Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast
ISC StormCast for Wednesday, January 8th, 2025
- Autor: Vários
- Narrador: Vários
- Editor: Podcast
- Duración: 0:06:39
- Mas informaciones
Informações:
Sinopsis
In this episode, we dive into active exploitation of a zero-day in SonicWall SSL-VPN, privilege escalation vulnerabilities in Moxa devices, and a BitLocker bypass in Windows 11. We also cover cryptocurrency mining malware hitting PHP servers and the White House's launch of the U.S. Cyber Trust Mark to secure connected devices. Episode Links and Topics: PacketCrypt Classic Cryptocurrency Miner on PHP Servers https://isc.sans.edu/diary/PacketCrypt%20Classic%20Cryptocurrency%20Miner%20on%20PHP%20Servers/31564 Malware exploiting PHP servers to mine PacketCrypt Classic cryptocurrency. SonicOS Affected By Multiple Vulnerabilities https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 A zero-day vulnerability in SonicWall SSL-VPN devices is under active attack. Privilege Escalation and OS Command Injection Vulnerabilities in Moxa Devices https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241155-privilege-escalation-and-os-command-injection-vulnerabilities-in-cellular-routers,-secure-rout
