Podcast Detail

SANS Stormcast Thursday, September 4th, 2025: Dassault DELMIA Apriso Exploit Attempts; Android Updates; 1.1.1.1 Certificate Issued

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9598.mp3

Dassault DELMIA Apriso Exploit Attempts; Android Updates; 1.1.1.1 Certificate Issued

00:00

Application Security: Securing Web Apps, APIs, and Microservices	Las Vegas	Sep 22nd - Sep 27th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Denver	Oct 4th - Oct 9th 2025

Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086
Our honeypots detected attacks against the manufacturing management system DELMIA Apriso. The deserialization vulnerability was patched in June and is one of a few critical vulnerabilities patched in recent months.
https://isc.sans.edu/diary/Exploit%20Attempts%20for%20Dassault%20DELMIA%20Apriso.%20CVE-2025-5086/32256

Android Bulletin
Google released its September update, fixing two already-exploited privilege escalation flaws and some remote code execution issues.
https://source.android.com/docs/security/bulletin/2025-09-01

Mis-issued Certificates for SAN iPAddress:1.1.1.1 by Fina RDC 2020
Certificate authority Fina RDC issues a certificate for Cloudflare’s IP address 1.1.1.1
https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/SgwC1QsEpvc

iTunes

MP3 Download

RSS Feed

Google

Podbean

Amazon Echo

YouTube

Spreaker

Spotify

Application Security: Securing Web Apps, APIs, and Microservices	Las Vegas	Sep 22nd - Sep 27th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Denver	Oct 4th - Oct 9th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Dallas	Dec 1st - Dec 6th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Orlando	Mar 29th - Apr 3rd 2026
Network Monitoring and Threat Detection In-Depth	Amsterdam	Apr 20th - Apr 25th 2026

no transcript found