A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Wednesday Apr 16th: File Upload Service Abuse; OpenSSH 10.0 Released; Apache Roller Vuln; Possible CVE Changes
April 15, 2025
5:54
1.1 MB ( 3.86 MB less)
Downloads: 0
Online Services Again Abused to Exfiltrate Data
Attackers like to abuse free online services that can be used to exfiltrate data. From the originals , like pastebin,
to past favorites like anonfiles.com. The latest example is gofile.io. As a defender, it is important to track these services to detect exfiltration early
https://isc.sans.edu/diary/Online%20Services%20Again%20Abused%20to%20Exfiltrate%20Data/31862
OpenSSH 10.0 Released
OpenSSH 10.0 was released. This release adds quantum-safe ciphers and the separation of authentication services into a separate binary to reduce the authentication attack surface.
https://www.openssh.com/releasenotes.html#10.0p1
Apache Roller Vulnerability
Apache Roller addressed a vulnerability. Its CVSS score of 10.0 appears inflated, but it is still a vulnerability you probably want to address.
https://lists.apache.org/thread/4j906k16v21kdx8hk87gl7663sw7lg7f
CVE Funding Changes
Mitre s government contract to operate the CVE system may run out tomorrow. This could lead to a temporary disruption of services, but the system is backed by a diverse board of directors representing many large companies. It is possible that non-government funding sources may keep the system afloat for now.
https://www.cve.org/