Podcast Detail

SANS Stormcast Thursday, September 18th, 2025: DLL Hooking; Entra ID Actor Tokens; Watchguard and NVidia Patches

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9618.mp3

Podcast Logo
DLL Hooking; Entra ID Actor Tokens; Watchguard and NVidia Patches
00:00

CTRL-Z DLL Hooking
Attackers may use a simple reload trick to overwrite breakpoints left by analysts to reverse malicious binaries.
https://isc.sans.edu/diary/CTRL-Z%20DLL%20Hooking/32294


Global Admin in every Entra ID tenant via Actor tokens
As part of September’s patch Tuesday, Microsoft patched CVE-2025-55241. The discoverer of the vulnerability,
Dirk-jan Mollema has published a blog post showing how this vulnerability could have been exploited.
https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/

WatchGuard  Firebox iked Out of Bounds Write Vulnerability CVE-2025-9242
WatchGuard patched an out-of-bounds write vulnerability, which could allow an unauthenticated attacker to compromise the devices.
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015


NVidia Triton Inference Server
NVIDIA patched critical vulnerabilities in its Triton Inference Server.
https://nvidia.custhelp.com/app/answers/detail/a_id/5691

no transcript found