Transcribed
SANS Stormcast: Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution
Mar 10, 2025 ·
6m 44s
Download and listen anywhere
Download your favorite episodes and enjoy them, wherever you are! Sign up or log in now to access offline listening.
SANS Stormcast: Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution
Description
Commonly Probed Webshell URLs Many attackers deploy web shells to gain a foothold on vulnerable web servers. These webshells can also be taken over by parasitic exploits. https://isc.sans.edu/diary/Commonly%20Probed%20Webshell%20URLs/31748 Undocumented ESP32...
show more
Commonly Probed Webshell URLs
Many attackers deploy web shells to gain a foothold on vulnerable web servers. These webshells can also be taken over by parasitic exploits.
https://isc.sans.edu/diary/Commonly%20Probed%20Webshell%20URLs/31748
Undocumented ESP32 Commands
A recent conference presentation by Tarlogic revealed several "backdoors" or undocumented features in the commonly used ESP32 Chipsets. Tarlogic also released a toolkit to make it easier to audit chipsets and find these hiddent commands.
https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/
Camera Off: Akira deploys ransomware via Webcam
The Akira ransomware group was recently observed infecting a network with Ransomware by taking advantage of a webcam.
https://www.s-rminform.com/latest-thinking/camera-off-akira-deploys-ransomware-via-webcam
show less
Many attackers deploy web shells to gain a foothold on vulnerable web servers. These webshells can also be taken over by parasitic exploits.
https://isc.sans.edu/diary/Commonly%20Probed%20Webshell%20URLs/31748
Undocumented ESP32 Commands
A recent conference presentation by Tarlogic revealed several "backdoors" or undocumented features in the commonly used ESP32 Chipsets. Tarlogic also released a toolkit to make it easier to audit chipsets and find these hiddent commands.
https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/
Camera Off: Akira deploys ransomware via Webcam
The Akira ransomware group was recently observed infecting a network with Ransomware by taking advantage of a webcam.
https://www.s-rminform.com/latest-thinking/camera-off-akira-deploys-ransomware-via-webcam
Information
| Author | Johannes Ullrich |
| Organization | Johannes Ullrich |
| Website | - |
| Tags |
Copyright 2025 - Spreaker Inc. an iHeartMedia Company
Comments