SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability

SANS Stormcast: Daily Cyber Security News
31/10/2025 6 min Episodio 9680
SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability

Listen "SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability"

Descargar episodio Ver en sitio original

Episode Synopsis

X-Request-Purpose: Identifying "research" and bug bounty related scans? Our honeypots captured a few requests with bug bounty specific headers. These headers are meant to make it easier to identify requests related to bug bounty, and they are supposed to identify the researcher conducting the scanshttps://isc.sans.edu/diary/X-Request-Purpose%3A%20Identifying%20%22research%22%20and%20bug%20bounty%20related%20scans%3F/32436 Proton Breach Observatory Proton opened up its breach observatory. This website will collect information about breaches affecting companies that have not yet made the breach public.https://proton.me/blog/introducing-breach-observatory Microsoft Exchange Server Security Best Practices A new document published by a collaboration of national cyber security agencies summarizes steps that should be taken to harden Exchange Server.https://www.nsa.gov/Portals/75/documents/resources/cybersecurity-professionals/CSI_Microsoft_Exchange_Server_Security_Best_Practices.pdf?ver=9mpKKyUrwfpb9b9r4drVMg%3d%3d MOVEit Vulnerability Progress published an advisory for its file transfer program MOVEIt . This software has had heavily exploited vulnerabilities in the past.https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-CVE-2025-10932-October-29-2025

More episodes of the podcast SANS Stormcast: Daily Cyber Security News

SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report 06/11/2025
SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches 05/11/2025
SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensi 04/11/2025
SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements 03/11/2025
SANS Stormcast Thursday, October 30th, 2025: Memory Only Filesystems Forensics; Azure Outage; docker-compose patch 30/10/2025
SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC 29/10/2025
SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection 28/10/2025
SANS Stormcast Monday, October 27th, 2025: Bilingual Phishing; Kaitai Struct WebIDE 27/10/2025
SANS Stormcast Friday, October 24th, 2025: Android Infostealer; SessionReaper Exploited; BIND/unbound DNS Spoofing fix; WSUS Exploit 24/10/2025
SANS Stormcast Thursday, October 23rd, 2025: Blue Angle Software Exploit; Oracle CPU; Rust tar library vulnerability. 23/10/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA