Best Esp32 Podcasts (2025)

1
SN 1023: Preventing Windows Sandbox Abuse - Microsoft Says "Don't Delete This Folder"

3h ago

—

Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. New information about data loss in unpowered SSD mass storage. Lots o…

1
SANS Stormcast Wednesday, April 30th: SMS Attacks; Apple Airplay Vulnerabilities 8:51

2h ago8:51

8:51

More Scans for SMS Gateways and APIs Attackers are not just looking for SMS Gateways like the scans we reported on last week, but they are also actively scanning for other ways to use APIs and add on tools to send messages using other people s credentials. https://isc.sans.edu/diary/More%20Scans%20for%20SMS%20Gateways%20and%20APIs/31902 AirBorne: A…

1
SANS Stormcast Tuesday, April 29th: SRUM-DUMP 3; Policy Puppetry; Choice Jacking; @sansinstitute at #RSAC 7:37

7h ago7:37

7:37

SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics Mark Baggett released SRUM-DUMP Version 3. The tool simplifies data extraction from Widnows System Resource Usage Monitor (SRUM). This database logs how much resources software used for 30 days, and is invaluable to find out what software was executed when and if it sent or received netw…

1
Bowcasters, Signalgates, Havoc, Tapestries, Last of us Season 2, Andor, Movie Theaters GIS883 36:37

21h ago36:37

36:37

RobChrisRob unified their communications arrays from their various pretend low earth orbit locations in order to discuss the YouTuber who got in trouble for leaving a coke can on that indian island where nobody is allowed to mess with the local tribal culture, the NOAA found a car in a WW2 shipwreck and they can't figure out what it is or why it wa…

1
SANS Stormcast Monday, April 28th: Image Steganography; SAP Netweaver Exploited 7:55

1d ago7:55

7:55

Example of a Payload Delivered Through Steganography Xavier and Didier published two diaries this weekend, building on each other. First, Xavier showed an example of an image being used to smuggle an executable past network defenses, and second, Didier showed how to use his tools to extract the binary. https://isc.sans.edu/diary/Example%20of%20a%20…

1
SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; 6:38

4d ago6:38

6:38

Attacks against Teltonika Networks SMS Gateways Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords. https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888 Commvault Vulnerability CVE-2205-34028 Commvault, about a week ago, publishe…

1
SANS Stormcast Thursday, April 24th: Honeypot iptables Maintenance; XRPL.js Compromise; Erlang/OTP SSH Vuln affecting Cisco 5:44

5d ago5:44

5:44

Honeypot Iptables Maintenance and DShield-SIEM Logging In this diary, Jesse is talking about some of the tasks to maintain a honeypot, like keeping filebeats up to date and adjusting configurations in case your dynamic IP address changes https://isc.sans.edu/diary/Honeypot%20Iptables%20Maintenance%20and%20DShield-SIEM%20Logging/31876 XRPL.js Compro…

1
SN 1022: The Windows Sandbox - Short-life Certs, Ransomware Payout Stats 2:53:22

7d ago2:53:22

2:53:22

Enabling Firefox's Tab Grouping. Recalled Recall Re-Rolls out. The crucial CVE program nearly died. It's been given new life. China confesses to hacking the US (blames our stance on Taiwan). CISA says what Oracle still refuses to. Brute force attacks on the (rapid) rise. An AI/ML Python package rates a 9.8 (again!) The CA/Browser forum passed short…

1
SANS Stormcast Wednesday, April 23rd: More xorsearch Updates; DKIM Replay Attack; SSL.com Vulnerability Fixed 6:18

6d ago6:18

6:18

xorsearch.py: Ad Hoc YARA Rules Adhoc YARA rules allow for easy searches using command line arguments without having to write complete YARA rules for simple use cases like string and regex searches https://isc.sans.edu/diary/xorsearch.py%3A%20%22Ad%20Hoc%20YARA%20Rules%22/31856 Google Spoofed via DKIM Replay Attack DKIM replay attacks are a known i…

