1c:I[5025,["2266","static/chunks/870fdd6f-6bc796c30d2d789b.js","6874","static/chunks/6874-1092c3b716d98184.js","3063","static/chunks/3063-d60ec0b08e19cd33.js","7698","static/chunks/7698-29ba5779557874ff.js","5801","static/chunks/app/podcast/%5BpodcastSlug%5D/%5BpodcastShortId%5D/%5BepisodeSlug%5D/%5BepisodeShortId%5D/page-b8b82ab127fe442b.js"],"default"] 1d:I[5163,["2266","static/chunks/870fdd6f-6bc796c30d2d789b.js","6874","static/chunks/6874-1092c3b716d98184.js","3063","static/chunks/3063-d60ec0b08e19cd33.js","7698","static/chunks/7698-29ba5779557874ff.js","5801","static/chunks/app/podcast/%5BpodcastSlug%5D/%5BpodcastShortId%5D/%5BepisodeSlug%5D/%5BepisodeShortId%5D/page-b8b82ab127fe442b.js"],"default"] 1e:T5cf,
DShield SIEM Docker Updates
Interested in learning more about the attacks hitting your honeypot?
Guy assembled a neat SIEM to create dashboards summarizing the attacks.
https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/31680
PANOS Path Confusion Auth Bypass
Palo Alto Networks fixed a path confusion vulnerability introduced by the
overly complex midle box chain in PANOS.
https://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os/
https://www.theregister.com/2025/02/13/palo_alto_firewall/
China's Volt Typhoon Continues to use Cisco Vulns
Recorded Future wrote up some recent attacks of the Red Mike / Volt Typhoon groups going after telecom providers by compromissing Cisco systems via an older vulnerabilty
https://www.wired.com/story/chinas-salt-typhoon-spies-are-still-hacking-telecoms-now-by-exploiting-cisco-routers/
Crowdstrike Patches Lin

‌

Episode description

SANS Stormcast Feb 14th 2025: DShield Honeypot SIEM; PAN OS Auth Bypass; Salt Typhone vs. Cisco; Crowdstrike Patch

Episode description