Podcast Detail

SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9738.mp3

previous
Podcast Logo
DLL Entry Points; ClickFix and Finger; Apple Patches
00:00

Abusing DLLs EntryPoint for the Fun
DLLs will not just execute code when some of their functions are called, but also as they are loaded.
https://isc.sans.edu/diary/Abusing%20DLLs%20EntryPoint%20for%20the%20Fun/32562

Apple Patches Everything: December 2025 Edition
Apple released patches for all of its operating systems, fixing two already exploited vulnerabilities.
ClickFix Attacks Still Using the Finger

ClickFix Attacks Still Using the Finger
Two examples of ClickFix attacks abusing the finger protocol to load additional malware
Denial of Service and Source Code Exposure in React Server Components


Denial of Service and Source Code Exposure in React Server Components
After last week's critical patch, three more, but less critical, vulnerabilities were identified in React Server Components.
https://react.dev/blog/2025/12/11/denial-of-service-and-source-code-exposure-in-react-server-components

no transcript found