SANS Internet Stormcast Feb 10th 2025: Podcast Anniversary; SSL 2.0; Exposed Deepseek Installs; Crypto Scam costs

SSL 2.0 Turns 30 This Sunday
SSL was created in February 1995. However, back in 2005, only a year later, SSL 3.0 was released, and as of 2011, SSL 2.0 was deprecated, and support was removed from many crypto libraries. However, over 400k hosts are still exposed via SSL 2.0.
https://isc.sans.edu/diary/SSL%202.0%20turns%2030%20this%20Sunday...%20Perhaps%20the%20time%20has%20come%20to%20let%20it%20die%3F/31664
Deepseek News
Many articles cover various security shortcomings in the Chinese Deepseek AI model. Remember that some of these issues are not unique to Deepseek.
https://www.upguard.com/blog/deepseek-adoption
https://www.reversinglabs.com/blog/rl-identifies-malware-ml-model-hosted-on-hugging-face
https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak
https://www.nowsecure.com/blog/2025/02/06/nowsecure-uncovers-multiple-security-and-privacy-flaws-in-deepseek-ios-mobile-app/
Crypto Wallet Scam Not For Free
Didier looked closer at the recent dual signature crypto scams. These wallets are not free; attackers must spend money to set them up.
https://isc.sans.edu/diary/Crypto+Wallet+Scam+Not+For+Free/31666