Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Contenuto fornito da SANS ISC Handlers and Johannes B. Ullrich. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da SANS ISC Handlers and Johannes B. Ullrich o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Player FM - App Podcast
Vai offline con l'app Player FM !
Vai offline con l'app Player FM !
SANS ISC Stormcast, Jan 28th 2025: Z-Shy Phishing; Apple Patches 0-Day; Fortinet Exploit Details; Github and Apache Solr Patches
Manage episode 463521323 series 128829
Contenuto fornito da SANS ISC Handlers and Johannes B. Ullrich. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da SANS ISC Handlers and Johannes B. Ullrich o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
This episode shows how attackers are bypassing phishing filter by abusing the "shy" softhyphen HTML entitiy. We got an update from Apple fixing a 0-day vulnerability in addition to a number of other issues. watchTowr show how to exploit an interesting FortiOS vulnerability and we have patches for Github Desktop and Apache Solr
An unusal shy z-wasp phish
https://isc.sans.edu/diary/An%20unusual%20%22shy%20z-wasp%22%20phishing/31626
How the soft hyphen "shy" HTML entity can be abused to bypass e-mail filters
Apple Patches
https://support.apple.com/en-us/100100
Apple released patches for all of its operating systems, fixing a 0-day vulnerability among many others issues
Get Fortirekt I am the Super_admin now
https://labs.watchtowr.com/get-fortirekt-i-am-the-super_admin-now-fortios-authentication-bypass-cve-2024-55591/
Details about a recent FortiOS Vulnerability
GitHub Desktop Vulnerability
https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html
Apache Solr Vulnerability
https://solr.apache.org/security.html#cve-2024-52012-apache-solr-configset-upload-on-windows-allows-arbitrary-path-write-access
…
continue reading
An unusal shy z-wasp phish
https://isc.sans.edu/diary/An%20unusual%20%22shy%20z-wasp%22%20phishing/31626
How the soft hyphen "shy" HTML entity can be abused to bypass e-mail filters
Apple Patches
https://support.apple.com/en-us/100100
Apple released patches for all of its operating systems, fixing a 0-day vulnerability among many others issues
Get Fortirekt I am the Super_admin now
https://labs.watchtowr.com/get-fortirekt-i-am-the-super_admin-now-fortios-authentication-bypass-cve-2024-55591/
Details about a recent FortiOS Vulnerability
GitHub Desktop Vulnerability
https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html
Apache Solr Vulnerability
https://solr.apache.org/security.html#cve-2024-52012-apache-solr-configset-upload-on-windows-allows-arbitrary-path-write-access
2694 episodi
SANS ISC Stormcast, Jan 28th 2025: Z-Shy Phishing; Apple Patches 0-Day; Fortinet Exploit Details; Github and Apache Solr Patches
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Manage episode 463521323 series 128829
Contenuto fornito da SANS ISC Handlers and Johannes B. Ullrich. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da SANS ISC Handlers and Johannes B. Ullrich o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
This episode shows how attackers are bypassing phishing filter by abusing the "shy" softhyphen HTML entitiy. We got an update from Apple fixing a 0-day vulnerability in addition to a number of other issues. watchTowr show how to exploit an interesting FortiOS vulnerability and we have patches for Github Desktop and Apache Solr
An unusal shy z-wasp phish
https://isc.sans.edu/diary/An%20unusual%20%22shy%20z-wasp%22%20phishing/31626
How the soft hyphen "shy" HTML entity can be abused to bypass e-mail filters
Apple Patches
https://support.apple.com/en-us/100100
Apple released patches for all of its operating systems, fixing a 0-day vulnerability among many others issues
Get Fortirekt I am the Super_admin now
https://labs.watchtowr.com/get-fortirekt-i-am-the-super_admin-now-fortios-authentication-bypass-cve-2024-55591/
Details about a recent FortiOS Vulnerability
GitHub Desktop Vulnerability
https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html
Apache Solr Vulnerability
https://solr.apache.org/security.html#cve-2024-52012-apache-solr-configset-upload-on-windows-allows-arbitrary-path-write-access
…
continue reading
An unusal shy z-wasp phish
https://isc.sans.edu/diary/An%20unusual%20%22shy%20z-wasp%22%20phishing/31626
How the soft hyphen "shy" HTML entity can be abused to bypass e-mail filters
Apple Patches
https://support.apple.com/en-us/100100
Apple released patches for all of its operating systems, fixing a 0-day vulnerability among many others issues
Get Fortirekt I am the Super_admin now
https://labs.watchtowr.com/get-fortirekt-i-am-the-super_admin-now-fortios-authentication-bypass-cve-2024-55591/
Details about a recent FortiOS Vulnerability
GitHub Desktop Vulnerability
https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html
Apache Solr Vulnerability
https://solr.apache.org/security.html#cve-2024-52012-apache-solr-configset-upload-on-windows-allows-arbitrary-path-write-access
2694 episodi
Tutti gli episodi
×Benvenuto su Player FM!
Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.