Handler on Duty: Johannes Ullrich
Threat Level: green
Podcast Detail
Finding Odd Domain Names; BitTorrent Sync 2.0 Log Files; BIND TSIG Exploit
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/5572.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 9th - May 14th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Finding Odd Domain Names
https://isc.sans.edu/forums/diary/Selecting+domains+with+random+names/22580/
BitTorrent Sync 2.0 Log Files
https://isc.sans.edu/forums/diary/Investigation+of+BitTorrent+Sync+v20+as+a+P2P+Cloud+Service+Part+2+Log+Files+artefacts/22582/
Cisco Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-esc2
Finding Weak Password Hashing Algorithms Via Hash Collisions
https://www.netsparker.com/blog/web-security/collision-based-hashing-algorithm-disclosure/
BIND TSIG Exploit
http://www.synacktiv.ninja/ressources/CVE-2017-3143_BIND9_TSIG_dynamic_updates_vulnerability_Synacktiv.pdf
https://isc.sans.edu/forums/diary/Selecting+domains+with+random+names/22580/
BitTorrent Sync 2.0 Log Files
https://isc.sans.edu/forums/diary/Investigation+of+BitTorrent+Sync+v20+as+a+P2P+Cloud+Service+Part+2+Log+Files+artefacts/22582/
Cisco Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-esc2
Finding Weak Password Hashing Algorithms Via Hash Collisions
https://www.netsparker.com/blog/web-security/collision-based-hashing-algorithm-disclosure/
BIND TSIG Exploit
http://www.synacktiv.ninja/ressources/CVE-2017-3143_BIND9_TSIG_dynamic_updates_vulnerability_Synacktiv.pdf
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 9th - May 14th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 4th - Sep 9th 2024 |