Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: #LDAP and #STARTTLS; NextGen Gallery #SQLi; Breaking CAPTCHAS - SANS Internet Storm Center #LDAP and #STARTTLS; NextGen Gallery #SQLi; Breaking CAPTCHAS


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
podcast logo

ISC StormCast for Thursday, March 2nd 2017

A daily summary of network and system security news from the SANS Internet Storm Center
Author:Johannes B. Ullrich, Ph.D.
Created: Thursday, March 2nd 2017
Length: 6:00 minutes
Today's Headline: #LDAP and #STARTTLS; NextGen Gallery #SQLi; Breaking CAPTCHAS

If you like this podcast, then please consider telling others about it. Use this button to Tweet about this episode: click here. Errors? Corrections? Complaints? Player Problems? Please let us know here: https://isc.sans.edu/contact.html

Plain HTML5 Player
JavaScript (with skip back/forward)

Show Notes

LDAP and STARTTLS
https://isc.sans.edu/forums/diary/SSLTLS+on+port+389+Say+what/22135/

Wordpress NextGen Gallery Plugin SQL Injection Vulnerability
https://blog.sucuri.net/2017/02/sql-injection-vulnerability-nextgen-gallery-wordpress.html

Password Manager Insecurities
https://team-sik.org/trent_portfolio/password-manager-apps/

Slack Insecure Cross Window Messaging
https://labs.detectify.com/2017/02/28/hacking-slack-using-postmessage-and-websocket-reconnect-to-steal-your-precious-token/

Google Voice Recognition Used to Break Google ReCaptcha Audio Challenge
https://east-ee.com/2017/02/28/rebreakcaptcha-breaking-googles-recaptcha-v2-using-google/

Discussion

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form