To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. 알았습니다

Internet Security 팟 캐스트

Internet Security 공개 [search 0]
Download the App!
Get it on App Store Get it on Google Play
show episodes
 
Artwork

1
SANS Internet Storm Center's Daily Network Security News Podcast

Johannes B. Ullrich

Unsubscribe
Unsubscribe
 주마다+
 
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
  continue reading
 
Loading …
show series
 
Artwork

1
SANS ISC Stormcast, Jan 30th 2025: Python vs. Powershell; Fortinet Exploits and Patch Policy; Voyager PHP Framework Vuln; Zyxel Targeted; VMWare AVI Patch 5:33

Play Pause
5:33
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
5:33
 
From PowerShell to a Python Obfuscation Race! This information stealer not only emulates a PDF document convincingly, but also includes its own Python environment for Windows https://isc.sans.edu/diary/From%20PowerShell%20to%20a%20Python%20Obfuscation%20Race!/31634 Alleged Active Exploit Sale of CVE-2024-55591 on Fortinet Devices An exploit for thi…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 30th 2025: Python vs. Powershell; Fortinet Exploits and Patch Policy; Voyager PHP Framework Vuln; Zyxel Targeted; VMWare AVI Patch (#) 5:33

Play Pause
5:33
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
5:33
 
SANS ISC Stormcast, Jan 30th 2025: Python vs. Powershell; Fortinet Exploits and Patch Policy; Voyager PHP Framework Vuln; Zyxel Targeted; VMWare AVI Patch From PowerShell to a Python Obfuscation Race! This information stealer not only emulates a PDF document convincingly, but also includes its own Python environment for Windows https://isc.sans.edu…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 29th 2025: Python Crypto Stealer; SimpleHelp Exploited; Apple Silicon Vuln; Teamviewer Vuln; Odd QR Code 6:07

Play Pause
6:07
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
6:07
 
Learn about fileless crypto stealers written in Python, the ongoing exploitation of recent SimpleHelp vulnerablities, new Apple Silicon Sidechannel attacks a Team Viewer Vulnerablity and an odd QR Code Fileless Python InfoStealer Targeting Exodus This Python script targets Exodus crypto wallet and password managers to steal crypto currencies. It do…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 29th 2025: Python Crypto Stealer; SimpleHelp Exploited; Apple Silicon Vuln; Teamviewer Vuln; Odd QR Code (#) 6:08

Play Pause
6:08
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
6:08
 
SANS ISC Stormcast, Jan 29th 2025: Python Crypto Stealer; SimpleHelp Exploited; Apple Silicon Vuln; Teamviewer Vuln; Odd QR Code Learn about fileless crypto stealers written in Python, the ongoing exploitation of recent SimpleHelp vulnerablities, new Apple Silicon Sidechannel attacks a Team Viewer Vulnerablity and an odd QR Code Fileless Python Inf…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 28th 2025: Z-Shy Phishing; Apple Patches 0-Day; Fortinet Exploit Details; Github and Apache Solr Patches 6:14

Play Pause
6:14
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
6:14
 
This episode shows how attackers are bypassing phishing filter by abusing the "shy" softhyphen HTML entitiy. We got an update from Apple fixing a 0-day vulnerability in addition to a number of other issues. watchTowr show how to exploit an interesting FortiOS vulnerability and we have patches for Github Desktop and Apache Solr An unusal shy z-wasp …
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 28th 2025: Z-Shy Phishing; Apple Patches 0-Day; Fortinet Exploit Details; Github and Apache Solr Patches (#) 6:14

Play Pause
6:14
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
6:14
 
SANS ISC Stormcast, Jan 28th 2025: Z-Shy Phishing; Apple Patches 0-Day; Fortinet Exploit Details; Github and Apache Solr Patches This episode shows how attackers are bypassing phishing filter by abusing the "shy" softhyphen HTML entitiy. We got an update from Apple fixing a 0-day vulnerability in addition to a number of other issues. watchTowr show…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 27, 2025: Access Brokers; Llama Stack Vuln; ESXi SSH Tunnels; Zyxel Boot Loops; Subary StarLeak 6:28

Play Pause
6:28
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
6:28
 
Guest Diary: How Access Brokers Maintain Persistence Explore how cybercriminals utilize access brokers to persist within networks and the impact this has on organizational security. https://isc.sans.edu/forums/diary/Guest+Diary+How+Access+Brokers+Maintain+Persistence/31600/ Critical Vulnerability in Meta's Llama Stack (CVE-2024-50050) A deep dive i…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 27, 2025: Access Brokers; Llama Stack Vuln; ESXi SSH Tunnels; Zyxel Boot Loops; Subary StarLeak (#) 6:29

Play Pause
6:29
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
6:29
 
SANS ISC Stormcast, Jan 27, 2025: Access Brokers; Llama Stack Vuln; ESXi SSH Tunnels; Zyxel Boot Loops; Subary StarLeak Guest Diary: How Access Brokers Maintain Persistence Explore how cybercriminals utilize access brokers to persist within networks and the impact this has on organizational security. https://isc.sans.edu/forums/diary/Guest+Diary+Ho…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 24, 2025: XSS in Email, SonicWall Exploited; Cisco Vulnerablities; AI and SOAR (@sans_edu research paper by Anthony Russo) 14:45

