Artwork

Johannes B. Ullrich에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Johannes B. Ullrich 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!

SANS ISC Stormcast Jan 7th 2025: Make Malware Happy and Critical Vulnerabilities in OpenSSH, BeyondTrust, and Nucle

4:52
 
공유
 

Manage episode 459689057 series 2911633
Johannes B. Ullrich에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Johannes B. Ullrich 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
SANS ISC Stormcast Jan 7th 2025: Make Malware Happy and Critical Vulnerabilities in OpenSSH, BeyondTrust, and Nuclei In this episode of the SANS Internet Storm Center's Stormcast, we cover critical vulnerabilities affecting OpenSSH, BeyondTrust, and Nuclei, including the newly discovered "RegreSSHion" flaw and a bypass vulnerability in Nuclei. We also discuss how malware evasion techniques can impact analysis environments and highlight the dangers of fake exploits targeting researchers. Tune in for insights on patching, mitigation strategies, and staying ahead of emerging threats. Topics Covered: Make Malware Happy https://isc.sans.edu/diary/Make%20Malware%20Happy/31560 A look at how malware adapts and detects analysis environments, and why replicating operational settings is critical during malware analysis. Nuclei Signature Verification Bypass (CVE-2024-43405) https://www.wiz.io/blog/nuclei-signature-verification-bypass A critical vulnerability in Nuclei allows malicious templates to bypass signature verification, risking arbitrary code execution. Critical Vulnerability in BeyondTrust (CVE-2024-12356) https://censys.com/cve-2024-12356/ A high-risk flaw in BeyondTrust products allows unauthenticated OS command execution, posing a significant threat to privileged access systems. RegreSSHion Code Execution Vulnerability (CVE-2024-6387) https://cybersecuritynews.com/regresshion-code-execution-vulnerability/ OpenSSH vulnerability "RegreSSHion" enables remote code execution, and fake exploits targeting security researchers are in circulation. keywords: openssh, regresshion, beyondtrust, nuclei, malware, evasion, rce
  continue reading

1001 에피소드

Artwork
icon공유
 
Manage episode 459689057 series 2911633
Johannes B. Ullrich에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Johannes B. Ullrich 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
SANS ISC Stormcast Jan 7th 2025: Make Malware Happy and Critical Vulnerabilities in OpenSSH, BeyondTrust, and Nuclei In this episode of the SANS Internet Storm Center's Stormcast, we cover critical vulnerabilities affecting OpenSSH, BeyondTrust, and Nuclei, including the newly discovered "RegreSSHion" flaw and a bypass vulnerability in Nuclei. We also discuss how malware evasion techniques can impact analysis environments and highlight the dangers of fake exploits targeting researchers. Tune in for insights on patching, mitigation strategies, and staying ahead of emerging threats. Topics Covered: Make Malware Happy https://isc.sans.edu/diary/Make%20Malware%20Happy/31560 A look at how malware adapts and detects analysis environments, and why replicating operational settings is critical during malware analysis. Nuclei Signature Verification Bypass (CVE-2024-43405) https://www.wiz.io/blog/nuclei-signature-verification-bypass A critical vulnerability in Nuclei allows malicious templates to bypass signature verification, risking arbitrary code execution. Critical Vulnerability in BeyondTrust (CVE-2024-12356) https://censys.com/cve-2024-12356/ A high-risk flaw in BeyondTrust products allows unauthenticated OS command execution, posing a significant threat to privileged access systems. RegreSSHion Code Execution Vulnerability (CVE-2024-6387) https://cybersecuritynews.com/regresshion-code-execution-vulnerability/ OpenSSH vulnerability "RegreSSHion" enables remote code execution, and fake exploits targeting security researchers are in circulation. keywords: openssh, regresshion, beyondtrust, nuclei, malware, evasion, rce
  continue reading

1001 에피소드

모든 에피소드

×
 
Loading …

플레이어 FM에 오신것을 환영합니다!

플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.

 

빠른 참조 가이드

탐색하는 동안 이 프로그램을 들어보세요.
재생