Artwork
iconShare
 
Manage episode 503873653 series 19634
Content provided by SANS ISC Handlers and Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by SANS ISC Handlers and Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
pdf-parser: All Streams
Didier released a new version of pdf-parser.py. This version fixes a problem with dumping all filtered streams.
https://isc.sans.edu/diary/pdf-parser%3A%20All%20Streams/32248
Salesloft Drift Putting OAuth Tokens at Risk
OAuth tokens used by Salesloft Drift users to provide access to integrations with Salesforce, Google Workspace, and others have been compromised and heavily abused for additional compromise and large-scale data exfiltration from exposed services.
https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift
Velociraptor incident response tool abused for remote access
Attackers are using the open source incident response tool Velociraptor to access remote systems in breached networks. Tools like Velocitraptor are ideal for attackers to perform lateral movement.
https://news.sophos.com/en-us/2025/08/26/velociraptor-incident-response-tool-abused-for-remote-access/
Default Password in NeuVector (Rancher Desktop)
SuSE fixed a default password vulnerability in NeuVector, a security tool included in Rancher Desktop.
https://github.com/neuvector/neuvector/security/advisories/GHSA-8pxw-9c75-6w56
  continue reading

3131 episodes