Handler on Duty: Didier Stevens
Threat Level: green
Podcast Detail
Multifacetted Bash Script; More/Larger Memcached DDOS; Spring Data REST Vuln
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/5897.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Jul 14th - Jul 19th 2025 |
Malicious Bash Script with Multiple Features
https://isc.sans.edu/forums/diary/Malicious+Bash+Script+with+Multiple+Features/23411/
More Memcached DDoS Attacks
https://www.arbornetworks.com/blog/asert/netscout-arbor-confirms-1-7-tbps-ddos-attack-terabit-attack-era-upon-us/
Spring Framework Vulnerability
https://lgtm.com/blog/spring_data_rest_CVE-2017-8046
LTE Vulnerabilities
http://homepage.divms.uiowa.edu/~comarhaider/publications/LTE_NDSS18_paper.pdf
https://isc.sans.edu/forums/diary/Malicious+Bash+Script+with+Multiple+Features/23411/
More Memcached DDoS Attacks
https://www.arbornetworks.com/blog/asert/netscout-arbor-confirms-1-7-tbps-ddos-attack-terabit-attack-era-upon-us/
Spring Framework Vulnerability
https://lgtm.com/blog/spring_data_rest_CVE-2017-8046
LTE Vulnerabilities
http://homepage.divms.uiowa.edu/~comarhaider/publications/LTE_NDSS18_paper.pdf
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Jul 14th - Jul 19th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 22nd - Sep 27th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Denver | Oct 4th - Oct 9th 2025 |