Podcast Detail

SANS ISC Stormcast Jan 7th 2025: Make Malware Happy and Critical Vulnerabilities in OpenSSH, BeyondTrust, and Nuclei

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/9268.mp3

previous
next
Podcast Logo
SANS Daily Network Security Podcast (Stormcast) for Tuesday, January 7th, 2025
00:00

My Next Class

… more classes

Interested in Internet Storm Center stickers? Check here if there are still some available for today.

In this episode of the SANS Internet Storm Center's Stormcast, we cover critical vulnerabilities affecting OpenSSH, BeyondTrust, and Nuclei, including the newly discovered "RegreSSHion" flaw and a bypass vulnerability in Nuclei. We also discuss how malware evasion techniques can impact analysis environments and highlight the dangers of fake exploits targeting researchers. Tune in for insights on patching, mitigation strategies, and staying ahead of emerging threats.

Topics Covered:

Make Malware Happy
https://isc.sans.edu/diary/Make%20Malware%20Happy/31560
A look at how malware adapts and detects analysis environments, and why replicating operational settings is critical during malware analysis.

Nuclei Signature Verification Bypass (CVE-2024-43405)
https://www.wiz.io/blog/nuclei-signature-verification-bypass
A critical vulnerability in Nuclei allows malicious templates to bypass signature verification, risking arbitrary code execution.

Critical Vulnerability in BeyondTrust (CVE-2024-12356)
https://censys.com/cve-2024-12356/
A high-risk flaw in BeyondTrust products allows unauthenticated OS command execution, posing a significant threat to privileged access systems.

RegreSSHion Code Execution Vulnerability (CVE-2024-6387)
https://cybersecuritynews.com/regresshion-code-execution-vulnerability/
OpenSSH vulnerability "RegreSSHion" enables remote code execution, and fake exploits targeting security researchers are in circulation.