ISC StormCast for Wednesday, January 15th, 2025

SANS Stormcast: Daily Cyber Security News
15/01/2025 7 min Episodio 9280
ISC StormCast for Wednesday, January 15th, 2025

Listen "ISC StormCast for Wednesday, January 15th, 2025"

Descargar episodio Ver en sitio original

Episode Synopsis

Today, Microsoft Patch Tuesday headlines our news with Microsoft patching 209 vulnerabilities, some of which have already been exploited. Fortinet suspects a so far unpatched Node.js authentication bypass to be behind some recent exploits of FortiOS and FortiProxy devices. Microsoft January 2025 Patch Tuesday This month's Microsoft patch update addresses a total of 209 vulnerabilities, including 12 classified as critical. Among these, 3 vulnerabilities have been actively exploited in the wild, and 5 have been disclosed prior to the patch release, marking them as zero-days.https://isc.sans.edu/diary/rss/31590 Fortinet Security Advisory FG-IR-24-535 CVE-2024-55591 An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS and FortiProxy may allow a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.https://fortiguard.fortinet.com/psirt/FG-IR-24-535 PRTG Network Monitor Update: Update for an already exploited XSS vulnerability in Paesler PRTG Network Monitor CVE-2024-12833https://www.paessler.com/prtg/history/stable

More episodes of the podcast SANS Stormcast: Daily Cyber Security News

SANS Stormcast Tuesday, November 11th, 2025: 3CX Related Scans; Watchguard Default Password; 11/11/2025
SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks 10/11/2025
SANS Stormcast Friday, November 7th, 2025: PowerShell Log Correlation; RondoBox Disected; Google Chrome and Cisco Patches 07/11/2025
SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report 06/11/2025
SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches 05/11/2025
SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensi 04/11/2025
SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements 03/11/2025
SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability 31/10/2025
SANS Stormcast Thursday, October 30th, 2025: Memory Only Filesystems Forensics; Azure Outage; docker-compose patch 30/10/2025
SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC 29/10/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA