SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Dive into the world of cybersecurity with an intriguing discussion on honeypot scripts and automated tools for DShield investigations. Discover the alarming EchoLeak vulnerability in Microsoft 365 Copilot that allowed zero-click data leaks. The podcast also unpacks a Thunderbolt vulnerability where unsuspecting users could be tricked into downloading malicious files via deceptive email links. This episode highlights the urgency of user awareness and the importance of keeping software updated to fend off these threats.

Discover the sneaky Quasar RAT that can be installed via bat files, hidden within PNG images. Microsoft is delaying the Windows 11 24H2 rollout due to unexpected issues from the latest updates. An exploration of a newly patched SMB client vulnerability reveals its exploitation potential. Connectwise is taking security seriously by rotating signing certificates after a compromise. Lastly, the KDE terminal presents a concerning vulnerability that may allow arbitrary code execution through telnet URLs. Stay informed and secure!

A deep dive reveals Microsoft patched a staggering 67 vulnerabilities, with 10 critically urgent. One issue is already under attack, highlighting the need for swift updates. Turning to Adobe, the team discusses patches for 7 applications, including crucial updates for Adobe Commerce and Acrobat Reader. The latter's flaws could allow code execution through deceptive PDFs. Cybersecurity is more crucial than ever as these discussions underscore the importance of timely software updates.

Discover the power of OctoSQL, a tool that lets you query vulnerability data in various formats using SQL. Learn how the Mirai botnet is back in action, exploiting weaknesses in the Wazuh tool. The EU is making strides with its new public recursive resolver, enhancing privacy compliance. Plus, find out about the challenges WordPress faces with plugin management and the Linux Foundation's FAIR Package Manager, aimed at simplifying plugin updates and addressing security concerns.

Learn how a powerful script, pngdump.py, is now able to extract hidden data from PNG files. Delve into the alarming discovery of 16 backdoored npm packages that could threaten thousands of users. MacOS faces a new challenge as fake captcha schemes lure users into malware traps. Plus, find out about Microsoft's handy PowerShell script to recover mistakenly deleted inetpub folders. Stay informed about these evolving threats and the creative strategies being developed to counter them!

Beware of fake Zoom client downloads! Scammers are sending deceptive invites that lead to malicious updates. The Python tarfile module has a vulnerability that needs attention, as its new filter isn't functioning as intended. Additionally, HP has addressed a critical remote code execution flaw in their Insight Remote Support software. Stay informed and cautious in the digital landscape!

A cunning phishing tactic is discussed, where malicious links are cleverly hidden from Outlook users using HTML comments. Amazon's shift to non-blocking logging raises concerns about potential log loss while enhancing application stability. Critical security updates from Cisco, including the removal of a backdoor vulnerability, are highlighted. Infoblox vulnerabilities are also detailed, prompting a reminder of the importance of keeping software up to date. This conversation is essential for anyone interested in cybersecurity.

Delve into the cybersecurity landscape as recent exploits in vBulletin create concern, especially for PHP 8.1 users. Google Chrome receives urgent patches for flaws, one of which is actively exploited. Roundcube's vulnerability allows any logged-in user to execute code, highlighting serious webmail risks. Additionally, HP’s StoreOnce faces vulnerabilities that could enable remote code execution. The discussion emphasizes the critical importance of timely updates and hints at exciting upcoming events at the SANS Fire conference.

A simple SSH backdoor exploits Windows clients, offering unauthorized access through a sneaky configuration. Google Chrome shakes things up by distrustful of certain certificate authorities, impacting digital certificates. Microsoft rushes an emergency fix for a bug that halts system restarts after a patch, affecting both virtual and physical machines. Meanwhile, Qualcomm scrambles to address a vulnerability in its Adreno GPU, already under exploitation, highlighting the urgent need for security updates.

Discover how a PNG image can hide malware through clever Python coding, raising alarms about current detection methods. Delve into the critical vulnerabilities in Cisco Wireless Controllers that allow for arbitrary code execution. Unpack the implications of changes to PHP that exposed once-protected methods in vBulletin, leading to a surge in exploit attempts. This discussion emphasizes the need for advanced security measures as attackers adapt to new technologies.