Best Internet Information Server Podcasts (2025)

1
SANS Stormcast Thursday, September 25th, 2025: Hikvision Exploits; Cisco Patches; Sonicawall Anit-Rootkit Patch; Windows 10 Support (#) 5:33

2h ago5:33

5:33

SANS Stormcast Thursday, September 25th, 2025: Hikvision Exploits; Cisco Patches; Sonicawall Anit-Rootkit Patch; Windows 10 Support Exploit Attempts Against Older Hikvision Camera Vulnerability Out honeypots observed an increase in attacks against some older Hikvision issues. A big part of the problem is weak passwords, and the ability to send cred…

1
SANS Stormcast Wednesday, September 24th, 2025: DoS against the Analyst; GitHub Improvements; Solarwinds and Supermicro BMC vulnerabilities (#) 7:23

1d ago7:23

7:23

SANS Stormcast Wednesday, September 24th, 2025: DoS against the Analyst; GitHub Improvements; Solarwinds and Supermicro BMC vulnerabilities Distracting the Analyst for Fun and Profit Our undergraduate intern, Tyler House analyzed what may have been a small DoS attack that was likely more meant to distract than to actually cause a denial of service …

1
Managing Vendor Incidents with Mandi Walls 31:45

2d ago31:45

31:45

You're down - is it your servers, or someone else's? While at the Kansas City Developers Conference, Richard sits down with Mandi Walls from Pager Duty about her experiences dealing with incidents involving vendor services. It might be your cloud provider, or some other SaaS element of a pipeline, or even an open-source library dependency in an imp…

1
SANS Stormcast Tuesday, September 23rd, 2025: Ivanti EPMM Exploit; GitHub Impersonation (#) 4:50

3d ago4:50

4:50

SANS Stormcast Tuesday, September 23rd, 2025: Ivanti EPMM Exploit; GitHub Impersonation CISA Reports Ivanti EPMM Exploit Sightings Two different organizations submitted backdoors to CISA, which are believed to have been installed using Ivanti vulnerabilities patched in May. https://www.cisa.gov/news-events/analysis-reports/ar25-261a Lastpass Observ…

1
SANS Stormcast Monday, September 22nd, 2025: Odd HTTP Reuqest; GoAnywhere MFT Bug; EDR Freeze (#) 9:03

4d ago9:03

9:03

SANS Stormcast Monday, September 22nd, 2025: Odd HTTP Reuqest; GoAnywhere MFT Bug; EDR Freeze Help Wanted: What are these odd requests about? An odd request is hitting a number of our honeypots with a somewhat unusual HTTP request header. Please let me know if you no what the request is about. https://isc.sans.edu/forums/diary/Help+Wanted+What+are+…

1
SANS Stormcast Friday, September 19th, 2025: Honeypot File Analysis (@sans_edu); SonicWall Breach; DeepSeek Bias; Chrome 0-day (#) 7:15

7d ago7:15

7:15

SANS Stormcast Friday, September 19th, 2025: Honeypot File Analysis (@sans_edu); SonicWall Breach; DeepSeek Bias; Chrome 0-day Exploring Uploads in a Dshield Honeypot Environment This guest diary by one of our SANS.edu undergraduate interns shows how to analyze files uploaded to Cowrie https://isc.sans.edu/diary/Exploring%20Uploads%20in%20a%20Dshie…

1
SANS Stormcast Thursday, September 18th, 2025: DLL Hooking; Entra ID Actor Tokens; Watchguard and NVidia Patches (#) 6:32

8d ago6:32

6:32

SANS Stormcast Thursday, September 18th, 2025: DLL Hooking; Entra ID Actor Tokens; Watchguard and NVidia Patches CTRL-Z DLL Hooking Attackers may use a simple reload trick to overwrite breakpoints left by analysts to reverse malicious binaries. https://isc.sans.edu/diary/CTRL-Z%20DLL%20Hooking/32294 Global Admin in every Entra ID tenant via Actor t…

1
Certificate Automation with Todd Gardner 35:02

9d ago35:02

35:02

The days of the one-year SSL certificate are coming to an end - are you ready? Richard chats with Todd Gardner about the upcoming requirement from the Certification Authority Browser Forum to limit SSL certs to 200 days starting March 2026 - and they keep getting shorter until by 2029, certificates will last no longer than 47 days! If you haven't a…

1
SANS Stormcast Wednesday, September 17th, 2025: Phishing Resistants; More npm Attacks; ChatGPT MCP abuse (#) 8:48

9d ago8:48

8:48

SANS Stormcast Wednesday, September 17th, 2025: Phishing Resistants; More npm Attacks; ChatGPT MCP abuse Why You Need Phishing-Resistant Authentication NOW. The recent compromise of a number of high-profile npmjs.com accounts has yet again shown how dangerous a “simple” phishing email can be. https://isc.sans.edu/diary/Why%20You%20Need%20Phishing%2…

