Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. CVE Changes; CrushFTP 0-Day; GitHub Comment Bug; YubiKey Manager Bug; PAN GlobalProtect Update

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

ISC StormCast for Monday, April 22nd, 2024

APR 22, 20245 MIN
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Monday, April 22nd, 2024

APR 22, 20245 MIN

Description

The CVE's They are A-Changing<br/> <a href="https://isc.sans.edu/diary/The%20CVE%27s%20They%20are%20A-Changing!/30850">https://isc.sans.edu/diary/The%20CVE%27s%20They%20are%20A-Changing!/30850</a><br/> CrushFTP 0-Day Vulnerability<br/> <a href="https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update">https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update</a><br/> <a href="https://www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual/">https://www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual/</a><br/> GitHub Comment Bug Used to Distribute Malware<br/> <a href="https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/">https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/</a><br/> YubiKey Manager Privilege Escalation<br/> <a href="https://www.yubico.com/support/security-advisories/ysa-2024-01/">https://www.yubico.com/support/security-advisories/ysa-2024-01/</a><br/> Palo Alto Networks GlobalProtect Update<br/> <a href="https://security.paloaltonetworks.com/CVE-2024-3400">https://security.paloaltonetworks.com/CVE-2024-3400</a><br/>