Artwork

Johannes B. Ullrich에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Johannes B. Ullrich 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!

Network Security News Summary for Wednesday January 08th, 2025

6:39
 
공유
 

Manage episode 459887624 series 2911633
Johannes B. Ullrich에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Johannes B. Ullrich 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
SANS ISC Stormcast, Jan 8, 2025: Critical Vulnerabilities in SonicWall, Moxa, and Windows BitLocker – Plus, Malware Targets PHP Servers and the Launch of U.S. Cyber Trust Mark In this episode, we dive into active exploitation of a zero-day in SonicWall SSL-VPN, privilege escalation vulnerabilities in Moxa devices, and a BitLocker bypass in Windows 11. We also cover cryptocurrency mining malware hitting PHP servers and the White House's launch of the U.S. Cyber Trust Mark to secure connected devices. Episode Links and Topics: PacketCrypt Classic Cryptocurrency Miner on PHP Servers https://isc.sans.edu/diary/PacketCrypt%20Classic%20Cryptocurrency%20Miner%20on%20PHP%20Servers/31564 Malware exploiting PHP servers to mine PacketCrypt Classic cryptocurrency. SonicOS Affected By Multiple Vulnerabilities https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 A zero-day vulnerability in SonicWall SSL-VPN devices is under active attack. Privilege Escalation and OS Command Injection Vulnerabilities in Moxa Devices https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241155-privilege-escalation-and-os-command-injection-vulnerabilities-in-cellular-routers,-secure-routers,-and-netwo Critical vulnerabilities in Moxa routers and security appliances allow privilege escalation and OS command injection. White House Launches U.S. Cyber Trust Mark https://www.whitehouse.gov/briefing-room/statements-releases/2025/01/07/white-house-launches-u-s-cyber-trust-mark-providing-american-consumers-an-easy-label-to-see-if-connected-devices-are-cybersecure/ A new cybersecurity labeling program for connected devices aims to help consumers choose secure products. Windows BitLocker: Screwed without a Screwdriver https://media.ccc.de/v/38c3-windows-bitlocker-screwed-without-a-screwdriver#t=761 (video in English) A two-year-old vulnerability in Windows 11 allows bypassing BitLocker encryption. keywords: bitlocker; windows; cyber trust mark; moxa; sonicos; packetcrypt; php
  continue reading

1001 에피소드

Artwork
icon공유
 
Manage episode 459887624 series 2911633
Johannes B. Ullrich에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Johannes B. Ullrich 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
SANS ISC Stormcast, Jan 8, 2025: Critical Vulnerabilities in SonicWall, Moxa, and Windows BitLocker – Plus, Malware Targets PHP Servers and the Launch of U.S. Cyber Trust Mark In this episode, we dive into active exploitation of a zero-day in SonicWall SSL-VPN, privilege escalation vulnerabilities in Moxa devices, and a BitLocker bypass in Windows 11. We also cover cryptocurrency mining malware hitting PHP servers and the White House's launch of the U.S. Cyber Trust Mark to secure connected devices. Episode Links and Topics: PacketCrypt Classic Cryptocurrency Miner on PHP Servers https://isc.sans.edu/diary/PacketCrypt%20Classic%20Cryptocurrency%20Miner%20on%20PHP%20Servers/31564 Malware exploiting PHP servers to mine PacketCrypt Classic cryptocurrency. SonicOS Affected By Multiple Vulnerabilities https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 A zero-day vulnerability in SonicWall SSL-VPN devices is under active attack. Privilege Escalation and OS Command Injection Vulnerabilities in Moxa Devices https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241155-privilege-escalation-and-os-command-injection-vulnerabilities-in-cellular-routers,-secure-routers,-and-netwo Critical vulnerabilities in Moxa routers and security appliances allow privilege escalation and OS command injection. White House Launches U.S. Cyber Trust Mark https://www.whitehouse.gov/briefing-room/statements-releases/2025/01/07/white-house-launches-u-s-cyber-trust-mark-providing-american-consumers-an-easy-label-to-see-if-connected-devices-are-cybersecure/ A new cybersecurity labeling program for connected devices aims to help consumers choose secure products. Windows BitLocker: Screwed without a Screwdriver https://media.ccc.de/v/38c3-windows-bitlocker-screwed-without-a-screwdriver#t=761 (video in English) A two-year-old vulnerability in Windows 11 allows bypassing BitLocker encryption. keywords: bitlocker; windows; cyber trust mark; moxa; sonicos; packetcrypt; php
  continue reading

1001 에피소드

모든 에피소드

×
 
Loading …

플레이어 FM에 오신것을 환영합니다!

플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.

 

빠른 참조 가이드

탐색하는 동안 이 프로그램을 들어보세요.
재생