Podcast Detail

SANS Stormcast Friday, August 15th, 2025: Analysing Attack with AI; Proxyware via YouTube; Xerox FreeFlow Vuln; Evaluating Zero Trust @SANS_edu

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9572.mp3

previous
Podcast Logo
Analysing Attack with AI; Proxyware via YouTube; Xerox FreeFlow Vuln; Evaluating Zero Trust @SANS_edu
00:00

AI and Faster Attack Analysis
A few use cases for LLMs to speed up analysis
https://isc.sans.edu/diary/AI%20and%20Faster%20Attack%20Analysis%20%5BGuest%20Diary%5D/32198


Proxyware Malware Being Distributed on YouTube Video Download Site
Popular YouTube download sites will attempt to infect users with proxyware.
https://asec.ahnlab.com/en/89574/

Xerox Freeflow Core Vulnerability
Horizon3.ai discovered XXE Injection (CVE-2025-8355) and Path Traversal (CVE-2025-8356) vulnerabilities in Xerox FreeFlow Core, a print orchestration platform. These vulnerabilities are easily exploitable and enable unauthenticated remote attackers to achieve remote code execution on vulnerable FreeFlow Core instances. 
https://horizon3.ai/attack-research/attack-blogs/from-support-ticket-to-zero-day/

SANS.edu Research: Darren Carstensen Evaluating Zero Trust Network Access: A Framework for Comparative Security Testing
Not all Zero Trust Network Access (ZTNA) solutions are created equal, and despite bold marketing claims, many fall short of delivering proper Zero Trust security.
https://www.sans.edu/cyber-research/evaluating-zero-trust-network-access-framework-comparative-security-testing/

no transcript found