ISC StormCast for Thursday, January 9th, 2025

SANS Stormcast: Daily Cyber Security News

09/01/2025 6 min Episodio 9272

Listen "ISC StormCast for Thursday, January 9th, 2025"

Descargar episodio Ver en sitio original

Episode Synopsis

In this episode, we discuss critical vulnerabilities in Ivanti Connect Secure and Policy Secure, command injection risks in Aviatrix Network Controllers, and the risks posed by hijacked abandoned backdoors. Episode Links and Topics: More Governments Backdoors in Your Backdoorshttps://labs.watchtowr.com/more-governments-backdoors-in-your-backdoors/ Researchers reveal how expired domains linked to abandoned backdoors can be hijacked, exposing systems to further compromise. Security Update: Ivanti Connect Secure, Policy Secure, and Neurons for ZTA Gatewayshttps://www.ivanti.com/blog/security-update-ivanti-connect-secure-policy-secure-and-neurons-for-zta-gateways Ivanti addresses critical vulnerabilities (CVE-2025-0282, CVE-2025-0283) in their secure gateway products, with active exploitation in the wild. CVE-2024-50603: Aviatrix Network Controller Command Injection Vulnerabilityhttps://www.securing.pl/en/cve-2024-50603-aviatrix-network-controller-command-injection-vulnerability/ A command injection vulnerability in Aviatrix Network Controllers allows unauthenticated code execution, posing severe risks to network environments.

More episodes of the podcast SANS Stormcast: Daily Cyber Security News

SANS Stormcast Thursday, November 13th, 2025: OWASP Top 10 Update; Cisco/Citrix Exploits; Test post quantum readiness 13/11/2025

SANS Stormcast Wednesday, November 12th, 2025: Microsoft Patch Tuesday; Gladinet Triofox Vulnerability; SAP Patches 12/11/2025

SANS Stormcast Tuesday, November 11th, 2025: 3CX Related Scans; Watchguard Default Password; 11/11/2025

SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks 10/11/2025

SANS Stormcast Friday, November 7th, 2025: PowerShell Log Correlation; RondoBox Disected; Google Chrome and Cisco Patches 07/11/2025

SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report 06/11/2025

SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches 05/11/2025

SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensi 04/11/2025

SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements 03/11/2025

SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability 31/10/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

ISC StormCast for Thursday, January 9th, 2025

Listen "ISC StormCast for Thursday, January 9th, 2025"

Episode Synopsis

More episodes of the podcast SANS Stormcast: Daily Cyber Security News

Internet as human right and its scope

Educational Technology: From traditional to digital

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Gray Hat Hacking, those with ambiguous ethics…

Internet Predators on the prowl

Dot COM: The Internet’s dominant TLD