Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Drupal RCE Exploit (CVE-2018-7600); Broken Macros; Pastebin XSS Vulnerability - SANS Internet Storm Center Drupal RCE Exploit (CVE-2018-7600); Broken Macros; Pastebin XSS Vulnerability


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
podcast logo

ISC StormCast for Friday, April 13th 2018

A daily summary of cyber security news from the SANS Internet Storm Center
Author:Johannes B. Ullrich, Ph.D.
See below for a schedule of classes I teach.
Created: Friday, April 13th 2018
Length: 5:56 minutes
Today's Headline: Drupal RCE Exploit (CVE-2018-7600); Broken Macros; Pastebin XSS Vulnerability

If you like this podcast, then please consider telling others about it. Use this button to Tweet about this episode: click here. Errors? Corrections? Complaints? Player Problems? Please let us know here: https://isc.sans.edu/contact.html

Plain HTML5 Player
Fancy Player (with skip back/forward)

Show Notes

Drupal RCE Exploit Released
https://isc.sans.edu/forums/diary/Drupal+CVE20187600+PoC+is+Public/23549/

Broken Macro in Malspam Campaign
https://isc.sans.edu/forums/diary/Glitch+in+malspam+campaign+temporarily+reduces+spread+of+GandCrab/23547/

New Random Number Generator Using Entagled Photons
https://www.nature.com/articles/s41586-018-0019-0.epdf

Fake Updates Campaign Spreading Malware
https://blog.malwarebytes.com/threat-analysis/2018/04/fakeupdates-campaign-leverages-multiple-website-platforms/

Coinsecure Loses 438 BTC in Insider Attack
http://archive.is/Riwv6

Pastebin XSS Vulnerability
https://github.com/Nhoya/PastebinMarkdownXSS

Discussion

Login here to join the discussion.

Interested in attending one of my classes? See below for my current schedule.

Defending Web Applications Security EssentialsRestonMay 20th - May 25th 2018
Intrusion Detection In-DepthSan AntonioAug 6th - Aug 11th 2018
Defending Web Applications Security EssentialsAmsterdamSep 3rd - Sep 8th 2018
Defending Web Applications Security EssentialsLas VegasSep 23rd - Sep 28th 2018