Episode Details

Back to Episodes

SANS Stormcast Thursday, August 28th, 2025: Launching Shellcode; NX Compromise; Volt Typhoon Report

Episode 9590 Published 7 months ago
Description

Interesting Technique to Launch a Shellcode
Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code.
https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238
NX Compromised to Steal Wallets and Credentials
The popular open source NX build package was compromised. Code was added that uses the help of AI tools like Claude and Gemini to steal credentials from affected systems
https://semgrep.dev/blog/2025/security-alert-nx-compromised-to-steal-wallets-and-credentials/
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed the Global Espionage System
Several law enforcement and cybersecurity agencies worldwide collaborated to release a detailed report on the recent Volt Typhoon incident.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-239a
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us