Handler on Duty: Jim Clausing
Threat Level: green
Podcast Detail
SANS ISC Stormcast, Jan 13, 2025: Defender Updates, Ivanti RCE, Apple USB-C Hack and more
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9276.mp3
My Next Class
| Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
| Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
In today's episode, we cover the latest updates in cybersecurity:
Windows Defender Enhances Chrome Extension Detection
Microsoft's Defender now catalogs Chrome extensions to identify malicious ones. Learn how this improves enterprise security.
https://isc.sans.edu/diary/Windows%20Defender%20Chrome%20Extension%20Detection/31574
Multi-OLE Analysis in Malicious Documents
A look at how attackers embed OLE files in Office documents to evade detection and the tools to combat it.
https://isc.sans.edu/diary/Multi-OLE/31580
Ivanti Connect Secure RCE Vulnerability (CVE-2025-0282)
Details of a critical vulnerability affecting Ivanti products and the patching timelines.
https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/
Apple USB-C Controller Compromised
Researchers hacked Apple’s ACE3 USB-C controller, highlighting hardware security challenges.
https://cybersecuritynews.com/apples-new-usb-c-controller-hacked/
IRS Pushes for IP PIN Enrollment
Protect yourself from tax-related identity theft by securing your IP PIN for the 2025 tax season.
https://www.irs.gov/newsroom/irs-encourages-all-taxpayers-to-sign-up-for-an-ip-pin-for-the-2025-tax-season
Windows Defender Enhances Chrome Extension Detection
Microsoft's Defender now catalogs Chrome extensions to identify malicious ones. Learn how this improves enterprise security.
https://isc.sans.edu/diary/Windows%20Defender%20Chrome%20Extension%20Detection/31574
Multi-OLE Analysis in Malicious Documents
A look at how attackers embed OLE files in Office documents to evade detection and the tools to combat it.
https://isc.sans.edu/diary/Multi-OLE/31580
Ivanti Connect Secure RCE Vulnerability (CVE-2025-0282)
Details of a critical vulnerability affecting Ivanti products and the patching timelines.
https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/
Apple USB-C Controller Compromised
Researchers hacked Apple’s ACE3 USB-C controller, highlighting hardware security challenges.
https://cybersecuritynews.com/apples-new-usb-c-controller-hacked/
IRS Pushes for IP PIN Enrollment
Protect yourself from tax-related identity theft by securing your IP PIN for the 2025 tax season.
https://www.irs.gov/newsroom/irs-encourages-all-taxpayers-to-sign-up-for-an-ip-pin-for-the-2025-tax-season
iTunes
MP3 Download
RSS Feed
Google
Podbean
Amazon Echo
YouTube
Spreaker
Spotify
Discussion
Login here to join the discussion.
| Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
| Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
| Network Monitoring and Threat Detection In-Depth | Baltimore | Jun 2nd - Jun 7th 2025 |
Subscribe to the Internet Storm Center YouTube Channel
© 2025 SANS™ Internet Storm Center
Developers: We have an API for you! 