SANS Daily Network Security Podcast (Stormcast) for Monday, May 21st 2018

Redis Cryptocoin Mining Worm; Rowhammer over the Network; DrayTek CSRF Exploit

00:00

My Next Class

Intrusion Detection In-Depth	London	Sep 23rd - Sep 28th 2019
Intrusion Detection In-Depth	Chicago	Oct 9th - Oct 14th 2019

… more classes

Help us make this podcast better by participating in a simple two question survey

Redis Cryptocoin Mining Worm
https://isc.sans.edu/forums/diary/Anatomy+of+a+Redis+mining+worm/23673/

Evolving Chrome's Security Indicator
https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html

DrayTek CSRF 0-Day Exploited to Change DNS Servers
https://www.draytek.co.uk/support/security-advisories/kb-advisory-csrf-and-dns-dhcp-web-attacks

Rowhammer Remote Exploit
https://www.cs.vu.nl/~herbertb/download/papers/throwhammer_atc18.pdf
https://arxiv.org/abs/1805.04956
Get a free ISC sticker (login required):
https://isc.sans.edu/sticker.html

iTunes

MP3 Download

RSS Feed

Google Play

Stitcher

Podbean

Amazon Echo

YouTube

Spreaker

iOS App

Spotify

Discussion

There is no mention in the Show Notes of the Spectre attack variation allowing data access inside of the System Management Mode (SMM) area of the CPU. Here is one link: https://www.bleepingcomputer.com/news/security/new-spectre-attack-recovers-data-from-a-cpus-protected-smm-mode/

Posted by SmilingGizmo on Mon May 21 2018, 13:53

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Top of page

Intrusion Detection In-Depth	London	Sep 23rd - Sep 28th 2019
Intrusion Detection In-Depth	Chicago	Oct 9th - Oct 14th 2019
Intrusion Detection In-Depth	Santa Monica	Oct 21st - Oct 26th 2019
Defending Web Applications Security Essentials	San Francisco	Dec 2nd - Dec 7th 2019
Defending Web Applications Security Essentials	San Francisco	Mar 16th - Mar 21st 2020
Defending Web Applications Security Essentials	Amsterdam	May 11th - May 16th 2020