SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

29/08/2025 5 min Episodio 9592

Listen "SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch "

Descargar episodio Ver en sitio original

Episode Synopsis

Increasing Searches for ZIP Files
Attackers are scanning our honeypots more and more for .zip files. They are looking for backups of credential files and the like left behind by careless administrators and developers.
https://isc.sans.edu/diary/Increasing%20Searches%20for%20ZIP%20Files/32242
FreePBX Vulnerability
An upatched vulnerability in FreePBX is currently being exploited. FreePBX offers mitigation advice and has also just released a beta patch.
https://community.freepbx.org/t/security-advisory-please-lock-down-your-administrator-access/107203
Passwordstate Vulnerability
Clickstudios patched an authentication bypass vulnerability in its password manager, Passwordstate. The vulnerability can be used to access the emergency password page.
https://www.clickstudios.com.au/passwordstate-changelog.aspx

More episodes of the podcast SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report 06/11/2025

SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches 05/11/2025

SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensions 04/11/2025

SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements 03/11/2025

SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability 31/10/2025

SANS Stormcast Thursday, October 30th, 2025: Memory Only Filesystems Forensics; Azure Outage; docker-compose patch 30/10/2025

SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC 29/10/2025

SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection 28/10/2025

SANS Stormcast Monday, October 27th, 2025: Bilingual Phishing; Kaitai Struct WebIDE 27/10/2025

SANS Stormcast Friday, October 24th, 2025: Android Infostealer; SessionReaper Exploited; BIND/unbound DNS Spoofing fix; WSUS Exploit 24/10/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch

Listen "SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch "

Episode Synopsis

More episodes of the podcast SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Internet as human right and its scope

Bandwidth: Broadband or Narrowband?

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Gray Hat Hacking, those with ambiguous ethics…

Internet Predators on the prowl

Dot COM: The Internet’s dominant TLD