Critical Vulnerability Recaps

Introduction

When information security vulnerabilities are identified, the Internet Storm Center (ISC) develops, assembles, and distributes material to help the cyber security community manage these threats. For some of the more critical vulnerabilities, SANS hosts special webcasts led by ISC handlers to provide additional information. On this page, you can read an overview of some of the recent critical vulnerabilities, watch the related webcasts or go to the ISC to learn more about each vulnerability.


Latest WannaCry Ransomware Attack Webcast

Recorded on May 16, 2017
Speakers: Jake Williams, Renato Marinho, Benjamin Wright

Friday May 12 witnessed an unprecedented ransomware attack known as WCrypt, which targeted healthcare, government, telecom, Universities and other industries around the world. Jake Williams and Renato Marinho have been on the frontlines of this ransomware battle since it broke, and provided an update on the latest facts and analysis in this webcast.

View Webcast Recording

WannaCry Summary from Internet Storm Center

The SANS Internet Storm Center is on top of the WannaCry / WannaCrypt Ransomware attack. Johannes Ulrich, Dean of Research and a faculty member of the SANS Technology Institute, has produced an in-depth summary of the attack including a PPT presentation for Management and steps you can take to prevent Infection. Read the WannaCry / WannaCrypt Ransomware Summary.


HTTP.sys Vulnerability Webcast

Recorded on April 16, 2015
Speaker: Dr. Johannes Ullrich

On Tuesday, April 14, Microsoft released MS15-034 as part of its monthly patch. The bulletin addresses a vulnerability in HTTP.sys, the library processing HTTP requests in Windows. According to Microsoft, the vulnerability could be used to run arbitrary code on a vulnerable host.

Among other programs, IIS uses HTTP.sys, and is directly exposed to the exploit. As of the release date, trivial to execute exploits have been made public that will cause an IIS server to crash, and in a published analysis of the bug, an exploit to leak kernel memory was outlined.

SANS Institute hosted a live webcast where Dr. Johannes Ullrich discussed the exploit, why it happened, how to prevent exploitation and how prevalent its use has already become.

View Webcast Recording

HTTP.sys Vulnerability Information from Internet Storm Center

For the latest information about this vulnerability, including FAQs and ISC handler posts, please visit the ISC.


Wrapping Up The GHOST: Lessons Learned From The Ghost Vulnerability

A SANS Webcast, sponsored by Veracode
Recorded on Friday, February 6 at 1:00pm EDT

Wrapping Up The GHOST: Lessons Learned From The Ghost Vulnerability - with Johannes Ullrich and Chris Wysopal.. In this presentation, we will explain what "Ghost" is all about, how to recognize vulnerable systems, and what can be done to mitigate risk. We will look beyond Ghost to explain how to quickly assess your exposure and build a comprehensive framework to address high priority vulnerabilities.

View Webcast Recording

Ghost Vulnerability Information from Internet Storm Center

The SANS Internet Storm Center is on top of the Critical GLibc (Ghost) Vulnerability CVE-2015-0235 . Johannes Ulrich, Dean of Research and a faculty member of the SANS Technology Institute, has produced a short video to help better understand the critical nature of this vulnerability and what can and should be done about it. Visit and stay connected with the Internet Storm Center for the very latest. Learn more.