Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
Zalando Phish/RAT; WinRAR Code Exec; Hotmail SPF Fail; Ivacy VPN Cert Abused; Chrome Extension Warning;
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/8624.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
From a Zalando Phish to a RAT
https://isc.sans.edu/diary/From%20a%20Zalando%20Phishing%20to%20a%20RAT/30136
RARLAB WinRAR Recovery Volume Vulnerability
https://www.zerodayinitiative.com/advisories/ZDI-23-1152/
Hotmail SPF Record Error Leads to spam false positives
https://www.bleepingcomputer.com/news/microsoft/hotmail-email-delivery-fails-after-microsoft-misconfigures-dns/
Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector
https://www.sentinelone.com/labs/chinese-entanglement-dll-hijacking-in-the-asian-gambling-sector/
Google Chrome to Warn Users of Malicious Extensions
https://betanews.com/2023/08/17/google-chrome-to-warn-users-about-problematic-extensions/
https://isc.sans.edu/diary/From%20a%20Zalando%20Phishing%20to%20a%20RAT/30136
RARLAB WinRAR Recovery Volume Vulnerability
https://www.zerodayinitiative.com/advisories/ZDI-23-1152/
Hotmail SPF Record Error Leads to spam false positives
https://www.bleepingcomputer.com/news/microsoft/hotmail-email-delivery-fails-after-microsoft-misconfigures-dns/
Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector
https://www.sentinelone.com/labs/chinese-entanglement-dll-hijacking-in-the-asian-gambling-sector/
Google Chrome to Warn Users of Malicious Extensions
https://betanews.com/2023/08/17/google-chrome-to-warn-users-about-problematic-extensions/
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Jun 2nd - Jun 7th 2025 |