Episode Details

SANS Stormcast Wednesday, July 23rd, 2025: Sharepoint 2016 Patch; MotW Privacy and WinZip; Interlock Ransomware; Sophos Patches Microsoft Updates SharePoint Vulnerability Guidance CVE-2025-53770 and CVE-2025-53771 Microsoft released its update for SharePoint 2016, completing the updates across all currently supported versions. https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/ WinZip MotW Privacy Starting with version 7.10, WinZip introduced an option to no longer include the download URL in zip files as part of the Mark of the Web (MotW). https://isc.sans.edu/diary/WinRAR%20MoTW%20Propagation%20Privacy/32130 Interlock Ransomware Several government agencies collaborated to create an informative and comprehensive overview of the Interlock ransomware. Just like prior writeups, this writeup is very informative, including many technical details useful to detect and block this ransomware. https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a Sophos Firewall Updates Sophos patched five different vulnerabilities in its firewalls. Two of them are critical, but these only affect a small percentage of users. https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce keywords: sophos; interlock; winzip; motw; microsoft; sharepoint