Network Security News Summary for Wednesday October 5th, 2022
SANS Internet Storm Center's Daily Network Security News Podcast · Johannes B. Ullrich
October 5, 20225m 22s
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Phishing via Telegram; Updated MSFT Exchange fix; PHP Packagist Vuln; Credential Harvesting with Telegram https://isc.sans.edu/forums/diary/Credential%20Harvesting%20with%20Telegram%20API/29112/ Updated Microsoft Exchange Fix https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/ Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization https://www.cisa.gov/uscert/ncas/alerts/aa22-277a A New Supply Chain Attack on PHP https://blog.sonarsource.com/securing-developer-tools-a-new-supply-chain-attack-on-php/ keywords: supply chain; packagist; php; microsoft; exchange; telegram; phishing