A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Friday Feb 21st: Kibana Queries; Mongoose Injection; U-Boot Flaws; Unifi Protect Camera Vulnerabilities; Protecting Network Devices as Endpoint (Austin Clark @sans_edu)
February 20, 2025
12:29
10.76 MB
Downloads: 0
Using ES|QL In Kibana to Query DShield Honeypot Logs
Using the "Elastic Search Piped Query Language" to query DShield honeypot logs
https://isc.sans.edu/diary/Using%20ES%7CQL%20in%20Kibana%20to%20Queries%20DShield%20Honeypot%20Logs/31704
Mongoose Flaws Put MongoDB at risk
The Object Direct Mapping library Mongoose suffers from an injection vulnerability leading to the potenitial of remote code exeuction in MongoDB
https://www.theregister.com/2025/02/20/mongoose_flaws_mongodb/
U-Boot Vulnerabilities
The open source boot loader U-Boot does suffer from a number of issues allowing the bypass of its integrity checks. This may lead to the execution of malicious code on boot.
https://www.openwall.com/lists/oss-security/2025/02/17/2
Unifi Protect Camera Update
https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f