Handler on Duty: Rob VandenBrink
Threat Level: green
Podcast Detail
Finding Log Gaps; IE Exploit; Zombinder; Cisco IP Phone Vuln; daloRADIUS vuln; SANS Holiday Hack Challenge
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/8284.mp3
My Next Class
| Intrusion Detection In-Depth | Online | Central European Time | Jan 30th - Feb 4th 2023 |
| Network Monitoring and Threat Detection In-Depth | Brussels | Jan 30th - Feb 4th 2023 |
Finding Gaps in Syslog
https://isc.sans.edu/diary/Finding%20Gaps%20in%20Syslog%20-%20How%20to%20find%20when%20nothing%20happened/29314
Internet Explorer Vulnerabilty used in Malicious Word Document
https://blog.google/threat-analysis-group/internet-explorer-0-day-exploited-by-north-korean-actor-apt37/
Zombinder Obfuscation Service used by Ermac
https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html
Cisco IP Phone Vulnerability CVE-2022-20968
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U
daloRADIUS Vulnerablity CVE-2022-23475
https://securityonline.info/cve-2022-23475-account-take-over-flaw-in-open-source-radius-web-management-app/
SANS Holiday Hack Challenge
https://www.sans.org/mlp/holiday-hack-challenge/
https://isc.sans.edu/diary/Finding%20Gaps%20in%20Syslog%20-%20How%20to%20find%20when%20nothing%20happened/29314
Internet Explorer Vulnerabilty used in Malicious Word Document
https://blog.google/threat-analysis-group/internet-explorer-0-day-exploited-by-north-korean-actor-apt37/
Zombinder Obfuscation Service used by Ermac
https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html
Cisco IP Phone Vulnerability CVE-2022-20968
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U
daloRADIUS Vulnerablity CVE-2022-23475
https://securityonline.info/cve-2022-23475-account-take-over-flaw-in-open-source-radius-web-management-app/
SANS Holiday Hack Challenge
https://www.sans.org/mlp/holiday-hack-challenge/
iTunes
MP3 Download
RSS Feed
Google
Stitcher
Podbean
Amazon Echo
YouTube
Spreaker
iOS App
Spotify
Discussion
Login here to join the discussion.
| Intrusion Detection In-Depth | Online | Central European Time | Jan 30th - Feb 4th 2023 |
| Network Monitoring and Threat Detection In-Depth | Brussels | Jan 30th - Feb 4th 2023 |
| Application Security: Securing Web Apps, APIs, and Microservices | Online | US Central | Feb 20th - Feb 25th 2023 |
