Hello, welcome to the Thursday, November 11, 2021 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Have you ever found yourself in a situation where you had a large file that you needed to exchange. And, well, it was too large for email.

So you need to find some other way,

but you didn't really have a good, approved way

to exchange large files like this.

You may have found yourself using a private Dropbox account

or something similar to exchange this file.

And what Xavier is observing is that this shadow

IT, where employees are coming up with their own ad hoc solutions, often using free sites,

sometimes sites that charge a small nominal fee, are now impersonated by fissures, where a phishing email arrives claiming to try to

exchange a file, and when you're clicking on the link, you are seeing, well, not a well-known,

but what looks like a legitimate file exchange site, that then, of course, asks you for a

username and password. Pretty sneaky and

certainly something where it's important that you proactively provide your employees with tools

that work in order for them to avoid having to use their own tools that then of course are not

monitored and are not sort of integrated

in your overall security architecture.

And if you are using a Palo Alto firewall, including the Global Protect VPN feature,

well, it's urgent for you to patch.

A new vulnerability is patched in the latest release of PanOS, and you are vulnerable if you

are running any 8.1 version before 8.1.17.

Patched are two vulnerabilities, a buffer overflow and HDP request smuggling vulnerability.

...