Sign up to save your podcasts
Or
Share SANS Stormcast Thursday Mar 20th: Cisco Smart Licensing Attacks; Vulnerable Drivers again; Synology Advisories Updated
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SANS Stormcast Thursday Mar 20th: Cisco Smart Licensing Attacks; Vulnerable Drivers again; Synology Advisories Updated
Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 CVE-2024-20440
Attackers added last September's Cisco Smart Licensing Utility vulnerability to their toolset. These attacks orginate most likely from botnets and the same attackers are scanning for a wide range of additional vulnerabilities. The vulnerability is a static credential issue and trivial to exploit after the credentials were published last fall.
https://isc.sans.edu/diary/Exploit%20Attempts%20for%20Cisco%20Smart%20Licensing%20Utility%20CVE-2024-20439%20and%20CVE-2024-20440/31782
Legacy Driver Exploitation Through Bypassing Certificate Verification
Ahnlab documented a new type of "bring your own vulnerable driver" vulnerability. In this case, an old driver used by an anit-malware and anti-rootkit system can be used to shut down arbitrary processeses, including security related processeses.
https://asec.ahnlab.com/en/86881/
Synology Vulnerability Updates
Synology updates some security advisories it release last year adding addition details and vulnerable systems.
https://www.synology.com/en-global/security/advisory/Synology_SA_24_20
https://www.synology.com/en-global/security/advisory/Synology_SA_24_24
View all episodes
By Johannes B. Ullrich
4.9
619619 ratings
Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 CVE-2024-20440
Attackers added last September's Cisco Smart Licensing Utility vulnerability to their toolset. These attacks orginate most likely from botnets and the same attackers are scanning for a wide range of additional vulnerabilities. The vulnerability is a static credential issue and trivial to exploit after the credentials were published last fall.
https://isc.sans.edu/diary/Exploit%20Attempts%20for%20Cisco%20Smart%20Licensing%20Utility%20CVE-2024-20439%20and%20CVE-2024-20440/31782
Legacy Driver Exploitation Through Bypassing Certificate Verification
Ahnlab documented a new type of "bring your own vulnerable driver" vulnerability. In this case, an old driver used by an anit-malware and anti-rootkit system can be used to shut down arbitrary processeses, including security related processeses.
https://asec.ahnlab.com/en/86881/
Synology Vulnerability Updates
Synology updates some security advisories it release last year adding addition details and vulnerable systems.
https://www.synology.com/en-global/security/advisory/Synology_SA_24_20
https://www.synology.com/en-global/security/advisory/Synology_SA_24_24
More shows like SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
View all
Security Now (Audio)
1,968 Listeners
Risky Business
361 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
363 Listeners
Hacked
184 Listeners
CyberWire Daily
1,003 Listeners
Smashing Security
311 Listeners
Click Here
398 Listeners
Malicious Life
928 Listeners
Darknet Diaries
7,876 Listeners
Cybersecurity Today
168 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
314 Listeners
Defense in Depth
77 Listeners
Cyber Security Headlines
129 Listeners
Risky Bulletin
33 Listeners