DiscoverSANS Stormcast: Daily Cyber Security NewsSANS Stormcast Thursday, October 23rd, 2025: Blue Angle Software Exploit; Oracle CPU; Rust tar library vulnerability.
SANS Stormcast Thursday, October 23rd, 2025: Blue Angle Software Exploit; Oracle CPU; Rust tar library vulnerability.

SANS Stormcast Thursday, October 23rd, 2025: Blue Angle Software Exploit; Oracle CPU; Rust tar library vulnerability.

Update: 2025-10-23
Share

Description


webctrl.cgi/Blue Angel Software Suite Exploit Attempts. Maybe CVE-2025-34033 Variant?
Our honeypots detected attacks that appear to exploit CVE-2025-34033 or a similar vulnerability in the Blue Angle Software Suite.
https://isc.sans.edu/diary/webctrlcgiBlue+Angel+Software+Suite+Exploit+Attempts+Maybe+CVE202534033+Variant/32410
Oracle Critical Patch Update
Oracle released its quarterly critical patch update. The update includes patches for 374 vulnerabilities across all of Oracle s products. There are nine more patches for Oracle s e-Business Suite.
https://www.oracle.com/security-alerts/cpuoct2025.html#AppendixEBS
Rust TAR Library Vulnerability
A vulnerability in the popular, but no longer maintained, async-tar vulnerability could lead to arbitrary code execution
https://edera.dev/stories/tarmageddon
Comments 
loading
In Channel
SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report

SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report

2025-11-0605:43

SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches

SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches

2025-11-0506:30

SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensi

SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensi

2025-11-0406:56

SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements

SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements

2025-11-0306:27

SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability

SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability

2025-10-3106:20

SANS Stormcast Thursday, October 30th, 2025: Memory Only Filesystems Forensics; Azure Outage; docker-compose patch

SANS Stormcast Thursday, October 30th, 2025: Memory Only Filesystems Forensics; Azure Outage; docker-compose patch

2025-10-3006:07

SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC

SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC

2025-10-2908:05

SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection

SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection

2025-10-2806:17

SANS Stormcast Monday, October 27th, 2025: Bilingual Phishing; Kaitai Struct WebIDE

SANS Stormcast Monday, October 27th, 2025: Bilingual Phishing; Kaitai Struct WebIDE

2025-10-2706:21

SANS Stormcast Friday, October 24th, 2025: Android Infostealer; SessionReaper Exploited; BIND/unbound DNS Spoofing fix; WSUS Exploit

SANS Stormcast Friday, October 24th, 2025: Android Infostealer; SessionReaper Exploited; BIND/unbound DNS Spoofing fix; WSUS Exploit

2025-10-2406:25

SANS Stormcast Thursday, October 23rd, 2025: Blue Angle Software Exploit; Oracle CPU; Rust tar library vulnerability.

SANS Stormcast Thursday, October 23rd, 2025: Blue Angle Software Exploit; Oracle CPU; Rust tar library vulnerability.

2025-10-2307:28

SANS Stormcast Wednesday, October 22nd, 2025: NTP Pool; Xubuntu Compromise; Squid Vulnerability; Lanscope Vuln;

SANS Stormcast Wednesday, October 22nd, 2025: NTP Pool; Xubuntu Compromise; Squid Vulnerability; Lanscope Vuln;

2025-10-2206:37

SANS Stormcast Tuesday, October 21st, 2025: Syscall() Obfuscation; AWS down; Beijing Time Attack

SANS Stormcast Tuesday, October 21st, 2025: Syscall() Obfuscation; AWS down; Beijing Time Attack

2025-10-2009:17

SANS Stormcast Monday, October 20th, 2025: Malicious Tiktok; More Google Ad Problems; Satellite Insecurity

SANS Stormcast Monday, October 20th, 2025: Malicious Tiktok; More Google Ad Problems; Satellite Insecurity

2025-10-1906:15

SANS Stormcast Friday, October 17th, 2025: New Slack Workspace; Cisco SNMP Exploited; BIOS Backdoor; @sans_edu reseach: Active Defense

SANS Stormcast Friday, October 17th, 2025: New Slack Workspace; Cisco SNMP Exploited; BIOS Backdoor; @sans_edu reseach: Active Defense

2025-10-1721:28

SANS Stormcast Thursday, October 16th, 2025: Clipboard Image Stealer; F5 Compromise; Adobe Updates; SAP Patchday

SANS Stormcast Thursday, October 16th, 2025: Clipboard Image Stealer; F5 Compromise; Adobe Updates; SAP Patchday

2025-10-1508:40

SANS Stormcast Wednesday, October 15th, 2025: Microsoft Patchday; Ivanti Advisory; Fortinet Patches

SANS Stormcast Wednesday, October 15th, 2025: Microsoft Patchday; Ivanti Advisory; Fortinet Patches

2025-10-1406:22

SANS Stormcast Tuesday, October 14th, 2025: ESAFENET Scans; Payroll Priates; MSFT Edge IE Mode

SANS Stormcast Tuesday, October 14th, 2025: ESAFENET Scans; Payroll Priates; MSFT Edge IE Mode

2025-10-1306:03

SANS Stormcast Monday, October 13th, 2025: More Oracle Patches; Sonicwall Compromisses; Unpatched Gladinet; 7-Zip Patches

SANS Stormcast Monday, October 13th, 2025: More Oracle Patches; Sonicwall Compromisses; Unpatched Gladinet; 7-Zip Patches

2025-10-1205:56

SANS Stormcast Friday, October 10th, 2025: RedTail Defenses; SonicWall Breach; Crowdstrike “Issues”; Ivanti 0-days; Mapping Agentic Attack

SANS Stormcast Friday, October 10th, 2025: RedTail Defenses; SonicWall Breach; Crowdstrike “Issues”; Ivanti 0-days; Mapping Agentic Attack

2025-10-1015:13

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
1.0x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

SANS Stormcast Thursday, October 23rd, 2025: Blue Angle Software Exploit; Oracle CPU; Rust tar library vulnerability.

SANS Stormcast Thursday, October 23rd, 2025: Blue Angle Software Exploit; Oracle CPU; Rust tar library vulnerability.

Johannes Ullrich