Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
New Sandworm; Ukraine Wiper; Log4Shell Wrapup; pfsense authenticated RCE; BVP47
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/7894.mp3
SANS Daily Network Security Podcast (Stormcast) for Thursday, February 24th, 2022
00:00
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
New Sandworm Malware Cyclops Blink Replaces VPNFilter
https://www.ncsc.gov.uk/news/joint-advisory-shows-new-sandworm-malware-cyclops-blink-replaces-vpnfilter
Wiper Malware Seen Deployed Against Targets in the Ukraine
https://twitter.com/juanandres_gs/status/1496581710368358400
https://twitter.com/ESETresearch/status/1496581903205511181
The Rise and Fall of log4shell
https://isc.sans.edu/forums/diary/The+Rise+and+Fall+of+log4shell/28372/
pfsense authenticated RCE
https://www.shielder.it/advisories/pfsense-remote-command-execution/
BVP47 Backdoor
https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf
https://www.ncsc.gov.uk/news/joint-advisory-shows-new-sandworm-malware-cyclops-blink-replaces-vpnfilter
Wiper Malware Seen Deployed Against Targets in the Ukraine
https://twitter.com/juanandres_gs/status/1496581710368358400
https://twitter.com/ESETresearch/status/1496581903205511181
The Rise and Fall of log4shell
https://isc.sans.edu/forums/diary/The+Rise+and+Fall+of+log4shell/28372/
pfsense authenticated RCE
https://www.shielder.it/advisories/pfsense-remote-command-execution/
BVP47 Backdoor
https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Jun 2nd - Jun 7th 2025 |