SANS Stormcast Feb 14th 2025: DShield Honeypot SIEM; PAN OS Auth Bypass; Salt Typhone vs. Cisco; Crowdstrike Patch - podcast episode cover

SANS Stormcast Feb 14th 2025: DShield Honeypot SIEM; PAN OS Auth Bypass; Salt Typhone vs. Cisco; Crowdstrike Patch

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Feb 14, 20256 minEp. 9324
--:--
--:--
Listen in podcast apps:
Metacast
Spotify
Youtube
RSS

Episode description


DShield SIEM Docker Updates
Interested in learning more about the attacks hitting your honeypot?
Guy assembled a neat SIEM to create dashboards summarizing the attacks.
https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/31680
PANOS Path Confusion Auth Bypass
Palo Alto Networks fixed a path confusion vulnerability introduced by the
overly complex midle box chain in PANOS.
https://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os/
https://www.theregister.com/2025/02/13/palo_alto_firewall/
China's Volt Typhoon Continues to use Cisco Vulns
Recorded Future wrote up some recent attacks of the Red Mike / Volt Typhoon groups going after telecom providers by compromissing Cisco systems via an older vulnerabilty
https://www.wired.com/story/chinas-salt-typhoon-spies-are-still-hacking-telecoms-now-by-exploiting-cisco-routers/
Crowdstrike Patches Linux Client
https://www.crowdstrike.com/security-advisories/cve-2025-1146/
SANS Stormcast Feb 14th 2025: DShield Honeypot SIEM; PAN OS Auth Bypass; Salt Typhone vs. Cisco; Crowdstrike Patch | SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) - Listen or read transcript on Metacast