DiscoverSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)SANS Stormcast Thursday, May 15th: Google Open Redirects; Adobe, Ivanti, and Samsung patches
SANS Stormcast Thursday, May 15th: Google Open Redirects; Adobe, Ivanti, and Samsung patches

SANS Stormcast Thursday, May 15th: Google Open Redirects; Adobe, Ivanti, and Samsung patches

Update: 2025-05-15
Share

Description



Another day, another phishing campaign abusing google.com open redirects

Google s links from it s maps page to hotel listings do suffer from an open redirect vulnerability that is actively exploited to direct users to phishing pages.

https://isc.sans.edu/diary/Another%20day%2C%20another%20phishing%20campaign%20abusing%20google.com%20open%20redirects/31950

Adobe Patches

Adobe patched 12 different applications. Of particular interest is the update to ColdFusion, which fixes several arbitrary code execution and arbitrary file read problems.

https://helpx.adobe.com/security/security-bulletin.html

Samsung Patches magicInfo 9 Again

Samsung released a new patch for the already exploited magicInfo 9 CMS vulnerability. While the description is identical to the patch released last August, a new CVE number is used.

https://security.samsungtv.com/securityUpdates#SVP-MAY-2025

Ivanti Patches Critical Ivanti Neurons Flaw

Ivanti released a patch for Ivanti Neurons for ITSM (on-prem only) fixing a critical authentication bypass vulnerability. Ivanti also points to its guidance to secure the underlying IIS server to make exploitation of flaws like this more difficult
Comments 
In Channel
SANS Stormcast Monday, June 16th, 2025: Extracing Data from JPEG; Windows Recall Export; Anubis Wiper; Mitel Vuln and PoC

SANS Stormcast Monday, June 16th, 2025: Extracing Data from JPEG; Windows Recall Export; Anubis Wiper; Mitel Vuln and PoC

2025-06-1705:46

SANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil

SANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil

2025-06-1606:44

SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln;

SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln;

2025-06-1305:43

SANS Stormcast Thursday, June 12th, 2025: Quasar RAT; Windows 11 24H2 Delay; SMB Client Vuln PoC; Connectwise Signing Keys; KDE Telnet code exec

SANS Stormcast Thursday, June 12th, 2025: Quasar RAT; Windows 11 24H2 Delay; SMB Client Vuln PoC; Connectwise Signing Keys; KDE Telnet code exec

2025-06-1206:27

SANS Stormcast Wednesday, June 11th, 2025: Microsoft Patch Tuesday; Acrobat Patches

SANS Stormcast Wednesday, June 11th, 2025: Microsoft Patch Tuesday; Acrobat Patches

2025-06-1106:58

SANS Stormcast June, Tuesday, June 10th, 2025: Octosql; Mirai vs. Wazuh DNS4EU; Wordpress Fair Package Manager

SANS Stormcast June, Tuesday, June 10th, 2025: Octosql; Mirai vs. Wazuh DNS4EU; Wordpress Fair Package Manager

2025-06-1006:09

SANS Stormcast June, June 9th, 2025: Extracting PNG Data; GlueStack Packages Backdoor; MacOS targeted by Clickfix; INETPUB restore script

SANS Stormcast June, June 9th, 2025: Extracting PNG Data; GlueStack Packages Backdoor; MacOS targeted by Clickfix; INETPUB restore script

2025-06-0905:43

SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch

SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch

2025-06-0605:01

SANS Stormcast Thursday, June 5th, 2025: Phishing Comment Trick; AWS default logging mode change; Cisco Backdoor Fixed; Infoblox Vulnerability Details Released

SANS Stormcast Thursday, June 5th, 2025: Phishing Comment Trick; AWS default logging mode change; Cisco Backdoor Fixed; Infoblox Vulnerability Details Released

2025-06-0505:26

SANS Stormcast Wednesday, June 4th, 2025: vBulletin Exploited; Chrome 0-Day Patch; Roundcube RCE Patch; Multiple HP StoreOnce Vulns Patched

SANS Stormcast Wednesday, June 4th, 2025: vBulletin Exploited; Chrome 0-Day Patch; Roundcube RCE Patch; Multiple HP StoreOnce Vulns Patched

2025-06-0407:25

SANS Stormcast Tuesday, June 3rd, 2025: Windows SSH C2; Google Removes CAs from trusted list; MSFT issues Emergency Patch to fix Crash issue; Qualcom Adreno GPU 0-day

SANS Stormcast Tuesday, June 3rd, 2025: Windows SSH C2; Google Removes CAs from trusted list; MSFT issues Emergency Patch to fix Crash issue; Qualcom Adreno GPU 0-day

2025-06-0306:06

SANS Stormcast Monday, June 2nd, 2025: PNG with RAT; Cisco IOS XE WLC Exploit; vBulletin Exploit

SANS Stormcast Monday, June 2nd, 2025: PNG with RAT; Cisco IOS XE WLC Exploit; vBulletin Exploit

2025-06-0205:42

SANS Stormcast Friday, May 30th 2025: Alternate Data Streams; Connectwise Breach; Google Calendar C2;

SANS Stormcast Friday, May 30th 2025: Alternate Data Streams; Connectwise Breach; Google Calendar C2;

2025-05-3013:47

SANS Stormcast Thursday May 29th 2025: LLM Assisted Analysis; MSP Ransomware; Everetz Vulnerability

SANS Stormcast Thursday May 29th 2025: LLM Assisted Analysis; MSP Ransomware; Everetz Vulnerability

2025-05-2906:10

SANS Stormcast Wednesday May 28th 2025: Securing authorized_keys; ADAuditPlus SQL Injection; Dero Miner vs Docker API

SANS Stormcast Wednesday May 28th 2025: Securing authorized_keys; ADAuditPlus SQL Injection; Dero Miner vs Docker API

2025-05-2806:37

SANS Stormcast Tuesday, May 27th 2025: SVG Steganography; Fortinet PoC; GitLab Duo Prompt Injection

SANS Stormcast Tuesday, May 27th 2025: SVG Steganography; Fortinet PoC; GitLab Duo Prompt Injection

2025-05-2707:13

SANS Stormcast Friday, May 23rd 2025: Backup Connectivity; Windows 2025 dMSA Abuse; Samlify Vulnerability

SANS Stormcast Friday, May 23rd 2025: Backup Connectivity; Windows 2025 dMSA Abuse; Samlify Vulnerability

2025-05-2307:54

SANS Stormcast Thursday, May 22nd 2025: Crypto Confidence Scams; Extension Mayhem for VS Code and Chrome

SANS Stormcast Thursday, May 22nd 2025: Crypto Confidence Scams; Extension Mayhem for VS Code and Chrome

2025-05-2206:21

SANS Stormcast Wednesday, May 21st 2025: Researchers Scanning the Internet; Forgotten DNS Records; openpgp.js Vulneraiblity

SANS Stormcast Wednesday, May 21st 2025: Researchers Scanning the Internet; Forgotten DNS Records; openpgp.js Vulneraiblity

2025-05-2107:51

SANS Stormcast Tuesday, May 20th 2025: AutoIT Code RAT; Fake Keepass Download; Procolored Printer Software Compromise

SANS Stormcast Tuesday, May 20th 2025: AutoIT Code RAT; Fake Keepass Download; Procolored Printer Software Compromise

2025-05-2006:41

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
1.0x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

SANS Stormcast Thursday, May 15th: Google Open Redirects; Adobe, Ivanti, and Samsung patches

SANS Stormcast Thursday, May 15th: Google Open Redirects; Adobe, Ivanti, and Samsung patches

Dr. Johannes B. Ullrich