meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Thursday, July 20th, 2023

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News

4.9754 Ratings

🗓️ 20 July 2023

⏱️ 3 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Citrix Vulnerability; Enigma Challenge; Oracle CPU; Microsoft Expanding Cloud Logging

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Thursday, July 20th, 2003 edition of the Sansonet Storm Center's Stormcast.

0:07.3

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

0:13.8

I caught myself a pretty bad cold, so I'll keep this podcast a little bit shorter than normal.

0:20.7

I want to start out just with a reminder, I already mentioned this yesterday, a little bit shorter than normal. I want to start out just with a reminder.

0:22.4

I already mentioned this yesterday about the Citrix ADC. Well, you must patch this by this

0:31.0

weekend. It's already being exploited. The only thing is that may help you here that the vulnerability is only exploitable if you are running it as like a VPN virtual server, RDP proxy and such.

0:45.1

If you're just running it as a simple web proxy, then you may not be affected.

0:50.3

It's still just to be sure apply this particular update.

0:54.8

It's a remote code execution.

0:57.3

Vulnerability does not require authentication and is already exploited in the wild.

1:05.5

And if you don't have any Citrix systems that need patching, then maybe this weekend you'll have time for the Maritime

1:13.2

Radio Historical Society Challenge. What they'll be doing is broadcasting a radio message

1:19.9

that is encrypted with Enigma. On their webpage, they basically tell you the settings that you need

1:26.3

to use in order to decrypt the challenge.

1:29.7

It'll be an interesting little game. If you are into ham radio, of course, you need to be able

1:35.2

to receive the message with the respective equipment and have some kind of enigma emulator,

1:41.0

assuming that you don't have the real thing sitting around to decrypt the message.

1:47.3

And Oracle released its quarterly critical patch update. As usual, tons and tons of vulnerabilities

1:54.1

here, more than 500 in 130 products. Problem with that is always that Oracle has so many

2:00.6

different products that they maintain. And of course, with that is always that Oracle has so many different products that

2:01.8

they maintain. And of course, with that you get these very overwhelming patch days. They have a

2:09.3

decent overview that may help you figure out what you need to patch, but other than that,

...

Please login to see the full transcript.

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2026.