SANS Stormcast: Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution - podcast episode cover

SANS Stormcast: Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Mar 10, 20257 minEp. 9356
--:--
--:--
Listen in podcast apps:
Metacast
Spotify
Youtube
RSS

Episode description


Commonly Probed Webshell URLs
Many attackers deploy web shells to gain a foothold on vulnerable web servers. These webshells can also be taken over by parasitic exploits.
https://isc.sans.edu/diary/Commonly%20Probed%20Webshell%20URLs/31748
Undocumented ESP32 Commands
A recent conference presentation by Tarlogic revealed several "backdoors" or undocumented features in the commonly used ESP32 Chipsets. Tarlogic also released a toolkit to make it easier to audit chipsets and find these hiddent commands.
https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/
Camera Off: Akira deploys ransomware via Webcam
The Akira ransomware group was recently observed infecting a network with Ransomware by taking advantage of a webcam.
https://www.s-rminform.com/latest-thinking/camera-off-akira-deploys-ransomware-via-webcam
SANS Stormcast: Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution | SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) - Listen or read transcript on Metacast