Sign up to save your podcasts
Or
Share SANS Stormcast Thursday, July 17th, 2025: catbox.moe abuse; Sonicwall Attacks; Rendering Issues
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SANS Stormcast Thursday, July 17th, 2025: catbox.moe abuse; Sonicwall Attacks; Rendering Issues
More Free File Sharing Services Abuse
The free file-sharing service catbox.moe is abused by malware. While it officially claims not to allow hosting of executables, it only checks extensions and is easily abused
https://isc.sans.edu/diary/More%20Free%20File%20Sharing%20Services%20Abuse/32112
Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor
A group Google identifies as UNC6148 is exploiting the Sonicwall SMA 100 series appliance. The devices are end of life, but even fully patched devices are exploited. Google assumes that these devices are compromised because credentials were leaked during prior attacks. The attacker installs the OVERSTEP backdoor after compromising the device.
https://cloud.google.com/blog/topics/threat-intelligence/sonicwall-secure-mobile-access-exploitation-overstep-backdoor
Weaponizing Trust in File Rendering Pipelines
RenderShock is a comprehensive zero-click attack strategy that targets passive file preview, indexing, and automation behaviours in modern operating systems and enterprise environments. It leverages built-in trust mechanisms and background processing in file systems, email clients, antivirus tools, and graphical user interfaces to deliver payloads without requiring any user interaction.
https://www.cyfirma.com/research/rendershock-weaponizing-trust-in-file-rendering-pipelines/
View all episodes
By Johannes B. Ullrich
4.9
629629 ratings
More Free File Sharing Services Abuse
The free file-sharing service catbox.moe is abused by malware. While it officially claims not to allow hosting of executables, it only checks extensions and is easily abused
https://isc.sans.edu/diary/More%20Free%20File%20Sharing%20Services%20Abuse/32112
Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor
A group Google identifies as UNC6148 is exploiting the Sonicwall SMA 100 series appliance. The devices are end of life, but even fully patched devices are exploited. Google assumes that these devices are compromised because credentials were leaked during prior attacks. The attacker installs the OVERSTEP backdoor after compromising the device.
https://cloud.google.com/blog/topics/threat-intelligence/sonicwall-secure-mobile-access-exploitation-overstep-backdoor
Weaponizing Trust in File Rendering Pipelines
RenderShock is a comprehensive zero-click attack strategy that targets passive file preview, indexing, and automation behaviours in modern operating systems and enterprise environments. It leverages built-in trust mechanisms and background processing in file systems, email clients, antivirus tools, and graphical user interfaces to deliver payloads without requiring any user interaction.
https://www.cyfirma.com/research/rendershock-weaponizing-trust-in-file-rendering-pipelines/
More shows like SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
View all
Security Now (Audio)
1,981 Listeners
Risky Business
364 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
371 Listeners
Hacked
180 Listeners
CyberWire Daily
1,016 Listeners
Smashing Security
316 Listeners
Click Here
407 Listeners
Darknet Diaries
7,929 Listeners
Cybersecurity Today
164 Listeners
CISO Series Podcast
189 Listeners
Hacking Humans
311 Listeners
Defense in Depth
76 Listeners
Cyber Security Headlines
128 Listeners
Risky Bulletin
43 Listeners
Hacker And The Fed
168 Listeners