Podcast Detail

SANS Stormcast Wednesday, May 21st 2025: Researchers Scanning the Internet; Forgotten DNS Records; openpgp.js Vulneraiblity

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9460.mp3

previous
Podcast Logo
Researchers Scanning the Internet; Forgotten DNS Records; openpgp.js Vulneraiblity
00:00

Researchers Scanning the Internet
A “newish” RFC, RFC 9511, suggests researchers identify themselves by adding strings to the traffic they send, or by operating web servers on machines from which the scan originates. We do offer lists of researchers and just added three new groups today
https://isc.sans.edu/diary/Researchers%20Scanning%20the%20Internet/31964

Cloudy with a change of Hijacking: Forgotten DNS Records
Organizations do not always remove unused CNAME records. An attacker may take advantage of this if an attacker is able to take possession of the now unused public cloud resource the name pointed to.
https://blogs.infoblox.com/threat-intelligence/cloudy-with-a-chance-of-hijacking-forgotten-dns-records-enable-scam-actor/

Message signature verification can be spoofed CVE-2025-47934
A vulnerability in openpgp.js may be used to spoof message signatures. openpgp.js is a popular library in systems implementing end-to-end encrypted browser applications.
https://github.com/openpgpjs/openpgpjs/security/advisories/GHSA-8qff-qr5q-5pr8


no transcript found