SANS Stormcast Friday, August 15th, 2025: Analysing Attack with AI; Proxyware via YouTube; Xerox FreeFlow Vuln; Evaluating Zero Trust @SANS_edu

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

محتوای ارائه شده توسط SANS ISC Handlers and Johannes B. Ullrich. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط SANS ISC Handlers and Johannes B. Ullrich یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

1M ago 15:12

MP3•خانه قسمت

AI and Faster Attack Analysis
A few use cases for LLMs to speed up analysis
https://isc.sans.edu/diary/AI%20and%20Faster%20Attack%20Analysis%20%5BGuest%20Diary%5D/32198
Proxyware Malware Being Distributed on YouTube Video Download Site
Popular YouTube download sites will attempt to infect users with proxyware.
https://asec.ahnlab.com/en/89574/
Xerox Freeflow Core Vulnerability
Horizon3.ai discovered XXE Injection (CVE-2025-8355) and Path Traversal (CVE-2025-8356) vulnerabilities in Xerox FreeFlow Core, a print orchestration platform. These vulnerabilities are easily exploitable and enable unauthenticated remote attackers to achieve remote code execution on vulnerable FreeFlow Core instances.
https://horizon3.ai/attack-research/attack-blogs/from-support-ticket-to-zero-day/
SANS.edu Research: Darren Carstensen Evaluating Zero Trust Network Access: A Framework for Comparative Security Testing
Not all Zero Trust Network Access (ZTNA) solutions are created equal, and despite bold marketing claims, many fall short of delivering proper Zero Trust security.
https://www.sans.edu/cyber-research/evaluating-zero-trust-network-access-framework-comparative-security-testing/

3111 قسمت

#Security #Tech #Software Development #SANS ISC Handlers #Johannes B. Ullrich #News #Tech News