Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Exploiting Blind SQL Injection; Netgear Bugs; Hotspot Shield DNS Rebinding - SANS Internet Storm Center Exploiting Blind SQL Injection; Netgear Bugs; Hotspot Shield DNS Rebinding


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
podcast logo

ISC StormCast for Friday, February 9th 2018

A daily summary of cyber security news from the SANS Internet Storm Center
Author:Johannes B. Ullrich, Ph.D.
See below for a schedule of classes I teach.
Created: Friday, February 9th 2018
Length: 6:07 minutes
Today's Headline: Exploiting Blind SQL Injection; Netgear Bugs; Hotspot Shield DNS Rebinding

If you like this podcast, then please consider telling others about it. Use this button to Tweet about this episode: click here. Errors? Corrections? Complaints? Player Problems? Please let us know here: https://isc.sans.edu/contact.html

Plain HTML5 Player
Fancy Player (with skip back/forward)

Show Notes

Exploiting Blind SQL Injection and Division by Zero Exceptions
https://isc.sans.edu/forums/diary/SQL+injection+and+division+by+zero+exceptions/23325/

Netgear Router Flaws
https://www.trustwave.com/Resources/SpiderLabs-Blog/Multiple-Vulnerabilities-in-NETGEAR-Routers/

Apple's iBoot Source Code Leaks on Github
https://github.com/github/dmca/blob/master/2018/2018-02-07-Apple.md

Hotspot Shield VPN Vulnerable to DNS Rebinding
http://www.paulosyibelo.com/2018/02/hotspot-shield-cve-2018-6460-sensitive.html

UDPOS Exfiltrates Credit Card Data from PoS Systems via DNS
https://blogs.forcepoint.com/security-labs/udpos-exfiltrating-credit-card-data-dns

Discussion

Login here to join the discussion.

Interested in attending one of my classes? See below for my current schedule.

Defending Web Applications Security EssentialsSan FranciscoMar 12th - Mar 17th 2018
Defending Web Applications Security EssentialsRestonMay 20th - May 25th 2018
Intrusion Detection In-DepthSan AntonioAug 6th - Aug 11th 2018
Defending Web Applications Security EssentialsAmsterdamSep 3rd - Sep 8th 2018
Defending Web Applications Security EssentialsLas VegasSep 23rd - Sep 28th 2018