SANS Stormcast Friday, May 9th: SSH Exfil Tricks; magicINFO still vulnerable; SentinelOne Vulnerability; Commvault insufficient patch (#)
May 9 2025
Duración: 5 m
Podcast

No se pudo agregar al carrito

Solo puedes tener X títulos en el carrito para realizar el pago.

Add to Cart failed.

Por favor prueba de nuevo más tarde

Por favor prueba de nuevo más tarde

Por favor prueba de nuevo más tarde

Por favor intenta de nuevo

Intenta nuevamente

Intenta nuevamente

Escúchala gratis

Ver detalles del espectáculo

Resumen
SANS Stormcast Friday, May 9th: SSH Exfil Tricks; magicINFO still vulnerable; SentinelOne Vulnerability; Commvault insufficient patch No Internet Access: SSH to the Rescue If faced with restrictive outbound network access policies, a single inbound SSH connection can quickly be turned into a tunnel or a full-blown VPN https://isc.sans.edu/diary/No%20Internet%20Access%3F%20SSH%20to%20the%20Rescue!/31932 SAMSUNG magicINFO 9 Server Flaw Still exploitable The SAMSUNG magicINFO 9 Server Vulnerability we found being exploited last week is apparently still not completely patched, and current versions are vulnerable to the exploit observed in the wild. https://www.huntress.com/blog/rapid-response-samsung-magicinfo9-server-flaw Bring Your Own Installer: Bypassing SentinelOne Through Agent Version Change Interruption SentinelOne’s installer is vulnerable to an exploit allowing attackers to shut down the end point protection software https://www.aon.com/en/insights/cyber-labs/bring-your-own-installer-bypassing-sentinelone Commvault Still Exploitable A recent patch for Commvault is apparently ineffective and the PoC exploit published by watchTowr is still working against up to date patched systems https://infosec.exchange/@wdormann/114458913006792356 keywords: commvault; patches; sentinelone; samung; magicinfo; ssh;

Más Menos

Calificaciones medias de los clientes

No hay comentarios disponibles