Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: SANS Daily Network Security Podcast (Stormcast) for Tuesday, December 2nd 2014 - SANS Internet Storm Center SANS Daily Network Security Podcast (Stormcast) for Tuesday, December 2nd 2014


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Finding old SSL/SSH configs quickly; Detect Dridex Malware; Why GPG Key-IDs are bad; Ticket machines

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/4257.mp3

SANS Daily Network Security Podcast (Stormcast) for Tuesday, December 2nd 2014
00:00

My Next Class

… more classes

Finding old SSL/SSH configs quickly; Detect Dridex Malware; Why GPG Key-IDs are bad; Ticket machines are PoS devices too

Fighting outdated SSH and SSL cipher configurations
https://isc.sans.edu/forums/diary/Flushing+out+the+Crypto+Rats+-+Finding+Bad+Encryption+on+your+Network/19009

Dridex Phishing Campaign uses Malicious Word Documents
https://isc.sans.edu/forums/diary/Dridex+Phishing+Campaign+uses+Malicious+Word+Documents/19011

All GPG 32bit key-IDs cloned
https://evil32.com

Ticket Machines and Electronic Kiosks compromised by PoS Malware
https://www.intelcrawler.com/news-24

Firefox 34 Released: SSLv3 off by default
https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/
https://www.mozilla.org/en-US/firefox/34.0.5/releasenotes/

Entrypass Backdoor / Vulnerability
https://www.redteam-pentesting.de/en/advisories/rt-sa-2014-011/-entrypass-n5200-credentials-disclosure
Spotify spotify logo

Discussion

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Application Security: Securing Web Apps, APIs, and MicroservicesTokyoAug 29th - Sep 3rd 2022
Application Security: Securing Web Apps, APIs, and MicroservicesOnline | Japan Standard TimeAug 29th - Sep 3rd 2022
Intrusion Detection In-DepthRiyadhOct 8th - Oct 13th 2022
Intrusion Detection In-DepthOnline | Arabian Standard TimeOct 8th - Oct 13th 2022
Application Security: Securing Web Apps, APIs, and MicroservicesSan FranciscoDec 5th - Dec 10th 2022
Application Security: Securing Web Apps, APIs, and MicroservicesOnline | US PacificDec 5th - Dec 10th 2022
Intrusion Detection In-DepthOnline | Central European TimeJan 30th - Feb 4th 2023