Podcast Detail

ISO Bumblebee Files; Google Drive Malware; Vanity URL Abuse; not so advanced npm attack

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/8004.mp3

Podcast Logo
SANS Daily Network Security Podcast (Stormcast) for Thursday, May 12th, 2022
00:00

My Next Class

… more classes

Interested in Internet Storm Center stickers? Check here if there are still some available for today.

TA578 Using Thread-Hijacked Emails to Push ISO Files for Bumblebee Malware
https://isc.sans.edu/forums/diary/TA578+using+threadhijacked+emails+to+push+ISO+files+for+Bumblebee+malware/28636/

Google Drive Emerges as Top App for Malware Downloads
https://www.helpnetsecurity.com/2022/05/11/malicious-pdf-search-engines/

Vanity URL Abuse
https://www.varonis.com/blog/url-spoofing

npm Supply Chain Attack Turns Out to be Part of Penetration Test
https://jfrog.com/blog/npm-supply-chain-attack-targets-german-based-companies/