Episode Details

Back to Episodes

SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch

Episode 9592 Published 6 months, 4 weeks ago
Description

Increasing Searches for ZIP Files
Attackers are scanning our honeypots more and more for .zip files. They are looking for backups of credential files and the like left behind by careless administrators and developers.
https://isc.sans.edu/diary/Increasing%20Searches%20for%20ZIP%20Files/32242
FreePBX Vulnerability
An upatched vulnerability in FreePBX is currently being exploited. FreePBX offers mitigation advice and has also just released a beta patch.
https://community.freepbx.org/t/security-advisory-please-lock-down-your-administrator-access/107203
Passwordstate Vulnerability
Clickstudios patched an authentication bypass vulnerability in its password manager, Passwordstate. The vulnerability can be used to access the emergency password page.
https://www.clickstudios.com.au/passwordstate-changelog.aspx
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us