Network Security News Summary for Monday August 7th, 2023
SANS Internet Storm Center's Daily Network Security News Podcast · Johannes B. Ullrich
August 6, 20235m 16s
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Leaked Credentials; PaperCut RCE Vuln; MSFT Fixes Power Platform Bug; Token Theft Playbook; Are Leaked Credential Dumps Used by Attackers? https://isc.sans.edu/diary/Are%20Leaked%20Credentials%20Dumps%20Used%20by%20Attackers%3F/30098 New PaperCut RCE Vulnerability https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/ Microsoft mitigates Power Platform Custom Code information disclosure vulnerability https://msrc.microsoft.com/blog/2023/08/microsoft-mitigates-power-platform-custom-code-information-disclosure-vulnerability/ Microsoft Publishes Token theft Playbook https://learn.microsoft.com/en-us/security/operations/token-theft-playbook keywords: microsoft; cloud; azure; playbook; tokens; power platform; papercut; rce; credential dump;