Surge in Scans for Juniper t128 Default User

Lasst week, we dedtect a significant surge in ssh scans for the username t128 . This user is used by Juniper s Session Smart Routing, a product they acquired from 128 Technologies which is the reason for the somewhat unusual username.

https://isc.sans.edu/diary/Surge%20in%20Scans%20for%20Juniper%20%22t128%22%20Default%20User/31824

Vulnerable Verizon API Allowed for Access to Call Logs

An API Verizon offered to users of its call filtering application suffered from an authentication bypass vulnerability allowing users to access any Verizon user s call history. While using a JWT to authenticate the user, the phone number used to retrieve the call history logs was passed in a not-authenticated header.

https://evanconnelly.github.io/post/hacking-call-records/

Google Offering End-to-End Encryption to G-Mail Business Users

Google will add an end-to-end encryption feature to commercial GMail users. However, for non GMail users to read the emails they first must click on a link and log in to Google.

https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses

Rss Apple Podcaster
Podden och tillhörande omslagsbild på den här sidan tillhör Johannes B. Ullrich. Innehållet i podden är skapat av Johannes B. Ullrich och inte av, eller tillsammans med, Poddtoppen.

Senast besökta

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail

00:00