SANS Stormcast Monday, June 16th, 2025: Extracting Data from JPEG; Windows Recall Export; Anubis Wiper; Mitel Vuln and PoC
Extracting Data From JPEGs
Didier shows how to efficiently extract data from JPEGs using his tool jpegdump.py
https://isc.sans.edu/diary/A%20JPEG%20With%20A%20Payload/32048
Windows Recall Export in Europe
In its latest insider build for Windows 11, Microsoft is testing an export feature for data stored by Recall. The feature is limited to European users and requires that you note an encryption key that will be displayed only once as Recall is enabled.
https://blogs.windows.com/windows-insider/2025/06/13/announcing-windows-11-insider-preview-build-26120-4441-beta-channel/
Anubis Ransomware Now Wipes Data
The Anubis ransomware, usually known for standard double extortion, is now also wiping data preventing any recovery even if you pay the ransom.
https://www.trendmicro.com/en_us/research/25/f/anubis-a-closer-look-at-an-emerging-ransomware.html
Mitel Vulnerabilities CVE-2025-47188
Mitel this week patched a critical path traversal vulnerability (sadly, no CVE), and Infoguard Labs published a PoC exploit for an older file upload vulnerability.
https://labs.infoguard.ch/posts/cve-2025-47188_mitel_phone_unauthenticated_rce/ https://www.mitel.com/support/mitel-product-security-advisory-misa-2025-0007
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
Hvor kan du lytte?
