Podcast Detail

SANS Stormcast Thursday, November 20th, 2025: Unicode Issues; FortiWeb More Vulns; DLink DIR-878 Vuln; Operation WrtHug and ASUS Routers

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9708.mp3

previous
Podcast Logo
Unicode Issues; FortiWeb More Vulns; DLink DIR-878 Vuln; Operation WrtHug and ASUS Routers
00:00

My Next Class

Application Security: Securing Web Apps, APIs, and MicroservicesDallasDec 1st - Dec 6th 2025
Network Monitoring and Threat Detection In-DepthOnline | Central European TimeDec 15th - Dec 20th 2025

… more classes


Unicode: It is more than funny domain names.
Unicode can cause a number of issues due to odd features like variance selectors and text direction issues.
https://isc.sans.edu/diary/Unicode%3A%20It%20is%20more%20than%20funny%20domain%20names./32472

FortiWeb Multiple OS command injection in API and CLI
A second silently patched vulnerability in FortiWeb is already being exploited in the wild.
https://fortiguard.fortinet.com/psirt/FG-IR-25-513

DLink DIR-878 Vulnerability
DLink disclosed four different vulnerabilities in its popular DIR-878 router. The router is end-of-life and DLink will not release patches
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10475

Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
A new report, “Operation WrtHug,” has uncovered a massive, coordinated effort that has compromised thousands of ASUS routers worldwide.
https://securityscorecard.com/blog/operation-wrthug-the-global-espionage-campaign-hiding-in-your-home-router/

no transcript found