Handler on Duty: Jan Kopriva
Threat Level: green
Podcast Detail
Honeypot Lesons; TeamViewer Compromise; Fortra File Catalyst Vuln/PoC; GitLab Update; Vanna.AI RCE;
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/9040.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 4th - Sep 9th 2024 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
What Setting Live Traps For Cybercriminals Taught Me About Security
https://isc.sans.edu/diary/What%20Setting%20Live%20Traps%20for%20Cybercriminals%20Taught%20Me%20About%20Security%20%5BGuest%20Diary%5D/31038
TeamViewer Compromise
https://www.teamviewer.com/en-us/resources/trust-center/statement/
Fortra File Catalyst Vulnerability and PoC
https://support.fortra.com/filecatalyst/kb-articles/advisory-6-24-2024-filecatalyst-workflow-sql-injection-vulnerability-YmYwYWY4OTYtNTUzMi1lZjExLTg0MGEtNjA0NWJkMDg3MDA0
https://www.tenable.com/security/research/tra-2024-25
GitLab Critical Update
https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/
When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI
https://jfrog.com/blog/prompt-injection-attack-code-execution-in-vanna-ai-cve-2024-5565/
https://isc.sans.edu/diary/What%20Setting%20Live%20Traps%20for%20Cybercriminals%20Taught%20Me%20About%20Security%20%5BGuest%20Diary%5D/31038
TeamViewer Compromise
https://www.teamviewer.com/en-us/resources/trust-center/statement/
Fortra File Catalyst Vulnerability and PoC
https://support.fortra.com/filecatalyst/kb-articles/advisory-6-24-2024-filecatalyst-workflow-sql-injection-vulnerability-YmYwYWY4OTYtNTUzMi1lZjExLTg0MGEtNjA0NWJkMDg3MDA0
https://www.tenable.com/security/research/tra-2024-25
GitLab Critical Update
https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/
When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI
https://jfrog.com/blog/prompt-injection-attack-code-execution-in-vanna-ai-cve-2024-5565/
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 4th - Sep 9th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Denver | Oct 2nd - Oct 7th 2024 |