1c:I[5025,["2266","static/chunks/870fdd6f-6bc796c30d2d789b.js","6874","static/chunks/6874-1092c3b716d98184.js","3063","static/chunks/3063-d60ec0b08e19cd33.js","7698","static/chunks/7698-29ba5779557874ff.js","5801","static/chunks/app/podcast/%5BpodcastSlug%5D/%5BpodcastShortId%5D/%5BepisodeSlug%5D/%5BepisodeShortId%5D/page-b8b82ab127fe442b.js"],"default"] 1d:I[5163,["2266","static/chunks/870fdd6f-6bc796c30d2d789b.js","6874","static/chunks/6874-1092c3b716d98184.js","3063","static/chunks/3063-d60ec0b08e19cd33.js","7698","static/chunks/7698-29ba5779557874ff.js","5801","static/chunks/app/podcast/%5BpodcastSlug%5D/%5BpodcastShortId%5D/%5BepisodeSlug%5D/%5BepisodeShortId%5D/page-b8b82ab127fe442b.js"],"default"] 1e:T5c0,
DShield Traffic Analysis using ELK
The "DShield SIEM" includes an ELK dashboard as part of the Honeypot. Learn how to find traffic of interest with this tool.
https://isc.sans.edu/diary/DShield%20Traffic%20Analysis%20using%20ELK/31742
Zen and the Art of Microcode Hacking
Google released details, including a proof of concept exploit, showing how to take advantage of the recently patched AMD microcode vulnerability
https://bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking CVE-2024-56161
VIM Vulnerability
An attacker may execute arbitrary code by tricking a user to open a crafted tar file in VIM
https://github.com/vim/vim/security/advisories/GHSA-wfmf-8626-q3r3
Snil Mail Fake Ransom Note
A copy cat group is impersonating ransomware actors. The group sends snail mail to company executives claiming to have stolen company data and threatening to leak it unless a payment is made.

‌

Episode description

SANS Stormcast Thursday Mar 6th: DShield ELK Analysis; Jailbreaking AMD CPUs; VIM Vulnerability; Snail Mail Ransomware

Episode description