1
SANS Stormcast Tuesday, September 16th, 2025: Apple Updates; Rust Phishing; Samsung 0-day (#) 6:43

10d ago6:43

6:43

SANS Stormcast Tuesday, September 16th, 2025: Apple Updates; Rust Phishing; Samsung 0-day Apple Updates Apple released major updates for all of its operating systems. In addition to new features, these updates patch 33 different vulnerabilities. https://isc.sans.edu/diary/Apple%20Updates%20Everything%20-%20iOS%20macOS%2026%20Edition/32286 Microsoft…

1
SANS Stormcast Monday, September 15th, 2025: More Archives; Salesforce Attacks; White Cobra; BSides Augusta (#) 6:06

11d ago6:06

6:06

SANS Stormcast Monday, September 15th, 2025: More Archives; Salesforce Attacks; White Cobra; BSides Augusta Web Searches For Archives Didier observed additional file types being searched for as attackers continue to focus on archive files as they spider web pages https://isc.sans.edu/diary/Web%20Searches%20For%20Archives/32282 FBI Flash Alert: Sale…

1
SANS Stormcast Friday, September 12th, 2025: DShield SIEM Update; Another Sonicwall Warning; Website Keystroke Logging (#) 6:39

14d ago6:39

6:39

SANS Stormcast Friday, September 12th, 2025: DShield SIEM Update; Another Sonicwall Warning; Website Keystroke Logging DShield SIEM Docker Updates Guy updated the “DShield SIEM” which graphically summarizes what is happening inside your honeypot. https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/32276 Again: Sonicwall SSL VPN Compromises…

1
SANS Stormcast Thursday, September 11th, 2025: BASE64 in DNS; Google Chrome, Ivantii and Sophos Patches; Apple Memory Integrity Feature (#) 7:12

15d ago7:12

7:12

SANS Stormcast Thursday, September 11th, 2025: BASE64 in DNS; Google Chrome, Ivantii and Sophos Patches; Apple Memory Integrity Feature BASE64 Over DNS The base64 character set exceeds what is allowable in DNS. However, some implementations will work even with these “invalid” characters. https://isc.sans.edu/diary/BASE64%20Over%20DNS/32274 Google C…

1
Training for AI with Stephanie Donahue 40:34

16d ago40:34

40:34

How do you get your organization trained up to use AI tools? Richard talks to Stephanie Donahue about her work implementing AI tools at Avanade and with Avanade's customers. Stephanie discusses how many workers are bringing their own AI tools, such as ChatGPT, to work and the risks that represent to the organization. Having an approved set of tools…

1
SANS Stormcast Wednesday, September 10th, 2025: Microsoft Patch Tuesday; (#) 8:26

16d ago8:26

8:26

SANS Stormcast Wednesday, September 10th, 2025: Microsoft Patch Tuesday; Microsoft Patch Tuesday As part of its September patch Tuesday, Microsoft addressed 177 different vulnerabilities, 86 of which affect Microsoft products. None of the vulnerabilities has been exploited before today. Two of the vulnerabilities were already made public. Microsoft…

1
SANS Stormcast Tuesday, September 9th, 2025: Major npm compromise; HTTP Request Signature (#) 8:44

17d ago8:44

8:44

SANS Stormcast Tuesday, September 9th, 2025: Major npm compromise; HTTP Request Signature Major npm compromise A number of high-profile npm libraries were compromised after developers fell for a phishing email. This compromise affected libraries with a total of hundreds of millions of downloads a week. https://bsky.app/profile/bad-at-computer.bsky.…

1
SANS Stormcast Monday, September 8th, 2025: YARA to Debugger Offsets; SVG JavaScript Phishing; FreePBX Patches; (#) 5:35

18d ago5:35

5:35

SANS Stormcast Monday, September 8th, 2025: YARA to Debugger Offsets; SVG JavaScript Phishing; FreePBX Patches; From YARA Offsets to Virtual Addresses Xavier explains how to convert offsets reported by YARA into offsets suitable for the use with debuggers. https://isc.sans.edu/diary/From%20YARA%20Offsets%20to%20Virtual%20Addresses/32262 Phishing vi…

1
SANS Stormcast Friday, September 5th, 2025: Cloudflare Response to 1.1.1.1 Certificate; AI Modem Namespace Reuse; macOS Vulnerability Allowed Keychain Decryption (#) 8:19

21d ago8:19

8:19

SANS Stormcast Friday, September 5th, 2025: Cloudflare Response to 1.1.1.1 Certificate; AI Modem Namespace Reuse; macOS Vulnerability Allowed Keychain Decryption Unauthorized Issuance of Certificate for 1.1.1.1 Cloudflare published a blog post with more details regarding the bad 1.1.1.1 certificate that was issued by Fina. https://blog.cloudflare.c…

