ISC StormCast for Tuesday, January 21st, 2025

SANS Stormcast: Daily Cyber Security News

21/01/2025 6 min Episodio 9288

Listen "ISC StormCast for Tuesday, January 21st, 2025"

Descargar episodio Ver en sitio original

Episode Synopsis

In this episode, we talk about downloading and analyzing partial ZIP files, how legitimate remote access tools are used in recent compromises and how a research found an SSRF vulnerability in Azure DevOps Partial ZIP File Downloads A closer look at how attackers are leveraging partial ZIP file downloads to bypass file verification systems and plant malicious content.https://isc.sans.edu/diary/Partial%20ZIP%20File%20Downloads/31608 Ukrainian CERT Advisory on AnyDesk Threat The Ukrainian CERT provides detailed guidance on identifying and mitigating recent cyber threats exploiting AnyDesk for unauthorized access.https://cert.gov.ua/article/6282069 Finding SSRFs in Azure DevOps An in-depth analysis of how server-side request forgery (SSRF) vulnerabilities are discovered and exploited in Azure DevOps pipelines.https://binarysecurity.no/posts/2025/01/finding-ssrfs-in-devops

More episodes of the podcast SANS Stormcast: Daily Cyber Security News

SANS Stormcast Thursday, November 13th, 2025: OWASP Top 10 Update; Cisco/Citrix Exploits; Test post quantum readiness 13/11/2025

SANS Stormcast Wednesday, November 12th, 2025: Microsoft Patch Tuesday; Gladinet Triofox Vulnerability; SAP Patches 12/11/2025

SANS Stormcast Tuesday, November 11th, 2025: 3CX Related Scans; Watchguard Default Password; 11/11/2025

SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks 10/11/2025

SANS Stormcast Friday, November 7th, 2025: PowerShell Log Correlation; RondoBox Disected; Google Chrome and Cisco Patches 07/11/2025

SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report 06/11/2025

SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches 05/11/2025

SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensi 04/11/2025

SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements 03/11/2025

SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability 31/10/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

ISC StormCast for Tuesday, January 21st, 2025

Listen "ISC StormCast for Tuesday, January 21st, 2025"

Episode Synopsis

More episodes of the podcast SANS Stormcast: Daily Cyber Security News

Educational Technology: From traditional to digital

Digital Natives: Children of today, Technologists of Tomorrow

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Gray Hat Hacking, those with ambiguous ethics…

Internet Predators on the prowl

Dot COM: The Internet’s dominant TLD