Handler on Duty: Didier Stevens
Threat Level: green
Podcast Detail
RedLine Stealer; Google QR Code Bug; Linux Kernel Bug; Crypto.com 2FA Bypass; Windows GPOs to Avoid
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/7846.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
RedLine Stealer Delivered Through FTP
https://isc.sans.edu/forums/diary/RedLine+Stealer+Delivered+Through+FTP/28258/
Google Camera Alters QR Codes
https://www.heise.de/hintergrund/Googles-Kamera-verfaelscht-Links-in-QR-Codes-6332669.html
https://www.androidpolice.com/google-camera-randomly-changes-some-qr-code-urls-on-android-12/
Linux Kernel Privilege Escalation / Container Escape
https://seclists.org/oss-sec/2022/q1/54
https://access.redhat.com/security/cve/cve-2022-0185
Crypto.com 2FA Bypass
https://threatpost.com/2fa-bypassed-crypto-com-heist/177846/
Windows Policies to Avoid
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/why-you-shouldn-t-set-these-25-windows-policies/ba-p/3066178
https://isc.sans.edu/forums/diary/RedLine+Stealer+Delivered+Through+FTP/28258/
Google Camera Alters QR Codes
https://www.heise.de/hintergrund/Googles-Kamera-verfaelscht-Links-in-QR-Codes-6332669.html
https://www.androidpolice.com/google-camera-randomly-changes-some-qr-code-urls-on-android-12/
Linux Kernel Privilege Escalation / Container Escape
https://seclists.org/oss-sec/2022/q1/54
https://access.redhat.com/security/cve/cve-2022-0185
Crypto.com 2FA Bypass
https://threatpost.com/2fa-bypassed-crypto-com-heist/177846/
Windows Policies to Avoid
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/why-you-shouldn-t-set-these-25-windows-policies/ba-p/3066178
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |