Podcast Detail

SANS Stormcast Friday, October 17th, 2025: New Slack Workspace; Cisco SNMP Exploited; BIOS Backdoor; @sans_edu reseach: Active Defense

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9660.mp3

previous
Podcast Logo
New Slack Workspace; Cisco SNMP Exploited; BIOS Backdoor; @sans_edu reseach: Active Defense
00:00

New DShield Support Slack Workspace
Due to an error on Salesforce’s side, we had to create a new Slack Workspace for DShield support.
https://isc.sans.edu/diary/New%20DShield%20Support%20Slack/32376

Attackers Exploiting Recently Patched Cisco SNMP Flaw (CVE-2025-20352)
Trend Micro published details explaining how attackers took advantage of a recently patched Cisco SNMP Vulnerability
https://www.trendmicro.com/en_us/research/25/j/operation-zero-disco-cisco-snmp-vulnerability-exploit.html
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte

Framework BIOS Backdoor
The mm command impleneted in Framework BIOS shells can be used to compromise a device pre-boot.
https://eclypsium.com/blog/bombshell-the-signed-backdoor-hiding-in-plain-sight-on-framework-devices/

SANS.edu Research: Mark Stephens, Validating the Effectiveness of MITRE Engage and Active Defense
https://www.sans.edu/cyber-research/validating-effectiveness-mitre-engage-active-defense/

no transcript found