Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: #Struts2 Update; Drupal7 Services Module RCE; Haraka Xploit - SANS Internet Storm Center #Struts2 Update; Drupal7 Services Module RCE; Haraka Xploit


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
podcast logo

ISC StormCast for Friday, March 10th 2017

A daily summary of network and system security news from the SANS Internet Storm Center
Author:Johannes B. Ullrich, Ph.D.
Created: Friday, March 10th 2017
Length: 5:18 minutes
Today's Headline: #Struts2 Update; Drupal7 Services Module RCE; Haraka Xploit

If you like this podcast, then please consider telling others about it. Use this button to Tweet about this episode: click here. Errors? Corrections? Complaints? Player Problems? Please let us know here: https://isc.sans.edu/contact.html

Plain HTML5 Player
JavaScript (with skip back/forward)

Show Notes

Struts 2 Update
https://isc.sans.edu/forums/diary/Critical+Apache+Struts+2+Vulnerability+Patch+Now/22169/

Exploits Against Haraka Mail Server
https://github.com/outflanknl/Exploits/blob/master/harakiri-CVE-2016-1000282.py

Android Password Stealing Apps
http://www.welivesecurity.com/2017/03/09/new-instagram-credentials-stealers-discovered-google-play/

Drupal Services Module Vulnerability and Exploit
https://www.ambionics.io/blog/drupal-services-module-rce
https://www.drupal.org/node/2858847

Discussion

Thank you Johannes B. Ullrich,
Posted by Netmanzim on Fri Mar 10 2017, 09:42

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form