Sign up to save your podcasts
Or
Share SANS Stormcast Tuesday Mar 25th: Privacy Awware Bots; Ingress Nightmare; Malicious File Converters; VSCode Extension Leads to Ransomware
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SANS Stormcast Tuesday Mar 25th: Privacy Awware Bots; Ingress Nightmare; Malicious File Converters; VSCode Extension Leads to Ransomware
Privacy Aware Bots
A botnet is using privacy as well as CSRF prevention headers to better blend in with normal browsers. However, in the process they may make it actually easier to spot them.
https://isc.sans.edu/diary/Privacy%20Aware%20Bots/31796
Critical Ingress Nightmare Vulnerability
ingress-nginx fixed four new vulnerabilities, one of which may lead to a Kubernetes cluster compromise. Note that at the time I am making this live, not all of the URLs below are available yet, but I hope they will be available shortly after publishing this podcast
https://www.darkreading.com/application-security/critical-ingressnightmare-vulns-kubernetes-environments
https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities
https://kubernetes.io/blog/
FBI Warns of File Converter Scams
File converters may include malicious ad ons. Be careful where you get your software from.
https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam
VSCode Extension Includes Ransomware
https://x.com/ReversingLabs/status/1902355043065500145
View all episodes
By Johannes B. Ullrich
4.9
619619 ratings
Privacy Aware Bots
A botnet is using privacy as well as CSRF prevention headers to better blend in with normal browsers. However, in the process they may make it actually easier to spot them.
https://isc.sans.edu/diary/Privacy%20Aware%20Bots/31796
Critical Ingress Nightmare Vulnerability
ingress-nginx fixed four new vulnerabilities, one of which may lead to a Kubernetes cluster compromise. Note that at the time I am making this live, not all of the URLs below are available yet, but I hope they will be available shortly after publishing this podcast
https://www.darkreading.com/application-security/critical-ingressnightmare-vulns-kubernetes-environments
https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities
https://kubernetes.io/blog/
FBI Warns of File Converter Scams
File converters may include malicious ad ons. Be careful where you get your software from.
https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam
VSCode Extension Includes Ransomware
https://x.com/ReversingLabs/status/1902355043065500145
More shows like SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
View all
Security Now (Audio)
1,952 Listeners
Risky Business
362 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Hacked
174 Listeners
CyberWire Daily
1,010 Listeners
Smashing Security
308 Listeners
Click Here
390 Listeners
Malicious Life
923 Listeners
Darknet Diaries
7,822 Listeners
Cybersecurity Today
141 Listeners
CISO Series Podcast
186 Listeners
Hacking Humans
304 Listeners
Defense in Depth
70 Listeners
Cyber Security Headlines
118 Listeners
Risky Bulletin
32 Listeners