A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast: Securing the Edge; PostgreSQL Exploit; Ivanti Exploit; WinZip Vulnerablity; Xerox Patch
February 17, 2025
4:39
4.17 MB
Downloads: 0
My Very Personal Guidance and Strategies to Protect Network Edge Devices
A quick summary to help you secure edge devices. This may be a bit opinionated, but these are the strategies that I find work and are actionable.
https://isc.sans.edu/diary/My%20Very%20Personal%20Guidance%20and%20Strategies%20to%20Protect%20Network%20Edge%20Devices/31660
PostgreSQL SQL Injection
A followup to yesterday's segment about the PostgreSQL vulnerability. Rapid7 released a Metasploit module to exploit the vulnerability.
https://github.com/rapid7/metasploit-framework/pull/19877
Ivanti Connect Secure Exploited
The Japanese CERT observed exploitation of January's Connect Secure vulnerability
https://blogs.jpcert.or.jp/ja/2025/02/spawnchimera.html
WinZip Vulnerability
WinZip patched a buffer overflow vulenrability that may be triggered by malicious 7Z files
https://www.zerodayinitiative.com/advisories/ZDI-25-047/
Xerox Printer Patch
Xerox patched two vulnerabililites in its enterprise multifunction printers that may be exploited for lateral movement.
https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox-VersaLinkPhaser-and-WorkCentre.pdf