Handler on Duty: Johannes Ullrich
Threat Level: green
Podcast Detail
Sprear Phishing Works Well! Hikvision: Broken and Dangerous DVRs don't keep you safe; MSFT and Sandw
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/4249.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Sprear Phishing Works Well! Hikvision: Broken and Dangerous DVRs don't keep you safe; MSFT and Sandwort: Missed Chances; Paypal patches slowly
1 out of 5 spear phishing emails successful
https://deepsec.net/speaker.html#PSLOT157
Multiple remote vulnerabilities in Hikvision DVRs
https://community.rapid7.com/community/metasploit/blog/2014/11/19/r7-2014-18-hikvision-dvr-devices--multiple-vulnerabilities
MSFT Overlooked "Sandworm" vulnerability in earlier patches
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/SandWorm-s-target-A-patch-history-of-Object-Packager/ba-p/6675618#.VHJ8QIsXkzB
PayPal Takes 18 Months to Fix Arbitrary Code Execution Flaw
http://vulnerability-lab.com/get_content.php?id=936
ICMP Redirect Attacks Documented in the Wild
http://blog.zimperium.com/doubledirect-zimperium-discovers-full-duplex-icmp-redirect-attacks-in-the-wild/
1 out of 5 spear phishing emails successful
https://deepsec.net/speaker.html#PSLOT157
Multiple remote vulnerabilities in Hikvision DVRs
https://community.rapid7.com/community/metasploit/blog/2014/11/19/r7-2014-18-hikvision-dvr-devices--multiple-vulnerabilities
MSFT Overlooked "Sandworm" vulnerability in earlier patches
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/SandWorm-s-target-A-patch-history-of-Object-Packager/ba-p/6675618#.VHJ8QIsXkzB
PayPal Takes 18 Months to Fix Arbitrary Code Execution Flaw
http://vulnerability-lab.com/get_content.php?id=936
ICMP Redirect Attacks Documented in the Wild
http://blog.zimperium.com/doubledirect-zimperium-discovers-full-duplex-icmp-redirect-attacks-in-the-wild/
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |