Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
Malicious Word Doc; Malware Bazaar Dailies; Go/Rust Octal IP Vuln; Master Faces; Pulse(In)Secure; Hadoop RCE Exploited
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/7620.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Malicious Microsoft Word Remains A Key Infection Vector
https://isc.sans.edu/forums/diary/Malicious+Microsoft+Word+Remains+A+Key+Infection+Vector/27716/
Malware Bazaar Daily Download
https://isc.sans.edu/forums/diary/MALWARE+Bazaar+Download+daily+malware+batches/27728/
Go/Rust IP Address Validation Vulnerability
https://github.com/rust-lang/rust/pull/83652
Facial Recognition "Master Keys"
https://arxiv.org/pdf/2108.01077.pdf
Pulse Secure Patch Bypass
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858
Hadoop ResourceManager Vulnerability Exploited
https://blog.netlab.360.com/wei-xie-kuai-xun-teamtntxin-huo-dong-tong-guo-gan-ran-wang-ye-wen-jian-ti-gao-chuan-bo-neng-li/
https://isc.sans.edu/forums/diary/Malicious+Microsoft+Word+Remains+A+Key+Infection+Vector/27716/
Malware Bazaar Daily Download
https://isc.sans.edu/forums/diary/MALWARE+Bazaar+Download+daily+malware+batches/27728/
Go/Rust IP Address Validation Vulnerability
https://github.com/rust-lang/rust/pull/83652
Facial Recognition "Master Keys"
https://arxiv.org/pdf/2108.01077.pdf
Pulse Secure Patch Bypass
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858
Hadoop ResourceManager Vulnerability Exploited
https://blog.netlab.360.com/wei-xie-kuai-xun-teamtntxin-huo-dong-tong-guo-gan-ran-wang-ye-wen-jian-ti-gao-chuan-bo-neng-li/
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Jun 2nd - Jun 7th 2025 |