Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
SANS Stormcast Feb 13th 2025: Smart City Threats; Advanced Social Engineering Attacks; Wazuh Vulnerability; PAM Vulnerability; Ivanti Patches
MP3•Episode home
Manage episode 466386909 series 19634
Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
An Ontology for Threats: Cybercrime and Digital Forensic Investigation on Smart City Infrastructure
Smart cities is a big topic for many local governments. With building these complex systems, attacks will follow.
https://isc.sans.edu/diary/An%20ontology%20for%20threats%2C%20cybercrime%20and%20digital%20forensic%20investigation%20on%20Smart%20City%20Infrastructure/31676
North Korean state actor tricking admins into executing PowerShell
North Korean state actors are spending quite a bit of effort setting up relationships with South Korean system administrators, culminating in them getting tricked into executing malicious PowerShell scripts.
https://x.com/MsftSecIntel/status/1889407814604296490
Wazuh Vulnerability
A deserialization vulnerability in Wazuh may lead to an unauthenticated remote code execution vulnerability
https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh
PAM PKCS11 Vulnerablity
Several vulnerabilities in the Linux PAM module processing smart card authentication can be used to bypass authentication
https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13
Ivanti Patches
Ivanti released its monhtly update, fixing a number of critical vulnerabilities in Connect Secure and other prodcuts
https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
…
continue reading
Smart cities is a big topic for many local governments. With building these complex systems, attacks will follow.
https://isc.sans.edu/diary/An%20ontology%20for%20threats%2C%20cybercrime%20and%20digital%20forensic%20investigation%20on%20Smart%20City%20Infrastructure/31676
North Korean state actor tricking admins into executing PowerShell
North Korean state actors are spending quite a bit of effort setting up relationships with South Korean system administrators, culminating in them getting tricked into executing malicious PowerShell scripts.
https://x.com/MsftSecIntel/status/1889407814604296490
Wazuh Vulnerability
A deserialization vulnerability in Wazuh may lead to an unauthenticated remote code execution vulnerability
https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh
PAM PKCS11 Vulnerablity
Several vulnerabilities in the Linux PAM module processing smart card authentication can be used to bypass authentication
https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13
Ivanti Patches
Ivanti released its monhtly update, fixing a number of critical vulnerabilities in Connect Secure and other prodcuts
https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
3066 episodes
SANS Stormcast Feb 13th 2025: Smart City Threats; Advanced Social Engineering Attacks; Wazuh Vulnerability; PAM Vulnerability; Ivanti Patches
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
MP3•Episode home
Manage episode 466386909 series 19634
Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
An Ontology for Threats: Cybercrime and Digital Forensic Investigation on Smart City Infrastructure
Smart cities is a big topic for many local governments. With building these complex systems, attacks will follow.
https://isc.sans.edu/diary/An%20ontology%20for%20threats%2C%20cybercrime%20and%20digital%20forensic%20investigation%20on%20Smart%20City%20Infrastructure/31676
North Korean state actor tricking admins into executing PowerShell
North Korean state actors are spending quite a bit of effort setting up relationships with South Korean system administrators, culminating in them getting tricked into executing malicious PowerShell scripts.
https://x.com/MsftSecIntel/status/1889407814604296490
Wazuh Vulnerability
A deserialization vulnerability in Wazuh may lead to an unauthenticated remote code execution vulnerability
https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh
PAM PKCS11 Vulnerablity
Several vulnerabilities in the Linux PAM module processing smart card authentication can be used to bypass authentication
https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13
Ivanti Patches
Ivanti released its monhtly update, fixing a number of critical vulnerabilities in Connect Secure and other prodcuts
https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
…
continue reading
Smart cities is a big topic for many local governments. With building these complex systems, attacks will follow.
https://isc.sans.edu/diary/An%20ontology%20for%20threats%2C%20cybercrime%20and%20digital%20forensic%20investigation%20on%20Smart%20City%20Infrastructure/31676
North Korean state actor tricking admins into executing PowerShell
North Korean state actors are spending quite a bit of effort setting up relationships with South Korean system administrators, culminating in them getting tricked into executing malicious PowerShell scripts.
https://x.com/MsftSecIntel/status/1889407814604296490
Wazuh Vulnerability
A deserialization vulnerability in Wazuh may lead to an unauthenticated remote code execution vulnerability
https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh
PAM PKCS11 Vulnerablity
Several vulnerabilities in the Linux PAM module processing smart card authentication can be used to bypass authentication
https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13
Ivanti Patches
Ivanti released its monhtly update, fixing a number of critical vulnerabilities in Connect Secure and other prodcuts
https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
3066 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.