Handler on Duty: Jesse La Grew
Threat Level: green
Podcast Detail
Bluetooth Vuln Trends; OpenSSL Update; GoAnywhere Patch and PoC; Quakbot via OneNote
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/8360.mp3
SANS Daily Network Security Podcast (Stormcast) for Wednesday, February 8th, 2023
00:00
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 9th - May 14th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
A Survey of Bluetooth Vulnerabilities Trends
https://isc.sans.edu/diary/A%20Survey%20of%20Bluetooth%20Vulnerabilities%20Trends%20%282023%20Edition%29/29522
OpenSSL Vulnerabilities / Patches
https://www.openssl.org/news/secadv/20230207.txt
Packet Tuesday: Most Frequent DNS Query ID / DNS Notify
https://www.youtube.com/watch?v=QgCuE_zKyMY
GoAnywhere MFT Patch Available (and PoC)
https://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.html
https://my.goanywhere.com/webclient/Dashboard.xhtml
Qakbot Mechanizes Distribution of Malicous OneNote Notebooks
https://news.sophos.com/en-us/2023/02/06/qakbot-onenote-attacks/
https://isc.sans.edu/diary/A%20Survey%20of%20Bluetooth%20Vulnerabilities%20Trends%20%282023%20Edition%29/29522
OpenSSL Vulnerabilities / Patches
https://www.openssl.org/news/secadv/20230207.txt
Packet Tuesday: Most Frequent DNS Query ID / DNS Notify
https://www.youtube.com/watch?v=QgCuE_zKyMY
GoAnywhere MFT Patch Available (and PoC)
https://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.html
https://my.goanywhere.com/webclient/Dashboard.xhtml
Qakbot Mechanizes Distribution of Malicous OneNote Notebooks
https://news.sophos.com/en-us/2023/02/06/qakbot-onenote-attacks/
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 9th - May 14th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 4th - Sep 9th 2024 |