SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack;

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

09/07/2025 7 min Episodio 9518

Listen "SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack; "

Descargar episodio Ver en sitio original

Episode Synopsis

Microsoft Patch Tuesday, July 2025
Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9 additional vulnerabilities not part of Microsoft's portfolio but distributed by Microsoft. 14 of these are rated critical. Only one of the vulnerabilities was disclosed before being patched, and none of the vulnerabilities have so far been exploited.
https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%2C%20July%202025/32088
Opposum Attack
If a TLS server is configured to allow switching from HTTP to HTTPS on a specific port, an attacker may be able to inject a request into the data stream.
https://opossum-attack.com/
Ivanti Security Updates
Ivanty fixed vulnerabilities in Ivanty Connect Secure, EPMM, and EPM. In particular the password decryption vulnerabliity may be interesting.
https://www.ivanti.com/blog/july-security-update-2025

More episodes of the podcast SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Friday, November 7th, 2025: PowerShell Log Correlation; RondoBox Disected; Google Chrome and Cisco Patches 07/11/2025

SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report 06/11/2025

SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches 05/11/2025

SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensions 04/11/2025

SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements 03/11/2025

SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability 31/10/2025

SANS Stormcast Thursday, October 30th, 2025: Memory Only Filesystems Forensics; Azure Outage; docker-compose patch 30/10/2025

SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC 29/10/2025

SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection 28/10/2025

SANS Stormcast Monday, October 27th, 2025: Bilingual Phishing; Kaitai Struct WebIDE 27/10/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack;

Listen "SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack; "

Episode Synopsis

More episodes of the podcast SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Positive Attitude, Share your ZARZA Attitude!

Free Internet, a prediction in Nostradamus style

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Gray Hat Hacking, those with ambiguous ethics…

Internet Predators on the prowl

Dot COM: The Internet’s dominant TLD