1
Mitigating Browser Hacking - Interview with John Carse (SquareX Field CISO) 1:46:57

8d ago1:46:57

1:46:57

A special episode this week, featuring an interview with John Carse, Chief Information Security Officer (CISO) of SquareX. John speaks about his background in the security industry, grants insight into attacks on browsers, and talks about the work his team at SquareX is doing to detect and mitigate browser-based attacks.…

1
SANS Stormcast Tuesday, April 22nd: Phishing via Google; ChatGPT Fingerprint; Asus AI Cloud Vuln; PyTorch RCE 5:35

7d ago5:35

5:35

It's 2025, so why are malicious advertising URLs still going strong? Phishing attacks continue to take advantage of Google s advertising services. Sadly, this is still the case for obviously malicious links, even after various anti-phishing services flag the URL. https://isc.sans.edu/diary/It%27s%202025...%20so%20why%20are%20obviously%20malicious%2…

1
Rackable 4U Beer Fridges, Ant Smugglers, Sperm Racing, The Price of Politeness GIS882 36:00

9d ago36:00

36:00

RobChrisRob unified their collective power to talk about murder prediction, crosswalk buttons that mock musk, the closing of the last Radio Shack, the first fantastic four trailer to show reed stretch, the belgians busted for smuggling ants, Homestar Runner's 25th anniversary and the the Flash era, a rack mounted beer fridge, sperm racing, the pric…

1
SANS Stormcast Monday, April 21st: MSFT Entra Lockouts; Erlang/OTP SSH Exploit; Sonicwall Exploit; bubble.io bug 7:31

8d ago7:31

7:31

Microsoft Entra User Lockout Multiple organizations reported widespread alerts and account lockouts this weekend from Microsoft Entra. The issue is caused by a new feature Microsoft enabled. This feature will lock accounts if Microsoft believes that the password for the account was compromised. https://www.bleepingcomputer.com/news/microsoft/widesp…

1
SANS Stormcast Friday, April 18th: Remnux Cloud Environment; Erlang/OTP SSH Vuln; Brickstorm Backdoor Analysis; GPT 4.1 Safety Controversy 6:18

11d ago6:18

6:18

RedTail: Remnux and Malware Management A description showing how to set up a malware analysis in the cloud with Remnux and Kasm. RedTail is a sample to illustrate how the environment can be used. https://isc.sans.edu/diary/RedTail%2C%20Remnux%20and%20Malware%20Management%20%5BGuest%20Diary%5D/31868 Critical Erlang/OTP SSH Vulnerability Researchers …

1
SANS Stormcast Thursday April 17th: Apple Updates; Oracle Updates; Google Chrome Updates; CVE News; 6:04

12d ago6:04

6:04

Apple Updates Apple released updates for iOS, iPadOS, macOS, and VisionOS. The updates fix two vulnerabilities which had already been exploited against iOS. https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Vulnerability/31866 Oracle Updates Oracle released it quarterly critical patch update. The update addresses 378 security vulnerabilities…

1
Pulling Gemini Secrets and Windows HVPT 1:33:22

14d ago1:33:22

1:33:22

A long episode this week, featuring an attack that can leak secrets from Gemini's Python sandbox, banks abusing private iOS APIs, and Windows new Hypervisor-enforced Paging Translation (HVPT). Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/280.html [00:00:00] Introduction [00:00:18] Doing the Due…

1
SN 1021: Device Bound Session Credentials - Hotpatching in Win 11, Apple vs. UK 3:14:37

15d ago3:14:37

3:14:37

Android to get "Lockdown Mode". What's in the new editions of Chrome and Firefox? Why did Apple silently re-enable automatic updates? My new iPhone 16, Chinese tariffs and electronics. Dynamic "hotpatching" coming to Win11 Enterprise & Edu. Why is it so difficult for Oracle to fess up? Another multi-year breach inside US Treasury. An Apple -vs- the…

1
SANS Stormcast Wednesday Apr 16th: File Upload Service Abuse; OpenSSH 10.0 Released; Apache Roller Vuln; Possible CVE Changes 5:54

