over solely relying on anti-malware systems.