A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Monday April 7th 2025: New Username Report; Quickshell Vulnerability; Apache Traffic Director Request Smuggeling
April 06, 2025
6:14
5.24 MB
Downloads: 0
New SSH Username Report
A new ssh/telnet username reports makes it easier to identify new usernames attackers are using against our telnet and ssh honeypots
https://isc.sans.edu/diary/New%20SSH%20Username%20Report/31830
Quickshell Sharing is Caring: About an RCE Attack Chain on Quick Share
The Google Quick Share protocol is susceptible to several vulnerabilities that have not yet been fully patched, allowing for some file overwrite issues that could lead to the accidental execution of malicious code.
https://www.blackhat.com/asia-25/briefings/schedule/index.html#quickshell-sharing-is-caring-about-an-rce-attack-chain-on-quick-share-43874
Apache Traffic Director Request Smuggling Vulnerability
https://www.openwall.com/lists/oss-security/2025/04/02/4