Play Pause
14:45
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
14:45
 
In today's episode, learn how an attacker attempted to exploit webmail XSS vulnerablities against us. Sonicwall released a critical patch fixing an already exploited vulnerability in its SMA 1000 appliance. Cisco fixed vulnerabilities in ClamAV and its Meeting Manager REST API. Learn from SANS.edu student Anthony Russo how to take advantage of AI f…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 24, 2025: XSS in Email, SonicWall Exploited; Cisco Vulnerablities; AI and SOAR (@sans_edu research paper by Anthony Russo) (#) 14:45

Play Pause
14:45
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
14:45
 
SANS ISC Stormcast, Jan 24, 2025: XSS in Email, SonicWall Exploited; Cisco Vulnerablities; AI and SOAR (@sans_edu research paper by Anthony Russo) In today's episode, learn how an attacker attempted to exploit webmail XSS vulnerablities against us. Sonicwall released a critical patch fixing an already exploited vulnerability in its SMA 1000 applian…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 23, 2025: PFSync Protocol; Oracle CPU; Korean VPN Supply Chain Attack; Ivanti Guidance 7:49

Play Pause
7:49
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
7:49
 
In today's episode, we start by talking about the PFSYNC protocol used to synchronize firewall states to support failover. Oracle released it's quarterly critical patch update. ESET is reporting about a critical VPN supply chain attack and CISA released guidance for victims of recent Ivanti related attacks. Catching CARP: Fishing for Firewall State…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 23, 2025: PFSync Protocol; Oracle CPU; Korean VPN Supply Chain Attack; Ivanti Guidance (#) 7:50

Play Pause
7:50
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
7:50
 
SANS ISC Stormcast, Jan 23, 2025: PFSync Protocol; Oracle CPU; Korean VPN Supply Chain Attack; Ivanti Guidance In today's episode, we start by talking about the PFSYNC protocol used to synchronize firewall states to support failover. Oracle released it's quarterly critical patch update. ESET is reporting about a critical VPN supply chain attack and…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 22, 2025: Geolocation via Starlink and Cloudflare; AI Prompt Risks; Homebrew Phishing 9:16

Play Pause
9:16
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
9:16
 
This episodes covers how Starlink users can be geolocated and how Cloudflare may help deanonymize users. The increased use of AI helpers leads to leaking data via careless prompts. Geolocation and Starlink https://isc.sans.edu/diary/Geolocation%20and%20Starlink/31612 Discover the potential geolocation risks associated with Starlink and how they mig…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 22, 2025: Geolocation via Starlink and Cloudflare; AI Prompt Risks; Homebrew Phishing (#) 9:16

Play Pause
9:16
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
9:16
 
SANS ISC Stormcast, Jan 22, 2025: Geolocation via Starlink and Cloudflare; AI Prompt Risks; Homebrew Phishing This episodes covers how Starlink users can be geolocated and how Cloudflare may help deanonymize users. The increased use of AI helpers leads to leaking data via careless prompts. Geolocation and Starlink https://isc.sans.edu/diary/Geoloca…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 21, 2025: Downloading Partial ZIP files; Remote Tools Used in Attakcs; Azure DevOps SSRF 6:20

Play Pause
6:20
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
6:20
 
In this episode, we talk about downloading and analyzing partial ZIP files, how legitimate remote access tools are used in recent compromises and how a research found an SSRF vulnerability in Azure DevOps Partial ZIP File Downloads A closer look at how attackers are leveraging partial ZIP file downloads to bypass file verification systems and plant…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 21, 2025: Downloading Partial ZIP files; Remote Tools Used in Attakcs; Azure DevOps SSRF (#) 6:21

Play Pause
6:21
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
6:21
 
SANS ISC Stormcast, Jan 21, 2025: Downloading Partial ZIP files; Remote Tools Used in Attakcs; Azure DevOps SSRF In this episode, we talk about downloading and analyzing partial ZIP files, how legitimate remote access tools are used in recent compromises and how a research found an SSRF vulnerability in Azure DevOps Partial ZIP File Downloads A clo…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 20, 2025: Honeypots for Offense; SimpleHelp and UEFI Secure Boot Vulnerabilities 3:24

Play Pause
3:24
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
3:24
 
In this episode, we cover how to use honeypot data to keep your offensive infrastructure alive longer, three critical vulnerabilities in SimpleHelp that must be patched now, and an interesting vulnerability affecting many systems allowing UEFI Secure Boot bypass. Leveraging Honeypot Data for Offensive Security Operations [Guest Diary] A recent gues…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 20, 2025: Honeypots for Offense; SimpleHelp and UEFI Secure Boot Vulnerabilities (#) 3:25

