SANS Daily Network Security Podcast (Stormcast) for Monday, May 21st 2018

Redis Cryptocoin Mining Worm; Rowhammer over the Network; DrayTek CSRF Exploit

00:00

My Next Class

Defending Web Applications Security Essentials	San Francisco	Dec 2nd - Dec 7th 2019
Defending Web Applications Security Essentials	San Francisco	Mar 16th - Mar 21st 2020

… more classes

Help us make this podcast better by participating in a simple two question survey

Redis Cryptocoin Mining Worm
https://isc.sans.edu/forums/diary/Anatomy+of+a+Redis+mining+worm/23673/

Evolving Chrome's Security Indicator
https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html

DrayTek CSRF 0-Day Exploited to Change DNS Servers
https://www.draytek.co.uk/support/security-advisories/kb-advisory-csrf-and-dns-dhcp-web-attacks

Rowhammer Remote Exploit
https://www.cs.vu.nl/~herbertb/download/papers/throwhammer_atc18.pdf
https://arxiv.org/abs/1805.04956
Get a free ISC sticker (login required):
https://isc.sans.edu/sticker.html

iTunes

MP3 Download

RSS Feed

Google Play

Stitcher

Podbean

Amazon Echo

YouTube

Spreaker

iOS App

Spotify

Discussion

There is no mention in the Show Notes of the Spectre attack variation allowing data access inside of the System Management Mode (SMM) area of the CPU. Here is one link: https://www.bleepingcomputer.com/news/security/new-spectre-attack-recovers-data-from-a-cpus-protected-smm-mode/

Posted by SmilingGizmo on Mon May 21 2018, 13:53

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Top of page

Defending Web Applications Security Essentials	San Francisco	Dec 2nd - Dec 7th 2019
Defending Web Applications Security Essentials	San Francisco	Mar 16th - Mar 21st 2020
Defending Web Applications Security Essentials	Amsterdam	May 11th - May 16th 2020
IPv6 Essentials	Amsterdam	May 17th - May 18th 2020
Intrusion Detection In-Depth	Las Vegas	Jun 8th - Jun 13th 2020
Defending Web Applications Security Essentials	Cupertino	Jun 22nd - Jun 27th 2020