Podcast Detail

SANS Stormcast: File Hashes in MSFT BI; Apache Camel Vuln; Juniper Fixes Exploited Vuln; AMI Patches 10.0 Redfish BMC Vuln

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9364.mp3

previous
Podcast Logo
File Hashes in MSFT BI; Apache Camel Vuln; Juniper Fixes Exploited Vuln; AMI Patches 10.0 Redfish BMC Vuln
00:00

File Hashes Analysis with Power BI
Guy explains in this diary how to analyze Cowrie honeypot file hashes using Microsoft's BI tool and what you may be able to discover using this tool.
https://isc.sans.edu/diary/File%20Hashes%20Analysis%20with%20Power%20BI%20from%20Data%20Stored%20in%20DShield%20SIEM/31764

Apache Camel Vulnerability
Apache released two patches for Camel in close succession. Initially, the vulnerability was only addressed for headers, but as Akamai discovered, it can also be exploited via query parameters. This vulnerability is trivial to exploit and leads to arbitrary code execution.
https://www.akamai.com/blog/security-research/march-apache-camel-vulnerability-detections-and-mitigations

Juniper Patches Junos Vulnerability
Juniper patches an already exploited vulnerability in JunOS. However, to exploit the vulnerability, and attacker already needs privileged access. By exploiting the vulnerability, an attacker may completely compromised the device.
https://supportportal.juniper.net/s/article/2025-03-Out-of-Cycle-Security-Bulletin-Junos-OS-A-local-attacker-with-shell-access-can-execute-arbitrary-code-CVE-2025-21590?language=en_US

AMI Security Advisory
AMI patched three vulnerabilities. One of the, an authentication bypass in Redfish, allows for a complete system compromise without authentication and is rated with a CVSS score of 10.0.
https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdf

no transcript found