SANS ISC Stormcast, Jan 16, 2025: Critical Vulnerabilities and Cybersecurity Updates You Need to Know
Update: 2025-01-16
Description
Today's episode covers an odd 12 year old Netgear vulnerability that only received a proper CVE number last year. Learn about how to properly identify OpenID connect users and avoid domain name resue. Good old rsync turns out to be in need of patching and Fortinet: Not sure if it needs patching. Probably it does. Go ahead and patch it.
The Curious Case of a 12-Year-Old Netgear Router Vulnerability
Outdated Netgear routers remain a security risk, with attackers actively exploiting a 2013 vulnerability to deploy crypto miners. Learn how to protect your network by updating or replacing legacy hardware.
URL: https://isc.sans.edu/diary/The%20Curious%20Case%20of%20a%2012-Year-Old%20Netgear%20Router%20Vulnerability/31592
Millions at Risk Due to Google s OAuth Flaw
A flaw in Google s OAuth implementation enables attackers to exploit defunct domain accounts, exposing sensitive data. Tips on implementing MFA and domain monitoring to reduce risks.
URL: https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw
Rsync 3.4.0 Security Release
The latest rsync update fixes critical vulnerabilities, including buffer overflows and symbolic link issues. Upgrade immediately to protect your file synchronization processes.
URL: https://download.samba.org/pub/rsync/NEWS#3.4.0
Fortinet PSIRT Advisories: Stay Secure
Fortinet's latest advisories address vulnerabilities in FortiOS, FortiProxy, and more. Review and apply patches promptly to secure your perimeter defenses.
URL: https://www.fortiguard.com/psirt
The Curious Case of a 12-Year-Old Netgear Router Vulnerability
Outdated Netgear routers remain a security risk, with attackers actively exploiting a 2013 vulnerability to deploy crypto miners. Learn how to protect your network by updating or replacing legacy hardware.
URL: https://isc.sans.edu/diary/The%20Curious%20Case%20of%20a%2012-Year-Old%20Netgear%20Router%20Vulnerability/31592
Millions at Risk Due to Google s OAuth Flaw
A flaw in Google s OAuth implementation enables attackers to exploit defunct domain accounts, exposing sensitive data. Tips on implementing MFA and domain monitoring to reduce risks.
URL: https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw
Rsync 3.4.0 Security Release
The latest rsync update fixes critical vulnerabilities, including buffer overflows and symbolic link issues. Upgrade immediately to protect your file synchronization processes.
URL: https://download.samba.org/pub/rsync/NEWS#3.4.0
Fortinet PSIRT Advisories: Stay Secure
Fortinet's latest advisories address vulnerabilities in FortiOS, FortiProxy, and more. Review and apply patches promptly to secure your perimeter defenses.
URL: https://www.fortiguard.com/psirt
Comments
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
In Channel
Download from Google Play
Download from App Store
United States00:00
00:00
1.0x
