Podcast Detail

SANS Stormcast Monday, May 18th 2025: xorsearch python functions; pwn2own Berlin; senior govt official impersonation; dynamic domain risk

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9456.mp3

previous
Podcast Logo
xorsearch python functions; pwn2own Berlin; senior govt official impersonation; dynamic domain risk
00:00

xorsearch.py: Python Functions
Didier’s xorsearch tool now supports python functions to filter output
https://isc.sans.edu/diary/xorsearch.py%3A%20Python%20Functions/31858

Pwn2Own Berlin 2025
Last weeks Pwn2Own contest in Berlin allowed researchers to demonstrate a number of new exploits with a large focus on privilege escalation and virtual machine escape.
https://www.zerodayinitiative.com/blog/2025/5/17/pwn2own-berlin-2025-day-three-results

Senior US Officials Impersonated in Malicious Messaging Campaign
The FBI warns of senior US officials being impersonated in text and voice messages.
https://www.ic3.gov/PSA/2025/PSA250515

Scattered Spider: TTP Evolution in 2025
Pushscurity provided an update on how Scattered Spider evolved. One thing they noted was that Scattered Spider takes advantage of legit dynamic domain name systems to make detection more difficult
https://pushsecurity.com/blog/scattered-spider-ttp-evolution-in-2025/

no transcript found