SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

A critical vulnerability in Palo Alto Networks' GlobalProtect software has emerged, allowing attackers to execute remote code and gain root access. The discussion highlights recent exploitation incidents, emphasizing the urgency of applying patches. Experts stress the importance of disabling telemetry to safeguard against these threats. Stay informed and protect your systems!

A serious vulnerability in Windows batch file execution could lead to OS command injection attacks. Programming languages like Rust and Node.js are stepping up, while Java remains inactive. Fortinet's Linux client faces scrutiny for remote code execution flaws. The conversation also highlights Apple's new threat notifications against mercenary spyware. Developers are urged to stay alert for malicious code in open source, as a new trick has emerged in supply chain attacks.

A critical vulnerability in Rust's command API could allow OS command injection, scoring a perfect 10 on the CVSS scale. Adobe's recent updates tackle serious flaws in their commerce product. The discussion also highlights urgent vulnerabilities in Fortinet's FortiOS and FortiProxy, prompting immediate updates. Additionally, a curious signed backdoor named Smoke and Screen Mirrors raises alarm for potential exploits. Tune in for vital cybersecurity insights and the importance of timely patches!

April's Microsoft updates tackled 157 vulnerabilities, spotlighting critical flaws in Microsoft Defender for IoT and SQL Server drivers. The team emphasizes the urgent need for security against potential exploitation, particularly from proxy driver spoofing. Additionally, discussions unveil a backdoor in D-Link NAS devices and significant vulnerabilities in LG SmartTVs, raising alarms about smart device security. Tune in for key insights on safeguarding your tech!

Discover how threat hunting can enhance security operations, backed by a compelling case study. Learn about the risks posed by Notepad++'s parasite site. Explore vulnerabilities in Hugging Face's pickle files and how they impact AI. Finally, dive into Google's latest developments with the V8 sandbox, shifting it from experimental status to a more robust security feature.

The podcast dives into the 10th anniversary of Heartbleed, reflecting on its impact on open-source security and the importance of funding bug bounties. It highlights recent vulnerabilities like the Magento XML backdoor and challenges in e-commerce security posed by malicious injections. Additionally, it addresses the ongoing threat of DNS cache poisoning and identifies a remote code execution vulnerability in Brocade Fabric OS. Stay tuned for updates on upcoming security talks in London!

Dan Mazzella, a researcher specializing in infostealers and malware techniques for automotive systems, joins the discussion to reveal alarming trends in automotive cybersecurity. He highlights the rising threat of information-stealing malware targeting car head units, shifting the focus from traditional safety vulnerabilities to data privacy concerns in IoT devices. Mazzella also explores the privacy implications of accessing sensitive information through infotainment systems and urges caution when connecting personal devices to unknown vehicles, emphasizing the need for heightened security awareness.

Discover the intriguing world of SSH traffic and what it reveals about security threats. Google introduces a novel approach with Device Bound Session Credentials to combat cookie theft. The discussion also highlights four critical vulnerabilities in Ivanti software, including heap overflows and XML entity expansion issues. Additionally, there’s buzz around a Google Pixel zero-day vulnerability, shedding light on the ongoing challenges in mobile security.

Unpack the latest privacy issues surrounding Google Chrome's incognito mode and a hefty settlement over data practices. Discover new email security protocols set to strengthen spam management in Gmail. Dive into critical vulnerabilities with Cisco updates and learn about the latest security fixes for Apache Pulsar and Flowmon. Stay informed on best practices for email compliance to keep your network safe. Tune in for a special segment with insights from industry expert Bojan Zdrnja.

Explore the chilling details of a backdoor in xz-utils that poses serious security risks. Learn about infostealers threatening macOS users and the rise of malicious browser downloads disguised as Chrome. Discover a new tool for analyzing CSV files amid these cybersecurity threats. The podcast also highlights suspicious social media behaviors linked to compromised repositories.