Jan 20 2025 6 mins 16
SANS ISC Stormcast, Jan 21, 2025: Downloading Partial ZIP files; Remote Tools Used in Attakcs; Azure DevOps SSRF In this episode, we talk about downloading and analyzing partial ZIP files, how legitimate remote access tools are used in recent compromises and how a research found an SSRF vulnerability in Azure DevOps Partial ZIP File Downloads A closer look at how attackers are leveraging partial ZIP file downloads to bypass file verification systems and plant malicious content. https://isc.sans.edu/diary/Partial%20ZIP%20File%20Downloads/31608 Ukrainian CERT Advisory on AnyDesk Threat The Ukrainian CERT provides detailed guidance on identifying and mitigating recent cyber threats exploiting AnyDesk for unauthorized access. https://cert.gov.ua/article/6282069 Finding SSRFs in Azure DevOps An in-depth analysis of how server-side request forgery (SSRF) vulnerabilities are discovered and exploited in Azure DevOps pipelines. https://binarysecurity.no/posts/2025/01/finding-ssrfs-in-devops keywords: devops; azure; ssrf; ukraine; cert; anydesk; zip
