Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: SANS Daily Network Security Podcast (Stormcast) for Monday, August 18th 2014 - SANS Internet Storm Center SANS Daily Network Security Podcast (Stormcast) for Monday, August 18th 2014


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

ISC StormCast for Monday, August 18th 2014

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/4109.mp3

SANS Daily Network Security Podcast (Stormcast) for Monday, August 18th 2014
00:00

My Next Class

… more classes

Beware of the Patch - UDP behind NAT may not be firewalled - yet another PHP cgi exploit - talk quiet, your smart phone is vibrating


MSFT MS14-045 Patch Causes Blue Screen of Death
https://technet.microsoft.com/library/security/MS14-045

The dangers of UDP services behind NAT
http://isc.sans.edu/forums/diary/Web+Server+Attack+Investigation+-+Installing+a+Bot+and+Reverse+Shell+via+a+PHP+Vulnerability/18543

PHP CGI exploit with interesting reverse shell
http://isc.sans.edu/forums/diary/Web+Server+Attack+Investigation+-+Installing+a+Bot+and+Reverse+Shell+via+a+PHP+Vulnerability/18543

Smart Phone Gyroscope Sensitive Enough to Detect Speech
http://crypto.stanford.edu/gyrophone/files/gyromic.pdf

Internet Wide Scan Finds Many Exposed VNC Servers
http://www.forbes.com/sites/kashmirhill/2014/08/13/so-many-pwns/
Spotify spotify logo

Discussion

Looks like the second link in the notes is wrong - it's actually the same as the third.
Posted by Chris M on Mon Aug 18 2014, 08:23

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Application Security: Securing Web Apps, APIs, and MicroservicesTokyoAug 29th - Sep 3rd 2022
Application Security: Securing Web Apps, APIs, and MicroservicesOnline | Japan Standard TimeAug 29th - Sep 3rd 2022
Intrusion Detection In-DepthRiyadhOct 8th - Oct 13th 2022
Intrusion Detection In-DepthOnline | Arabian Standard TimeOct 8th - Oct 13th 2022
Application Security: Securing Web Apps, APIs, and MicroservicesSan FranciscoDec 5th - Dec 10th 2022
Application Security: Securing Web Apps, APIs, and MicroservicesOnline | US PacificDec 5th - Dec 10th 2022
Intrusion Detection In-DepthOnline | Central European TimeJan 30th - Feb 4th 2023