Handler on Duty: Jan Kopriva
Threat Level: green
Podcast Detail
Phishing Avoiding Reports; PyPi Cryptominer; dovecot TLS Fix; Incomplete Sonicwall Patch
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/7554.mp3
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Phishing asking recipients not to report abuse
https://isc.sans.edu/forums/diary/Phishing+asking+recipients+not+to+report+abuse/27556/
PyPi Cryptomining Malware
https://blog.sonatype.com/sonatype-catches-new-pypi-cryptomining-malware-via-automated-detection
Dovecot TLS Implementation Vulnerability
https://hackerone.com/reports/1204962
(see the link to the PDF for more details)
Sonicwall Patch Incomplete
https://www.tripwire.com/state-of-security/featured/analyzing-sonicwalls-unsuccessful-fix-for-cve-2020-5135/
https://isc.sans.edu/forums/diary/Phishing+asking+recipients+not+to+report+abuse/27556/
PyPi Cryptomining Malware
https://blog.sonatype.com/sonatype-catches-new-pypi-cryptomining-malware-via-automated-detection
Dovecot TLS Implementation Vulnerability
https://hackerone.com/reports/1204962
(see the link to the PDF for more details)
Sonicwall Patch Incomplete
https://www.tripwire.com/state-of-security/featured/analyzing-sonicwalls-unsuccessful-fix-for-cve-2020-5135/
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form