Handler on Duty: Rob VandenBrink
Threat Level: green
Podcast Detail
DoS Turns of Heat to Finish Appartments; #DLink HNAP Vuln; 2 MSFT Bug PoCs
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/5247.mp3
SANS Daily Network Security Podcast (Stormcast) for Thursday, November 10th 2016
00:00
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 9th - May 14th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
DoS Attack Turns off Heat for More then a Week
http://www.hs.fi/kotimaa/a1478495966653 (finish only)
DLink HNAP Vulnerability
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/dlink-hnap-login.txt
PoC Exploits Available for Two MSFT Vulnerabilities
https://github.com/tinysec/public/tree/master/CVE-2016-7255
https://g-laurent.blogspot.com/2016/11/ms16-137-lsass-remote-memory-corruption.html
OpenSSL Patch Pre-Announced
https://mta.openssl.org/pipermail/openssl-announce/2016-November/000085.html
Hue Lightbulb Exploit/Worm
http://iotworm.eyalro.net (Sophos labels this link as "Spam", but appears to be harmless)
http://www.hs.fi/kotimaa/a1478495966653 (finish only)
DLink HNAP Vulnerability
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/dlink-hnap-login.txt
PoC Exploits Available for Two MSFT Vulnerabilities
https://github.com/tinysec/public/tree/master/CVE-2016-7255
https://g-laurent.blogspot.com/2016/11/ms16-137-lsass-remote-memory-corruption.html
OpenSSL Patch Pre-Announced
https://mta.openssl.org/pipermail/openssl-announce/2016-November/000085.html
Hue Lightbulb Exploit/Worm
http://iotworm.eyalro.net (Sophos labels this link as "Spam", but appears to be harmless)
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 9th - May 14th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 4th - Sep 9th 2024 |