Podcast Detail

SANS Stormcast Thursday Mar 6th: DShield ELK Analysis; Jailbreaking AMD CPUs; VIM Vulnerability; Snail Mail Ransomware

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9352.mp3

previous
Podcast Logo
DShield ELK Analysis; Jailbreaking AMD CPUs; VIM Vulnerability; Snail Mail Ransomware
00:00

DShield Traffic Analysis using ELK
The "DShield SIEM" includes an ELK dashboard as part of the Honeypot. Learn how to find traffic of interest with this tool.
https://isc.sans.edu/diary/DShield%20Traffic%20Analysis%20using%20ELK/31742

Zen and the Art of Microcode Hacking
Google released details, including a proof of concept exploit, showing how to take advantage of the recently patched AMD microcode vulnerability
https://bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking CVE-2024-56161

VIM Vulnerability
An attacker may execute arbitrary code by tricking a user to open a crafted tar file in VIM
https://github.com/vim/vim/security/advisories/GHSA-wfmf-8626-q3r3

Snil Mail Fake Ransom Note
A copy cat group is impersonating ransomware actors. The group sends snail mail to company executives claiming to have stolen company data and threatening to leak it unless a payment is made.
https://www.guidepointsecurity.com/blog/snail-mail-fail-fake-ransom-note-campaign-preys-on-fear/




no transcript found