Play Pause
3:25
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
3:25
 
SANS ISC Stormcast, Jan 20, 2025: Honeypots for Offense; SimpleHelp and UEFI Secure Boot Vulnerabilities In this episode, we cover how to use honeypot data to keep your offensive infrastructure alive longer, three critical vulnerabilities in SimpleHelp that must be patched now, and an interesting vulnerability affecting many systems allowing UEFI S…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 17, 2025: Analyzing Complex Datasets, Citrix Update Issues, Ivanti's Security Advisory, and the Future of Passkeys (@sans_edu) 12:50

Play Pause
12:50
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
12:50
 
In this episode, we explore the efficient storage of honeypot logs in databases, issues with Citrix's Session Recording Agent and Windows Update. Ivanti is having another interesting security event and our SANS.edu graduate student Rich Green talks about his research on Passkeys. Extracting Practical Observations from Impractical Datasets: A SANS I…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 17, 2025: Analyzing Complex Datasets, Citrix Update Issues, Ivanti's Security Advisory, and the Future of Passkeys (@sans_edu) (#) 12:50

Play Pause
12:50
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
12:50
 
SANS ISC Stormcast, Jan 17, 2025: Analyzing Complex Datasets, Citrix Update Issues, Ivanti's Security Advisory, and the Future of Passkeys (@sans_edu) In this episode, we explore the efficient storage of honeypot logs in databases, issues with Citrix's Session Recording Agent and Windows Update. Ivanti is having another interesting security event a…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 16, 2025: Critical Vulnerabilities and Cybersecurity Updates You Need to Know 9:02

Play Pause
9:02
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
9:02
 
Today's episode covers an odd 12 year old Netgear vulnerability that only received a proper CVE number last year. Learn about how to properly identify OpenID connect users and avoid domain name resue. Good old rsync turns out to be in need of patching and Fortinet: Not sure if it needs patching. Probably it does. Go ahead and patch it. The Curious …
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 16, 2025: Critical Vulnerabilities and Cybersecurity Updates You Need to Know (#) 9:02

Play Pause
9:02
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
9:02
 
SANS ISC Stormcast, Jan 16, 2025: Critical Vulnerabilities and Cybersecurity Updates You Need to Know Today's episode covers an odd 12 year old Netgear vulnerability that only received a proper CVE number last year. Learn about how to properly identify OpenID connect users and avoid domain name resue. Good old rsync turns out to be in need of patch…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 14 2025: Microsoft Patch Tuesday, FortiOS and FortiProxy Patches; Paessler PRTG Patches 7:48

Play Pause
7:48
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
7:48
 
Today, Microsoft Patch Tuesday headlines our news with Microsoft patching 209 vulnerabilities, some of which have already been exploited. Fortinet suspects a so far unpatched Node.js authentication bypass to be behind some recent exploits of FortiOS and FortiProxy devices. Microsoft January 2025 Patch Tuesday This month's Microsoft patch update add…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 14 2025: Microsoft Patch Tuesday, FortiOS and FortiProxy Patches; Paessler PRTG Patches (#) 7:49

Play Pause
7:49
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
7:49
 
SANS ISC Stormcast, Jan 14 2025: Microsoft Patch Tuesday, FortiOS and FortiProxy Patches; Paessler PRTG Patches Today, Microsoft Patch Tuesday headlines our news with Microsoft patching 209 vulnerabilities, some of which have already been exploited. Fortinet suspects a so far unpatched Node.js authentication bypass to be behind some recent exploits…
  continue reading
 
Artwork

1
SANS ISC Stormcast, Jan 14, 2025: Brute-Forcing Hikvision Devices, macOS SIP Bypass, Linux Rootkits, Aviatrix Exploits, and AWS Ransomware Tactics 7:51

Play Pause
7:51
Play Pause
  나중에 재생
  나중에 재생
  리스트
  좋아요
7:51
 
Episode Summary: This episode covers brute-force attacks on the password reset functionality of Hikvision devices, a macOS SIP bypass vulnerability, Linux rootkit malware, and a novel ransomware campaign targeting AWS S3 buckets. Topics Covered: Hikvision Password Reset Brute Forcing URL: https://isc.sans.edu/diary/Hikvision%20Password%20Reset%20Br…
  continue reading
 
Loading …

빠른 참조 가이드

인기 팟 캐스트
손에 잡히는 경제
요즘은 팟캐스트시대
두시탈출 컬투쇼
김혜리의 필름클럽
씨네타운 나인틴 - 풍문으로 듣는 방송
44BITS 팟캐스트 - 클라우드, 개발, 가젯
CBS 시사자키 정관용입니다
Korean News - NHK WORLD RADIO JAPAN
과학하고 앉아있네
닥터데스
Player FM logo
도움말/FAQ | 업그레이드 | 공시 하다
예술|비즈니스|코미디|경제|엔터테인먼트|뉴스|정치|종교
과학|축구|스포츠|이야기|과학 기술|실제 범죄
저작권 2025 | 사이트 맵 | 개인 정보 보호 정책 | 서비스 약관 | | 저작권
Episode being played series thumbnail
icon icon
속도
시리즈 설정
1x
1x
Volume
100%
icon
icon icon
/

Player FM 보기 ...
Player FM
Browser
Chrome
Safari
Firefox
탐색하는 동안 이 프로그램을 들어보세요.
재생