Sign up to save your podcasts
Or
Share SANS Stormcast Monday, July 7th, 2025: interesting usernames; More sudo issues; CitrixBleed2 PoC; Short Lived Certs
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SANS Stormcast Monday, July 7th, 2025: interesting usernames; More sudo issues; CitrixBleed2 PoC; Short Lived Certs
Interesting ssh/telnet usernames
Some interesting usernames observed in our honeypots
https://isc.sans.edu/diary/A%20few%20interesting%20and%20notable%20ssh%20telnet%20usernames/32080
More sudo trouble
The host option in Sudo can be exploited to execute commands on unauthorized hosts.
https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host
CitrixBleed2 PoC Posted (CVE-2025-5777)
WatchTwer published additional details about the recently patched CitrixBleed vulnerability, including a PoC exploit.
https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777/
Instagram Using Six Day Certificates
Instagram changes their TLS certificates daily and they use certificates that are just about to expire in a week.
https://hereket.com/posts/instagram-single-day-certificates/
View all episodes
By Johannes UllrichInteresting ssh/telnet usernames
Some interesting usernames observed in our honeypots
https://isc.sans.edu/diary/A%20few%20interesting%20and%20notable%20ssh%20telnet%20usernames/32080
More sudo trouble
The host option in Sudo can be exploited to execute commands on unauthorized hosts.
https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host
CitrixBleed2 PoC Posted (CVE-2025-5777)
WatchTwer published additional details about the recently patched CitrixBleed vulnerability, including a PoC exploit.
https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777/
Instagram Using Six Day Certificates
Instagram changes their TLS certificates daily and they use certificates that are just about to expire in a week.
https://hereket.com/posts/instagram-single-day-certificates/