13d ago5:54

5:54

Online Services Again Abused to Exfiltrate Data Attackers like to abuse free online services that can be used to exfiltrate data. From the originals , like pastebin, to past favorites like anonfiles.com. The latest example is gofile.io. As a defender, it is important to track these services to detect exfiltration early https://isc.sans.edu/diary/On…

1
SANS Stormcast Tuesday April 15th: xorsearch Update; Short Lived Certificates; New USB Malware 5:35

15d ago5:35

5:35

xorsearch Update Diedier updated his "xorsearch" tool. It is now a python script, not a compiled binary, and supports Yara signatures. With Yara support also comes support for regular expressions. https://isc.sans.edu/diary/xorsearch.py%3A%20Searching%20With%20Regexes/31854 Shorter Lived Certificates The CA/Brower Forum passed an update to reduce t…

1
SANS Stormcast Monday April 14th: Langlow AI Attacks; Fortinet Attack Cleanup; MSFT Inetpub; 7:07

16d ago7:07

7:07

Exploit Attempts for Recent Langflow AI Vulnerability (CVE-2025-3248) After spotting individaul attempts to exploit the recent Langflow vulnerability late last weeks, we now see more systematic internet wide scans attempting to verify the vulnerability. https://isc.sans.edu/forums/diary/Exploit+Attempts+for+Recent+Langflow+AI+Vulnerability+CVE20253…

1
Naked Guns, AI Avatars, Trons, Tarriffs, Dire Wolves, Mickey 17 GIS881 38:02

19d ago38:02

38:02

RobChrisRob returned from a bit of a scheduled hiatus to discuss the Billy Mitchel vs Karl Jobst lawsuit in which Mitchell won, although the case was about defamation, not cheating at video games. Murderbot is coming to AppleTV and two of us are excited. AI Imposters are coming to courts and applying for jobs, even Tesla won't take a Cybertruck in …

1
SANS Stormcast Friday April 11th: Network Infraxploit; Windows Hello Broken; Dell Update; Langflow Exploit 5:34

18d ago5:34

5:34

Network Infraxploit Our undergraduate intern, Matthew Gorman, wrote up a walk through of CVE-2018-0171, an older Cisco vulnerability, that is still actively being exploited. For example, VOLT TYPHOON recently exploited this problem. https://isc.sans.edu/diary/Network+Infraxploit+Guest+Diary/31844 Windows Update Issues / Windows 10 Update Microsoft …

1
SANS Stormcast ThursdayApril 10th: Getting Past PyArmor; CenterStack RCE; Android 0-Day Patch; VMware Tanzu Patches; Odd Win11 Directory; WhatsApp File Confusion; SANS AI Guide; 6:35

21d ago6:35

6:35

Getting Past PyArmor PyArmor is a python obfuscation tool used for malicious and non-malicious software. Xavier is taking a look at a sample to show what can be learned from these obfuscated samples with not too much work. https://isc.sans.edu/diary/Obfuscated%20Malicious%20Python%20Scripts%20with%20PyArmor/31840 CenterStack RCE CVE-2025-30406 Glad…

1
SANS Stormcast Wednesday, April 10th: Microsoft Patch Tuesday; Adobe Patches; OpenSSL 3.5 with PQC; Fortinet 7:19

20d ago7:19

7:19

Microsoft Patch Tuesday Microsoft patched over 120 vulnerabilities this month. 11 of these were rated critical, and one vulnerability is already being exploited. https://isc.sans.edu/diary/Microsoft%20April%202025%20Patch%20Tuesday/31838 Adobe Updates Adobe released patches for 12 different products. In particular important are patches for Coldfusi…

1
SN 1020: Multi-Perspective Issuance Corroboration - IoT Done Right, France Phishes, Gmails E2EE 3:08:26

21d ago3:08:26

3:08:26

Canon printer driver vulnerabilities enable Windows kernel exploitation. Astonishing cyber-security awareness from a household appliance manufacturer. France tries to hook 2.5 million school children with a Phishing test. Wordpress added an abuse prone feature in 2022. Guess what happened? Oracle? Is there something you'd like to tell us? Utah's go…

