This SANS Internet Storm Center Stormcast news podcast covers three cybersecurity topics. First, it discusses the PFSync network protocol used for firewall failover, highlighting its unusual nature (no RFC, uncommon tool support) and the valuable network information it contains. Second, it reports on Oracle's critical patch update addressing 318 vulnerabilities, specifically noting two critical remote code execution vulnerabilities in Kerberos and the communication diameter signaling router. Finally, the podcast details a supply chain attack against a South Korean VPN provider (ipany.kr), where a backdoored installer distributed malware, emphasizing the importance of cautious software downloads and manual VPN configuration. Listeners are encouraged to review the mentioned patch updates and CISA's write-up on Ivanti vulnerabilities.
Sign in to continue reading, translating and more.
Continue
