Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
DNS Queries Noise; BAT mods on the fly; "-" npm; RPC Filters vs PetitPotam; Pneumatic Vulnerabilities
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/7612.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Unsolicited DNS Queries
https://isc.sans.edu/forums/diary/Unsolicited+DNS+Queries/27694/
Changing BAT Files on the Fly
https://isc.sans.edu/forums/diary/Changing+BAT+Files+On+The+Fly/27700/
Empty NPM Package has Over 700,000 Downloads
https://www.bleepingcomputer.com/news/software/empty-npm-package-has-over-700-000-downloads-heres-why/
Blocking PetitPotam with netsh RPC Filters
https://twitter.com/gentilkiwi/status/1421949715986403329
Pneumatic Tube Vulnerabilities
https://www.blackhat.com/us-21/briefings/schedule/index.html#a-hole-in-the-tube-uncovering-vulnerabilities-in-critical-infrastructure-of-healthcare-facilities-23546
https://isc.sans.edu/forums/diary/Unsolicited+DNS+Queries/27694/
Changing BAT Files on the Fly
https://isc.sans.edu/forums/diary/Changing+BAT+Files+On+The+Fly/27700/
Empty NPM Package has Over 700,000 Downloads
https://www.bleepingcomputer.com/news/software/empty-npm-package-has-over-700-000-downloads-heres-why/
Blocking PetitPotam with netsh RPC Filters
https://twitter.com/gentilkiwi/status/1421949715986403329
Pneumatic Tube Vulnerabilities
https://www.blackhat.com/us-21/briefings/schedule/index.html#a-hole-in-the-tube-uncovering-vulnerabilities-in-critical-infrastructure-of-healthcare-facilities-23546
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Jun 2nd - Jun 7th 2025 |