Network Security News Summary for Wednesday November 01th, 2023
SANS Internet Storm Center's Daily Network Security News Podcast · Johannes B. Ullrich
November 1, 20234m 12s
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Anti-Sandboxing; Confluence Vuln; PyCharm Malvertisement; Thorn SFTP Vuln; Multiple Layers of Anti-Sandboxing Techniques https://isc.sans.edu/diary/Multiple%20Layers%20of%20Anti-Sandboxing%20Techniques/30362 CVE-2023-22518 Improper Authorization Vulnerability in Confluence Data Center and Server https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html Malvertisement Promotes Malicious PyCharm Version https://www.malwarebytes.com/blog/threat-intelligence/2023/10/malvertising-via-dynamic-search-ads-delivers-malware-bonanza Thorn SFTP Gateway Java Deserialization RCE CVE-2016-1000027 CVE-2023-47174 https://help.thorntech.com/docs/sftp-gateway-gcp-3.0/gcp-java-deserialization-rce/ keywords: thron; sftp; pycharm; malvertisement; confluence; anti-sandboxing