『SANS Internet Storm Center's Daily Network Security News Podcast』のカバーアート

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Internet Storm Center's Daily Network Security News Podcast

著者: Johannes B. Ullrich
無料で聴く

このコンテンツについて

 A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .(c) SANS Institute 2021 This work is licensed under a Creative Commons License - Attribution-NonCommercial-ShareAlike - http://creativecommons.org/licenses/by-nc-sa/4.0/ 政治・政府
エピソード
  • SANS Stormcast Friday, July 18th, 2025: Extended File Attributes; Critical Cisco ISE Patch; VMWare Patches; Quarterly Oracle Patches (#)

    SANS Stormcast Friday, July 18th, 2025: Extended File Attributes; Critical Cisco ISE Patch; VMWare Patches; Quarterly Oracle Patches (#)
    2025/07/18
    SANS Stormcast Friday, July 18th, 2025: Extended File Attributes; Critical Cisco ISE Patch; VMWare Patches; Quarterly Oracle Patches Hiding Payloads in Linux Extended File Attributes Xavier today looked at ways to hide payloads on Linux, similar to how alternate data streams are used on Windows. Turns out that extended file attributes do the trick, and he presents some scripts to either hide data or find hidden data. https://isc.sans.edu/diary/Hiding%20Payloads%20in%20Linux%20Extended%20File%20Attributes/32116 Cisco Patches Critical Identity Services Engine Flaw CVE-2025-20281, CVE-2025-20337, CVE-2025-20282 An unauthenticated user may execute arbitrary code as root across the network due to improperly validated data in Cisco’s Identity Services Engine. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 Oracle Critical Patch Update Oracle patched 309 flaws across 111 products. 9 of these vulnerabilities have a critical CVSS score of 9.0 or higher. https://www.oracle.com/security-alerts/cpujul2025.html Broadcom releases VMware Updates Broadcom fixed a number of vulnerabilities for ESXi, Workstation, Fusion, and Tools. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877 keywords: broadcom; oracle; cisco; linux; xattr; extended file attributes
    続きを読む 一部表示
    5 分
  • SANS Stormcast Thursday, July 17th, 2025: catbox.moe abuse; Sonicwall Attacks; Rendering Issues (#)

    SANS Stormcast Thursday, July 17th, 2025: catbox.moe abuse; Sonicwall Attacks; Rendering Issues (#)
    2025/07/17
    SANS Stormcast Thursday, July 17th, 2025: catbox.moe abuse; Sonicwall Attacks; Rendering Issues More Free File Sharing Services Abuse The free file-sharing service catbox.moe is abused by malware. While it officially claims not to allow hosting of executables, it only checks extensions and is easily abused https://isc.sans.edu/diary/More%20Free%20File%20Sharing%20Services%20Abuse/32112 Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor A group Google identifies as UNC6148 is exploiting the Sonicwall SMA 100 series appliance. The devices are end of life, but even fully patched devices are exploited. Google assumes that these devices are compromised because credentials were leaked during prior attacks. The attacker installs the OVERSTEP backdoor after compromising the device. https://cloud.google.com/blog/topics/threat-intelligence/sonicwall-secure-mobile-access-exploitation-overstep-backdoor Weaponizing Trust in File Rendering Pipelines RenderShock is a comprehensive zero-click attack strategy that targets passive file preview, indexing, and automation behaviours in modern operating systems and enterprise environments. It leverages built-in trust mechanisms and background processing in file systems, email clients, antivirus tools, and graphical user interfaces to deliver payloads without requiring any user interaction. https://www.cyfirma.com/research/rendershock-weaponizing-trust-in-file-rendering-pipelines/ keywords: rendershock; unc6148; sonicwall; catbox
    続きを読む 一部表示
    5 分
  • SANS Stormcast Wednesday, July 16th, 2025: ADS Keystroke Logger; Fake Homebrew; Broadcom Altiris RCE; Malicious Cursor AI Extensions (#)

    SANS Stormcast Wednesday, July 16th, 2025: ADS Keystroke Logger; Fake Homebrew; Broadcom Altiris RCE; Malicious Cursor AI Extensions (#)
    2025/07/16
    SANS Stormcast Wednesday, July 16th, 2025: ADS Keystroke Logger; Fake Homebrew; Broadcom Altiris RCE; Malicious Cursor AI Extensions Keylogger Data Stored in an ADS Xavier came across a keystroke logger that stores data in alternate data streams. The data includes keystroke logs as well as clipboard data https://isc.sans.edu/diary/Keylogger%20Data%20Stored%20in%20an%20ADS/32108 Malvertising Homebrew An attacker has been attempting to trick users into installing a malicious version of Homebrew. The fake software is advertised via paid Google ads and directs users to the attacker’s GitHub repo. https://medium.com/deriv-tech/brewing-trouble-dissecting-a-macos-malware-campaign-90c2c24de5dc CVE-2025-5333: Remote Code Execution in Broadcom Altiris IRM LRQA have discovered a critical unauthenticated remote code execution (RCE) vulnerability in the Broadcom Symantec Altiris Inventory Rule Management (IRM) component of Symantec Endpoint Management. https://www.lrqa.com/en/cyber-labs/remote-code-execution-in-broadcom-altiris-irm/ Code highlighting with Cursor AI for $500,000 A syntax highlighting extension for Cursor AI was used to compromise a developer’s workstation and steal $500,000 in cryptocurrency. https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908/ keywords: cursor; extensions; broadcom; altiris; malvertising; homebrew; keylogger; ADS
    続きを読む 一部表示
    6 分

SANS Internet Storm Center's Daily Network Security News Podcastに寄せられたリスナーの声

カスタマーレビュー:以下のタブを選択することで、他のサイトのレビューをご覧になれます。

Audible.co.jp

Amazon.co.jp
レビューはまだありません。