1
SANS Stormcast Tuesday, April 8th: 6:18

22d ago6:18

6:18

XORsearch: Searching With Regexes Didier explains a workaround to use his tool XORsearch to search for regular expressions instead of simple strings. https://isc.sans.edu/diary/XORsearch%3A%20Searching%20With%20Regexes/31834 MCP Security Notification: Tool Poisoning Attacks Invariant labs summarized a critical weakness in the Model Context Protocol…

1
SANS Stormcast Monday April 7th 2025: New Username Report; Quickshell Vulnerability; Apache Traffic Director Request Smuggeling 6:14

23d ago6:14

6:14

New SSH Username Report A new ssh/telnet username reports makes it easier to identify new usernames attackers are using against our telnet and ssh honeypots https://isc.sans.edu/diary/New%20SSH%20Username%20Report/31830 Quickshell Sharing is Caring: About an RCE Attack Chain on Quick Share The Google Quick Share protocol is susceptible to several v…

1
SANS Stormcast Friday, Apr 4th: URL Frequency Analysis; Ivanti Flaw Exploited; WinRAR MotW Vuln; Tax filing scams; Oracle Breach Update 6:16

26d ago6:16

6:16

Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive Using frequency analysis, and training the model with honeypot data as well as log data from legitimate websites allows for a fairly simple and reliable triage of web server logs to identify possible malicious activity. https://isc.sans.edu/diary/Exploring%20Statistical%20Mea…

1
SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail 9:23

27d ago9:23

9:23

Surge in Scans for Juniper t128 Default User Lasst week, we dedtect a significant surge in ssh scans for the username t128 . This user is used by Juniper s Session Smart Routing, a product they acquired from 128 Technologies which is the reason for the somewhat unusual username. https://isc.sans.edu/diary/Surge%20in%20Scans%20for%20Juniper%20%22t12…

1
SN 1019: EU OS - Troy Hunt Phished, Ransomware List, InControl 3:05:04

28d ago3:05:04

3:05:04

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be d…

1
SANS Stormcast Wednesday Apr 2nd: Apple Updates Everything; 7:16

28d ago7:16

7:16

Apple Patches Everything Apple released updates for all of its operating systems. Most were released on Monday with WatchOS patches released today on Tuesday. Two already exploited vulnerabilities, which were already patched in the latest iOS and macOS versions, are now patched for older operating systems as well. A total of 145 vulnerabilities wer…

1
Session-ception and User Namespaces Strike Again 49:36

29d ago49:36

49:36

API hacking and bypassing Ubuntu's user namespace restrictions feature in this week's episode, as well as a bug in CimFS for Windows and revisiting the infamous NSO group WebP bug. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/279.html [00:00:00] Introduction [00:00:28] Next.js and the corrupt m…

1
SANS Stormcast Tuesday Apr 1st: Apache Camel Exploits; New Cert Authorities Requirements; Possible Oracle Breach 7:36

29d ago7:36

7:36

Apache Camel Exploit Attempt by Vulnerability Scans A recently patched vulnerability in Apache Camel has been integrated into some vulnerability scanners, like for example OpenVAS. We do see some exploit attempts in our honeypots, but they appear to be part of internal vulnerablity scans https://isc.sans.edu/diary/Apache%20Camel%20Exploit%20Attempt…

1
SANS Stormcast Monday, March 31st: Comparing Phishing Sites; DOH and MX Abuse Phishing; opkssh 7:15

30d ago7:15

7:15

A Tale of Two Phishing Sties Two phishing sites may use very different backends, even if the site itself appears to be visually very similar. Phishing kits are often copied and modified, leading to sites using similar visual tricks on the user facing site, but very different backends to host the sites and reporting data to the miscreant. https://is…

1
SANS Stormcast Friday, March 28th: Sitecore Exploited; Blasting Past Webp; Splunk and Firefox Vulnerabilities 6:15

1M ago6:15

6:15

Sitecore "thumbnailsaccesstoken" Deserialization Scans (and some new reports) CVE-2025-27218 Our honeypots detected a deserialization attack against the CMS Sitecore using a thumnailaccesstoken header. The underlying vulnerability was patched in January, and security firm Searchlight Cyber revealed details about this vulnerability a couple of weeks…

