SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Friday, December 9th, 2022

Listen

Description

Finding Gaps in Syslog

https://isc.sans.edu/diary/Finding%20Gaps%20in%20Syslog%20-%20How%20to%20find%20when%20nothing%20happened/29314

Internet Explorer Vulnerabilty used in Malicious Word Document

https://blog.google/threat-analysis-group/internet-explorer-0-day-exploited-by-north-korean-actor-apt37/

Zombinder Obfuscation Service used by Ermac

https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html

Cisco IP Phone Vulnerability CVE-2022-20968

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U

daloRADIUS Vulnerablity CVE-2022-23475

https://securityonline.info/cve-2022-23475-account-take-over-flaw-in-open-source-radius-web-management-app/

SANS Holiday Hack Challenge

https://www.sans.org/mlp/holiday-hack-challenge/