SANS Daily Network Security Podcast (Stormcast) for Monday, May 21st 2018

Redis Cryptocoin Mining Worm; Rowhammer over the Network; DrayTek CSRF Exploit

00:00

My Next Class

Intrusion Detection In-Depth	Online \| US Central	Oct 12th - Oct 17th 2020
Defending Web Applications Security Essentials	Online \| US Mountain	Oct 19th - Oct 24th 2020

… more classes

Help us make this podcast better by participating in a simple two question survey

Redis Cryptocoin Mining Worm
https://isc.sans.edu/forums/diary/Anatomy+of+a+Redis+mining+worm/23673/

Evolving Chrome's Security Indicator
https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html

DrayTek CSRF 0-Day Exploited to Change DNS Servers
https://www.draytek.co.uk/support/security-advisories/kb-advisory-csrf-and-dns-dhcp-web-attacks

Rowhammer Remote Exploit
https://www.cs.vu.nl/~herbertb/download/papers/throwhammer_atc18.pdf
https://arxiv.org/abs/1805.04956
Get a free ISC sticker (login required):
https://isc.sans.edu/sticker.html

iTunes

MP3 Download

RSS Feed

Google Play

Stitcher

Podbean

Amazon Echo

YouTube

Spreaker

iOS App

Spotify

Discussion

There is no mention in the Show Notes of the Spectre attack variation allowing data access inside of the System Management Mode (SMM) area of the CPU. Here is one link: https://www.bleepingcomputer.com/news/security/new-spectre-attack-recovers-data-from-a-cpus-protected-smm-mode/

Posted by SmilingGizmo on Mon May 21 2018, 13:53

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Top of page

Intrusion Detection In-Depth	Online \| US Central	Oct 12th - Oct 17th 2020
Defending Web Applications Security Essentials	Online \| US Mountain	Oct 19th - Oct 24th 2020