SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch (#)

SANS Internet Storm Center's Daily Network Security News Podcast
05/06/2025 5 min
SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch (#)

Listen "SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch (#)"

Descargar episodio Ver en sitio original

Episode Synopsis

SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch Be Careful With Fake Zoom Client Downloads Miscreants are tricking victims into downloading fake Zoom clients (and likely other meeting software) by first sending them fake meeting invites that direct victims to a page that offers malware for download as an "update" to the Zoom client. https://isc.sans.edu/diary/Be%20Careful%20With%20Fake%20Zoom%20Client%20Downloads/32014 Python tarfile Vulnerability Recently, the Python tarfile module introduced a "filter" option to help mitigate some of the insecure behavior common to software unpacking archives. This filter is, however, not working quite as well as it should. https://mail.python.org/archives/list/[email protected]/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/ Hewlett Packard Enterprise Insight Remote Support processAttachmentDataStream Directory Traversal Remote Code Execution Vulnerability HP fixed, among other vulnerabilities, a critical remote code execution vulnerability in Insight Remote Support (IRS) https://www.zerodayinitiative.com/advisories/ZDI-25-325/ keywords: hp; insight; remote; support; irs; python; tarfile; zoom;

More episodes of the podcast SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Wednesday, November 26th, 2025: Attacks Against Messaging; Passwords in Random Websites; Fluentbit Vuln; #thanksgiving (#) 26/11/2025
SANS Stormcast Tuesday, November 25th, 2025: URL Mapping and Authentication; SHA1-Hulud; Hacklore (#) 25/11/2025
9712 24/11/2025
SANS Stormcast Friday, November 21st, 2025: Oracle Idendity Manager Scans; SonicWall DoS Vuln; Adam Wilson (@sans_edu) reducing prompt injection. (#) 20/11/2025
SANS Stormcast Thursday, November 20th, 2025: Unicode Issues; FortiWeb More Vulns; DLink DIR-878 Vuln; Operation WrtHug and ASUS Routers (#) 19/11/2025
SANS Stormcast Wednesday, November 19th, 2025: Kong Tuke; Cloudflare Outage (#) 19/11/2025
SANS Stormcast Tuesday, November 18th, 2025: Binary Expression Decoding. Tea NPM Pollution; IBM AIX NIMSH Vulnerability (#) 17/11/2025
SANS Stormcast Monday, November 17th, 2025: New(isch) Fortiweb Vulnerability; Finger and ClickFix (#) 16/11/2025
SANS Stormcast Friday, November 14th, 2025: SmartApeSG and ClickFix; Formbook Obfuscation Tricks; Sudo-rs Vulnerabilities; SANS Holiday Hack Challenge (#) 14/11/2025
SANS Stormcast Thursday, November 13th, 2025: OWASP Top 10 Update; Cisco/Citrix Exploits; Test post quantum readiness (#) 13/11/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA