Artwork

Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

SANS Stormcast Thursday, July 10th, 2025: Internal CA with ACME; TapJacking on Android; Adobe Patches;

5:18
 
Share
 

Manage episode 493612832 series 19634
Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Setting up Your Own Certificate Authority for Development: Why and How.
Some tips on setting up your own internal certificate authority using the smallstep CA.
https://isc.sans.edu/diary/Setting%20up%20Your%20Own%20Certificate%20Authority%20for%20Development%3A%20Why%20and%20How./32092
Animation-Driven Tapjacking on Android
Attackers can use a click-jacking like trick to trick victims into clicking on animated transparent dialogs opened from other applications.
https://taptrap.click/usenix25_taptrap_paper.pdf
Adobe Patches
Adobe patched 13 different products yesterday. Most concerning are vulnerabilities in Coldfusion that include code execution and arbitrary file disclosure vulnerabilities.
https://helpx.adobe.com/security/security-bulletin.html
  continue reading

3066 episodes

Artwork
iconShare
 
Manage episode 493612832 series 19634
Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Setting up Your Own Certificate Authority for Development: Why and How.
Some tips on setting up your own internal certificate authority using the smallstep CA.
https://isc.sans.edu/diary/Setting%20up%20Your%20Own%20Certificate%20Authority%20for%20Development%3A%20Why%20and%20How./32092
Animation-Driven Tapjacking on Android
Attackers can use a click-jacking like trick to trick victims into clicking on animated transparent dialogs opened from other applications.
https://taptrap.click/usenix25_taptrap_paper.pdf
Adobe Patches
Adobe patched 13 different products yesterday. Most concerning are vulnerabilities in Coldfusion that include code execution and arbitrary file disclosure vulnerabilities.
https://helpx.adobe.com/security/security-bulletin.html
  continue reading

3066 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play