1
Overtime, Blasters, GPU Food Trucks, DNA, Dragons, Screwdriver Skeletons GIS880 36:36

1M ago36:36

36:36

RobChrisRob linked up after so much time apart to talk about a host of urgent matters includingButch & Suni not getting overtime, Pierogis on the space station, Han Solo's blaster going up for auction, the function of chewie's bowcaster, 23&Me's bankruptcy for sale to the PE firm most willing to profit from abuse of millions of people's DNA, the do…

1
SANS Stormcast Thursday Mar 27th: Classifying Malware with ML; Malicious NPM Packages; Google Chrome 0-day 4:50

1M ago4:50

4:50

Leveraging CNNs and Entropy-Based Feature Selection to Identify Potential Malware Artifacts of Interest This diary explores a novel methodology for classifying malware by integrating entropy-driven feature selection with a specialized Convolutional Neural Network (CNN). Motivated by the increasing obfuscation tactics used by modern malware authors,…

1
SN 1018: The Quantum Threat - ESP32 Backdoor Update, RCS E2EE 2:52:59

1M ago2:52:59

2:52:59

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security …

1
SANS Stormcast Wednesday Mar 26th: XWiki Exploit; File Converter Correction; VMWare Vulnerability; Draytek Router Reboots; MMC Exploit Details; 6:14

1M ago6:14

6:14

XWiki Search Vulnerablity Exploit Attempts (CVE-2024-3721) Our honeypot detected an increase in exploit attempts for an XWiki command injection vulnerablity. The vulnerability was patched last April, but appears to be exploited more these last couple days. The vulnerability affects the search feature and allows the attacker to inject Groovy code te…

1
SANS Stormcast Tuesday Mar 25th: Privacy Awware Bots; Ingress Nightmare; Malicious File Converters; VSCode Extension Leads to Ransomware 5:55

1M ago5:55

5:55

Privacy Aware Bots A botnet is using privacy as well as CSRF prevention headers to better blend in with normal browsers. However, in the process they may make it actually easier to spot them. https://isc.sans.edu/diary/Privacy%20Aware%20Bots/31796 Critical Ingress Nightmare Vulnerability ingress-nginx fixed four new vulnerabilities, one of which ma…

1
Extracting YouTube Creator Emails and Spilling Azure Secrets 44:04

1M ago44:04

44:04

This episode features some game exploitation in Neverwinter Nights, weaknesses in mobile implementation for PassKeys, and a bug that allows disclosure of the email addresses of YouTube creators. We also cover some research on weaknesses in Azure. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/278…

1
SANS Stormcast Monday Mar 24th: Critical Next.js Vulnerability; Microsoft Trust Signing Platform Abuse 7:10

1M ago7:10

7:10

Critical Next.js Vulnerability CVE-2025-29927 A critical vulnerability in how the x-middleware-subrequest header is verified may lead to bypassing authorization in Next.js applications. https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffw http…

1
SANS Stormcast Friday Mar 21st: New Data Feeds; SEO Spam; Veeam Deserialization; IBM AIX RCE; 8:24

1M ago8:24

8:24

Some New Data Feeds and Little Incident We started offering additional data feeds, and an SEO spamer attempted to make us change a link from an old podcast episode. https://isc.sans.edu/diary/Some%20new%20Data%20Feeds%2C%20and%20a%20little%20%22incident%22./31786 Veeam Deserialization Vulnerability Veeam released details regarding the latest vulner…

1
SANS Stormcast Thursday Mar 20th: Cisco Smart Licensing Attacks; Vulnerable Drivers again; Synology Advisories Updated 7:09

1M ago7:09

7:09

Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 CVE-2024-20440 Attackers added last September's Cisco Smart Licensing Utility vulnerability to their toolset. These attacks orginate most likely from botnets and the same attackers are scanning for a wide range of additional vulnerabilities. The vulnerability is a static credential i…

Podcasts Worth a Listen

Esp32 Podcasts

Podcasts Worth a Listen

Quick Reference Guide