SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Dive into the alarming world of malware as a new threat infiltrates systems through MSI packages, masquerading as harmless JPEGs. Uncover vulnerabilities in the ChatGPT code interpreter, revealing security flaws that could be exploited. The episode also highlights critical directory traversal vulnerabilities in Reactor Netty and discusses serious security concerns affecting Aruba networking products. Stay informed about these pressing cybersecurity issues to better protect your systems.

This episode dives into Microsoft and Adobe's recent security patches, addressing 64 vulnerabilities, including critical flaws in Chromium, Edge, and Microsoft Office. The discussion highlights the importance of timely updates to maintain security. Additionally, a spotlight is placed on Intel's microcode update designed to tackle processor vulnerabilities, showcasing the ongoing battle against cybersecurity threats.

Explore how DNS logs can reveal command and control channels used by attackers. Learn about serious vulnerabilities in SSH that could compromise security. Delve into the risks of faulty signatures in RSA algorithms and their effects on secret key protection. The importance of updating server secret keys and engaging clients in new security measures is also emphasized. Additionally, discover how recent Juniper vulnerabilities have been exploited, potentially leading to remote code execution.

Recent talks highlight the Gafgyt botnet targeting routers, stressing the importance of updated firmware and strong passwords. Healthcare systems are under attack, showcasing vulnerabilities linked to third-party vendors. Additionally, North Korea's Sapphire Sleet is on the prowl, using fake job portals to exploit developers. Insights into OpenVPN Access Server vulnerabilities remind us that staying informed is crucial in this ever-evolving cyber landscape.

Discover the dark world of code injection as experts reveal how vulnerabilities can be exploited in Windows systems. Learn about the alarming tactics of the CLOP ransomware gang, highlighting the urgent need for software updates. Stay informed with critical cybersecurity updates, including a significant fix for WS FTP and a warning about a malvertising campaign posing risks. Plus, don’t overlook the vulnerabilities linked to Apache Arrow involving the PyError Python module. It's a must-listen for anyone interested in cyber safety.

Discover the chilling world of phishing campaigns, where attackers cleverly disguise their tactics to mimic legitimate marketing. Uncover the vulnerabilities in Azure Automation Services that allowed cryptocurrency miners to exploit systems through faulty Python script management. Also, learn about the latest security enhancements in Windows 11, including crucial updates to SMB and NTLM protocols, as well as a newly identified vulnerability that could jeopardize network security.

Discover the new world of DNS with designated resolvers and their implications for security and privacy. Learn about BlueNoroff, a malware targeting macOS users in cryptocurrency scams. Dive into Microsoft's advanced Authenticator features designed to enhance security by default. Join the conversation about the evolving landscape of cybersecurity and share your own experiences for a richer community interaction.

Explore the latest cyber threats as the hosts dive into the exploitation of Confluence CVE-2023-22518. Discover vulnerabilities in Veeam's monitoring tools and QNAP's network devices, underscoring the critical need for timely system updates. The conversation highlights the significance of proactive cybersecurity measures to minimize risks and protect data from emerging threats.

New Microsoft Exchange Zero Days https://www.bleepingcomputer.com/news/microsoft/new-microsoft-exchange-zero-days-allow-rce-data-theft-attacks/ StripedFly: Perennially Flying under the Radar https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/ Send My: Sending Data over Apple's Find My Network https://github.com/positive-security/send-my

Quick Tip for Artificially Inflated PE Files https://isc.sans.edu/diary/Quick%20Tip%20For%20Artificially%20Inflated%20PE%20Files/30370 Apache ActiveMQ Flaw Exploited https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt https://www.rapid7.com/blog/post/2023/11/01/etr-suspected-exploitation-of-apache-activemq-cve-2023-46604/ Critical Firepower Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN Dozens of npm Packages Caught Attempting to Deploy Reverse Shell https://blog.phylum.io/dozens-of-npm-packages-caught-attempting-to-deploy-reverse-shell/