Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: More Struts Issues; Equifax Compromise; - SANS Internet Storm Center More Struts Issues; Equifax Compromise;


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
podcast logo

ISC StormCast for Friday, September 8th 2017

A daily summary of cyber security news from the SANS Internet Storm Center
Author:Johannes B. Ullrich, Ph.D.
See below for a schedule of classes I teach.
Created: Friday, September 8th 2017
Length: 15:37 minutes
Today's Headline: More Struts Issues; Equifax Compromise;

If you like this podcast, then please consider telling others about it. Use this button to Tweet about this episode: click here. Errors? Corrections? Complaints? Player Problems? Please let us know here: https://isc.sans.edu/contact.html

Plain HTML5 Player
Fancy Player (with skip back/forward)

Show Notes

Yet Another Struts RCE Vulnerability
https://struts.apache.org/docs/s2-053.html

Equifax Compromise
https://www.bloomberg.com/news/articles/2017-09-07/three-equifax-executives-sold-stock-before-revealing-cyber-hack

Hash Extension Flaws
https://isc.sans.edu/forums/diary/Modern+Web+Application+Penetration+Testing+Hash+Length+Extension+Attacks/22792/

Matt Hosburgh: Offensive Intrusion Analysis: Uncovering Insiders with Threat Hunting and Active Defense

Discussion

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Interested in attending one of my classes? See below for my current schedule.

Defending Web Applications Security EssentialsSan FranciscoMar 12th - Mar 17th 2018
Defending Web Applications Security EssentialsRestonMay 20th - May 25th 2018
Intrusion Detection In-DepthSan AntonioAug 6th - Aug 11th 2018
Defending Web Applications Security EssentialsAmsterdamSep 3rd - Sep 8th 2018
Defending Web Applications Security EssentialsLas VegasSep 23rd - Sep 28th 2018