Episode Details

Back to Episodes

SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues;

Episode 9424 Published 11 months ago
Description

Attacks against Teltonika Networks SMS Gateways
Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords.
https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888
Commvault Vulnerability CVE-2205-34028
Commvault, about a week ago, published an advisory and a fix for a vulnerability in its backup software. watchTowr now released a detailed writeup and exploit for the vulnerability
https://labs.watchtowr.com/fire-in-the-hole-were-breaching-the-vault-commvault-remote-code-execution-cve-2025-34028/
Exploitation Trends Q1 2025
Vulncheck published a summary of exploitation trends, pointing out that about a quarter of vulnerabilities are exploited a day after a patch is made available.
https://vulncheck.com/blog/exploitation-trends-q1-2025
inetpub directory issues
The inetpub directory introduced by Microsoft in its April patch may lead to a denial of service against applying patches on Windows if an attacker can create a junction for that location pointing to an existing system binary like Notepad.
https://doublepulsar.com/microsofts-patch-for-cve-2025-21204-symlink-vulnerability-introduces-another-symlink-vulnerability-9ea085537741
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us