SANS Stormcast Friday Mar 21st: New Data Feeds; SEO Spam; Veeam Deserialization; IBM AIX RCE;
08:24 Share

Some New Data Feeds and Little Incident We started offering additional data feeds, and an SEO spamer attempted to make us change a link from an old podcast episode. https://isc.sans.edu/diary/Some%20new%20Data%20Feeds%2C%20and%20a%20little%20%22incident%22./31786) Veeam Deserialization Vulnerability Veeam released details regarding the latest vulnerablity in Veeam, pointing out the insufficient patch applied to a prior deserialization vulnerability. https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/) IBM AIX Vulnerablity The AIX NIM service is vulnerable to an unauthenticated remote code execution vulnerability https://www.ibm.com/support/pages/node/7186621) thanks Chris Mosby for Spotify comment