Podcast Detail

SANS Stormcast: Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9356.mp3

Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution

00:00

Application Security: Securing Web Apps, APIs, and Microservices	Orlando	Apr 13th - Apr 18th 2025
Application Security: Securing Web Apps, APIs, and Microservices	San Diego	May 5th - May 10th 2025

Commonly Probed Webshell URLs
Many attackers deploy web shells to gain a foothold on vulnerable web servers. These webshells can also be taken over by parasitic exploits.
https://isc.sans.edu/diary/Commonly%20Probed%20Webshell%20URLs/31748

Undocumented ESP32 Commands
A recent conference presentation by Tarlogic revealed several "backdoors" or undocumented features in the commonly used ESP32 Chipsets. Tarlogic also released a toolkit to make it easier to audit chipsets and find these hiddent commands.
https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/

Camera Off: Akira deploys ransomware via Webcam
The Akira ransomware group was recently observed infecting a network with Ransomware by taking advantage of a webcam.
https://www.s-rminform.com/latest-thinking/camera-off-akira-deploys-ransomware-via-webcam

iTunes

MP3 Download

RSS Feed

Google

Podbean

Amazon Echo

YouTube

Spreaker

Spotify

Application Security: Securing Web Apps, APIs, and Microservices	Orlando	Apr 13th - Apr 18th 2025
Application Security: Securing Web Apps, APIs, and Microservices	San Diego	May 5th - May 10th 2025
Network Monitoring and Threat Detection In-Depth	Baltimore	Jun 2nd - Jun 7th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Washington	Jul 14th - Jul 19th 2025

no transcript found