Podcast Detail

SANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9494.mp3

Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil

00:00

Application Security: Securing Web Apps, APIs, and Microservices	Washington	Jul 14th - Jul 19th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Las Vegas	Sep 22nd - Sep 27th 2025

Katz Stealer in JPG
Xavier found some multistage malware that uses an Excel Spreadsheet and an HTA file to load an image that includes embeded a copy of Katz stealer.
https://isc.sans.edu/diary/More+Steganography/32044

https://unit42.paloaltonetworks.com/malicious-javascript-using-jsfiretruck-as-obfuscation/
JavaScript obfuscated with JSF*CK is being used on over 200,000 websites to direct victims to malware

Expired Discord Invite Links Used for Malware Distribution
Expired discord invite links are revived as vanity links to direct victims to malware sites
https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/

iTunes

MP3 Download

RSS Feed

Google

Podbean

Amazon Echo

YouTube

Spreaker

Spotify

Application Security: Securing Web Apps, APIs, and Microservices	Washington	Jul 14th - Jul 19th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Las Vegas	Sep 22nd - Sep 27th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Denver	Oct 4th - Oct 9th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Dallas	Dec 1st - Dec 6th 2025

no transcript found