DoS Turns of Heat to Finish Appartments; #DLink HNAP Vuln; 2 MSFT Bug PoCs
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/5247.mp3

SANS Daily Network Security Podcast (Stormcast) for Thursday, November 10th 2016
00:00
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Tokyo | Aug 29th - Sep 3rd 2022 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | Japan Standard Time | Aug 29th - Sep 3rd 2022 |
DoS Attack Turns off Heat for More then a Week
http://www.hs.fi/kotimaa/a1478495966653 (finish only)
DLink HNAP Vulnerability
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/dlink-hnap-login.txt
PoC Exploits Available for Two MSFT Vulnerabilities
https://github.com/tinysec/public/tree/master/CVE-2016-7255
https://g-laurent.blogspot.com/2016/11/ms16-137-lsass-remote-memory-corruption.html
OpenSSL Patch Pre-Announced
https://mta.openssl.org/pipermail/openssl-announce/2016-November/000085.html
Hue Lightbulb Exploit/Worm
http://iotworm.eyalro.net (Sophos labels this link as "Spam", but appears to be harmless)
http://www.hs.fi/kotimaa/a1478495966653 (finish only)
DLink HNAP Vulnerability
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/dlink-hnap-login.txt
PoC Exploits Available for Two MSFT Vulnerabilities
https://github.com/tinysec/public/tree/master/CVE-2016-7255
https://g-laurent.blogspot.com/2016/11/ms16-137-lsass-remote-memory-corruption.html
OpenSSL Patch Pre-Announced
https://mta.openssl.org/pipermail/openssl-announce/2016-November/000085.html
Hue Lightbulb Exploit/Worm
http://iotworm.eyalro.net (Sophos labels this link as "Spam", but appears to be harmless)
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Tokyo | Aug 29th - Sep 3rd 2022 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | Japan Standard Time | Aug 29th - Sep 3rd 2022 |
Intrusion Detection In-Depth | Riyadh | Oct 8th - Oct 13th 2022 |
Intrusion Detection In-Depth | Online | Arabian Standard Time | Oct 8th - Oct 13th 2022 |
Application Security: Securing Web Apps, APIs, and Microservices | San Francisco | Dec 5th - Dec 10th 2022 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Pacific | Dec 5th - Dec 10th 2022 |
Intrusion Detection In-Depth | Online | Central European Time | Jan 30th - Feb 4th 2023 |