Sign up to save your podcasts
Or
Share SANS Stormcast Wednesday Mar 26th: XWiki Exploit; File Converter Correction; VMWare Vulnerability; Draytek Router Reboots; MMC Exploit Details;
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SANS Stormcast Wednesday Mar 26th: XWiki Exploit; File Converter Correction; VMWare Vulnerability; Draytek Router Reboots; MMC Exploit Details;
XWiki Search Vulnerablity Exploit Attempts (CVE-2024-3721)
Our honeypot detected an increase in exploit attempts for an XWiki command injection vulnerablity. The vulnerability was patched last April, but appears to be exploited more these last couple days. The vulnerability affects the search feature and allows the attacker to inject Groovy code templates.
https://isc.sans.edu/diary/X-Wiki%20Search%20Vulnerability%20exploit%20attempts%20%28CVE-2024-3721%29/31800
Correction: FBI Image Converter Warning
The FBI's Denver office warned of online file converters, not downloadable conversion tools
https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam
VMWare Vulnerability
Broadcom released a fix for a VMWare Tools vulnerability. The vulnerability allows users of a Windows virtual machine to escalate privileges within the machine.
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518
Draytek Reboots
Over the weekend, users started reporting Draytek routers rebooting and getting stuck in a reboot loop. Draytek now published advise as to how to fix the problem.
https://faq.draytek.com.au/docs/draytek-routers-rebooting-how-to-solve-this-issue/
Microsoft Managemnt Console Exploit CVE-2025-26633
TrendMicro released details showing how the MMC vulnerability Microsoft patched as part of its patch tuesday this month was exploited.
https://www.trendmicro.com/en_us/research/25/c/cve-2025-26633-water-gamayun.html
View all episodes
By Johannes B. Ullrich
4.9
642642 ratings
XWiki Search Vulnerablity Exploit Attempts (CVE-2024-3721)
Our honeypot detected an increase in exploit attempts for an XWiki command injection vulnerablity. The vulnerability was patched last April, but appears to be exploited more these last couple days. The vulnerability affects the search feature and allows the attacker to inject Groovy code templates.
https://isc.sans.edu/diary/X-Wiki%20Search%20Vulnerability%20exploit%20attempts%20%28CVE-2024-3721%29/31800
Correction: FBI Image Converter Warning
The FBI's Denver office warned of online file converters, not downloadable conversion tools
https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam
VMWare Vulnerability
Broadcom released a fix for a VMWare Tools vulnerability. The vulnerability allows users of a Windows virtual machine to escalate privileges within the machine.
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518
Draytek Reboots
Over the weekend, users started reporting Draytek routers rebooting and getting stuck in a reboot loop. Draytek now published advise as to how to fix the problem.
https://faq.draytek.com.au/docs/draytek-routers-rebooting-how-to-solve-this-issue/
Microsoft Managemnt Console Exploit CVE-2025-26633
TrendMicro released details showing how the MMC vulnerability Microsoft patched as part of its patch tuesday this month was exploited.
https://www.trendmicro.com/en_us/research/25/c/cve-2025-26633-water-gamayun.html
More shows like SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
View all
Hacked
189 Listeners
Security Now (Audio)
2,007 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
371 Listeners
Risky Business
373 Listeners
CyberWire Daily
1,028 Listeners
Smashing Security
319 Listeners
Click Here
420 Listeners
Darknet Diaries
8,113 Listeners
Cybersecurity Today
175 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
191 Listeners
Defense in Depth
74 Listeners
Cybersecurity Headlines
138 Listeners
Risky Bulletin
45 Listeners
Hacker And The Fed
168 Listeners