Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
Malicious Steam Bruteforcer; Cisco and Veem Patches; ZIP file issues; File Upload Dangers;
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/9214.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Steam Account Checker Poisoned with Infostealer
https://isc.sans.edu/diary/Steam%20Account%20Checker%20Poisoned%20with%20Infostealer/31420
Cisco Ultra Reliable Wireless Backhaul Vulnerability
https://www.cisco.com/site/us/en/products/networking/industrial-wireless/ultra-reliable-wireless-backhaul/index.html
Breaking Down Multipart Parsers: File upload validation bypass
https://blog.sicuranext.com/breaking-down-multipart-parsers-validation-bypass/
Evasive ZIP Concatenation: Trojan Targets Windows Users
https://perception-point.io/blog/evasive-concatenated-zip-trojan-targets-windows-users/
Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40715)
https://www.veeam.com/kb4682
SANS Holiday Hack Challenge
https://www.sans.org/mlp/holiday-hack-challenge-2024
https://isc.sans.edu/diary/Steam%20Account%20Checker%20Poisoned%20with%20Infostealer/31420
Cisco Ultra Reliable Wireless Backhaul Vulnerability
https://www.cisco.com/site/us/en/products/networking/industrial-wireless/ultra-reliable-wireless-backhaul/index.html
Breaking Down Multipart Parsers: File upload validation bypass
https://blog.sicuranext.com/breaking-down-multipart-parsers-validation-bypass/
Evasive ZIP Concatenation: Trojan Targets Windows Users
https://perception-point.io/blog/evasive-concatenated-zip-trojan-targets-windows-users/
Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40715)
https://www.veeam.com/kb4682
SANS Holiday Hack Challenge
https://www.sans.org/mlp/holiday-hack-challenge-2024
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |