Handler on Duty: Guy Bruneau
Threat Level: green
Podcast Detail
RTRBK diff feature; Google Legacy Windows Support Ending; SHC Malware; ManageEngine SQLi; ForiADC command injection;
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/8312.mp3
My Next Class
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Update to RTRBK - Diff and File Dates in PowerShell
https://isc.sans.edu/diary/Update%20to%20RTRBK%20-%20Diff%20and%20File%20Dates%20in%20PowerShell/29400
Google Chrome Sunsetting Legacy Windows Support
https://support.google.com/chrome/thread/185534985/sunsetting-support-for-windows-7-8-8-1-in-early-2023?hl=en
SHC used to compile cryptominer malware
https://asec.ahnlab.com/en/45182/
ManageEngine Password Manager Pro SQL Injection
https://pitstop.manageengine.com/portal/en/community/topic/manageengine-security-advisory—important-security-fix-released-for-manageengine-password-manager-pro-2-1-2023#:~:text=critical%20security%20vulnerability
ForiADC Command Injection in Web Interface
https://www.fortiguard.com/psirt/FG-IR-22-061
Raspberry Robin Developments
https://www.securityjoes.com/post/raspberry-robin-detected-itw-targeting-insurance-financial-institutes-in-europe
https://isc.sans.edu/diary/Update%20to%20RTRBK%20-%20Diff%20and%20File%20Dates%20in%20PowerShell/29400
Google Chrome Sunsetting Legacy Windows Support
https://support.google.com/chrome/thread/185534985/sunsetting-support-for-windows-7-8-8-1-in-early-2023?hl=en
SHC used to compile cryptominer malware
https://asec.ahnlab.com/en/45182/
ManageEngine Password Manager Pro SQL Injection
https://pitstop.manageengine.com/portal/en/community/topic/manageengine-security-advisory—important-security-fix-released-for-manageengine-password-manager-pro-2-1-2023#:~:text=critical%20security%20vulnerability
ForiADC Command Injection in Web Interface
https://www.fortiguard.com/psirt/FG-IR-22-061
Raspberry Robin Developments
https://www.securityjoes.com/post/raspberry-robin-detected-itw-targeting-insurance-financial-institutes-in-europe
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |