SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
15/12/2025 6 min Episodio 9738
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches

Listen "SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches "

Descargar episodio Ver en sitio original

Episode Synopsis


Abusing DLLs EntryPoint for the Fun
DLLs will not just execute code when some of their functions are called, but also as they are loaded.
https://isc.sans.edu/diary/Abusing%20DLLs%20EntryPoint%20for%20the%20Fun/32562
Apple Patches Everything: December 2025 Edition
Apple released patches for all of its operating systems, fixing two already exploited vulnerabilities.
ClickFix Attacks Still Using the Finger
ClickFix Attacks Still Using the Finger
Two examples of ClickFix attacks abusing the finger protocol to load additional malware
Denial of Service and Source Code Exposure in React Server Components
Denial of Service and Source Code Exposure in React Server Components
After last week's critical patch, three more, but less critical, vulnerabilities were identified in React Server Components.
https://react.dev/blog/2025/12/11/denial-of-service-and-source-code-exposure-in-react-server-components

More episodes of the podcast SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Thursday, December 18th, 2025: More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory 18/12/2025
SANS Stormcast Wednesday, December 17th, 2025: Beyond RC4; Forticloud SSO Vuln Exploited; FortiGate SSO Exploited; 17/12/2025
SANS Stormcast Tuesday, December 16th, 2025: Current React2Shell Example; SAML woes; MSMQ issues after patch; 16/12/2025
SANS Stormcast Friday, December 12th, 2025: Local AI Models; Mystery Chrome 0-Day; SOAPwn Attack 12/12/2025
SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation 11/12/2025
SANS Stormcast Wednesday, December 10th, 2025: Microsoft, Adobe, Ivanti, Fortinet, and Ruby patches. 10/12/2025
SANS Stormcast Tuesday, December 9th, 2025: nanoKVM Vulnerabilities; Ghostframe Phishing; WatchGuard Advisory 09/12/2025
SANS Stormcast Monday, December 8th, 2025: AutoIT3 FileInstall; React2Shell Update; Tika Vuln 08/12/2025
SANS Stormcast Friday, December 5th, 2025: Compromised Govt System; React Vuln Update; Array Networks VPN Attacks 05/12/2025
SANS Stormcast Thursday, December 4th, 2025: CDN Headers; React Vulnerabiity; PickleScan Patch 04/12/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA