A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Tuesday Mar 11th: Shellcode as UUIDs; Moxe Switch Vuln Updates; Opentext Vuln; Livewire Volt Vuln;
March 10, 2025
4:59
0.92 MB ( 3.53 MB less)
Downloads: 0
Shellcode Encoded in UUIDs
Attackers are using UUIDs to encode Shellcode. The 128 Bit (or 16 Bytes) encoded in each UUID are converted to shell code to implement a cobalt strike beacon
https://isc.sans.edu/diary/Shellcode%20Encoded%20in%20UUIDs/31752
Moxa CVE-2024-12297 Expanded to PT Switches
Moxa in January first releast an update to address a fronted authorizaation logic disclosure vulnerability. It now updated the advisory and included the PT series switches as vulenrable.
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241408-cve-2024-12297-frontend-authorization-logic-disclosure-vulnerability-identified-in-pt-switches
Opentext Insufficently Protected Credentials
https://portal.microfocus.com/s/article/KM000037455?language=en_US
Livewire Volt API vulnerability
https://github.com/livewire/volt/security/advisories/GHSA-v69f-5jxm-hwvv