Sign up to save your podcasts
Or
Share SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail
Surge in Scans for Juniper t128 Default User
Lasst week, we dedtect a significant surge in ssh scans for the username t128 . This user is used by Juniper s Session Smart Routing, a product they acquired from 128 Technologies which is the reason for the somewhat unusual username.
https://isc.sans.edu/diary/Surge%20in%20Scans%20for%20Juniper%20%22t128%22%20Default%20User/31824
Vulnerable Verizon API Allowed for Access to Call Logs
An API Verizon offered to users of its call filtering application suffered from an authentication bypass vulnerability allowing users to access any Verizon user s call history. While using a JWT to authenticate the user, the phone number used to retrieve the call history logs was passed in a not-authenticated header.
https://evanconnelly.github.io/post/hacking-call-records/
Google Offering End-to-End Encryption to G-Mail Business Users
Google will add an end-to-end encryption feature to commercial GMail users. However, for non GMail users to read the emails they first must click on a link and log in to Google.
https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses
View all episodes
By Johannes B. Ullrich
4.9
619619 ratings
Surge in Scans for Juniper t128 Default User
Lasst week, we dedtect a significant surge in ssh scans for the username t128 . This user is used by Juniper s Session Smart Routing, a product they acquired from 128 Technologies which is the reason for the somewhat unusual username.
https://isc.sans.edu/diary/Surge%20in%20Scans%20for%20Juniper%20%22t128%22%20Default%20User/31824
Vulnerable Verizon API Allowed for Access to Call Logs
An API Verizon offered to users of its call filtering application suffered from an authentication bypass vulnerability allowing users to access any Verizon user s call history. While using a JWT to authenticate the user, the phone number used to retrieve the call history logs was passed in a not-authenticated header.
https://evanconnelly.github.io/post/hacking-call-records/
Google Offering End-to-End Encryption to G-Mail Business Users
Google will add an end-to-end encryption feature to commercial GMail users. However, for non GMail users to read the emails they first must click on a link and log in to Google.
https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses
More shows like SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
View all
Security Now (Audio)
1,952 Listeners
Risky Business
362 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Hacked
174 Listeners
CyberWire Daily
1,010 Listeners
Smashing Security
308 Listeners
Click Here
390 Listeners
Malicious Life
923 Listeners
Darknet Diaries
7,822 Listeners
Cybersecurity Today
141 Listeners
CISO Series Podcast
186 Listeners
Hacking Humans
304 Listeners
Defense in Depth
70 Listeners
Cyber Security Headlines
118 Listeners
Risky Bulletin
32 Listeners