1
SANS Stormcast Thursday, September 4th, 2025: Dassault DELMIA Apriso Exploit Attempts; Android Updates; 1.1.1.1 Certificate Issued (#) 6:22

22d ago6:22

6:22

SANS Stormcast Thursday, September 4th, 2025: Dassault DELMIA Apriso Exploit Attempts; Android Updates; 1.1.1.1 Certificate Issued Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086 Our honeypots detected attacks against the manufacturing management system DELMIA Apriso. The deserialization vulnerability was patched in June and is one of a …

1
Episode 1000! 1:14:01

23d ago1:14:01

1:14:01

Episode 1000! Richard Campbell invites Paul Thurrott to join him to celebrate the milestone episode and answer questions from listeners. From the creation of the podcast to the role of Windows in the modern world, the impact of ARM, Cloud, and many other technologies - all addressed in this super-sized episode. And yes, artificial intelligence is p…

1
SANS Stormcast Wednesday, September 3rd, 2025: Sextortiion Analysis; Covert Channel DNS/ICMP; Azure AD Secret Theft; Official FreePBX Patches (#) 5:30

23d ago5:30

5:30

SANS Stormcast Wednesday, September 3rd, 2025: Sextortiion Analysis; Covert Channel DNS/ICMP; Azure AD Secret Theft; Official FreePBX Patches A Quick Look at Sextortion at Scale Jan analyzed 1900 different sextortion messages using 205 different Bitcoin addresses to look at the success rate, lifetime, and other metrics defining these campaigns. htt…

1
SANS Stormcast Tuesday, September 2nd, 2025: pdf-parser Patch; Salesloft Compromise; Velociraptor Abuse; NeuVector Default Password (#) 5:39

24d ago5:39

5:39

SANS Stormcast Tuesday, September 2nd, 2025: pdf-parser Patch; Salesloft Compromise; Velociraptor Abuse; NeuVector Default Password pdf-parser: All Streams Didier released a new version of pdf-parser.py. This version fixes a problem with dumping all filtered streams. https://isc.sans.edu/diary/pdf-parser%3A%20All%20Streams/32248 Salesloft Drift Put…

1
SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch (#) 5:46

28d ago5:46

5:46

SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch Increasing Searches for ZIP Files Attackers are scanning our honeypots more and more for .zip files. They are looking for backups of credential files and the like left behind by careless administrators and developers. https://isc.sans.edu/diary/Increas…

1
SANS Stormcast Thursday, August 28th, 2025: Launching Shellcode; NX Compromise; Volt Typhoon Report (#) 6:39

29d ago6:39

6:39

SANS Stormcast Thursday, August 28th, 2025: Launching Shellcode; NX Compromise; Volt Typhoon Report Interesting Technique to Launch a Shellcode Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code. https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238 NX Compromised to Steal Wallet…

1
Common Azure Mistakes with Scott Sauber 34:06

30d ago34:06

34:06

What are common mistakes folks are making with their Azure tenant(s)? While at the Kansas City Developers Conference, Richard chatted with Scott Sauber to run down his top ten list of issues he checks on for all his customers using Azure. From tenant ownership to naming conventions, policies, identities, and cost controls - there are a lot of thing…

1
SANS Stormcast Wednesday, August 27th, 2025: Analyzing IDNs; Netscaler 0-Day Vuln; Git Vuln Exploited; (#) 5:43

30d ago5:43

5:43

SANS Stormcast Wednesday, August 27th, 2025: Analyzing IDNs; Netscaler 0-Day Vuln; Git Vuln Exploited; Getting a Better Handle on International Domain Names and Punycode International Domain names can be used for phishing and other attacks. One way to identify suspect names is to look for mixed script use. https://isc.sans.edu/diary/Getting%20a%20B…

1
SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln (#) 5:01

1M ago5:01

5:01

SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln Reading Location Position Value in Microsoft Word Documents Jessy investigated how Word documents store the last visited document location in the registry. https://isc.sans.edu/diary/Reading%20Location%20Position%…

1
SANS Stormcast Monday, August 25th, 2025: IP Cleanup; Linux Desktop Attacks; Malicious Go SSH Brute Forcer; Onmicrosoft Domain Restrictions (#) 6:04

1M ago6:04

6:04

SANS Stormcast Monday, August 25th, 2025: IP Cleanup; Linux Desktop Attacks; Malicious Go SSH Brute Forcer; Onmicrosoft Domain Restrictions The end of an era: Properly formatted IP addresses in all of our data. When initiall designing DShield, addresses were “zero padded”, an unfortunate choice. As of this week, datafeeds should no longer be “zero …

1
SANS Stormcast Friday, August 22nd, 2025: The -n switch; Commvault Exploit; Docker Desktop Escape Vuln; (#) 6:52

1M ago6:52

6:52

SANS Stormcast Friday, August 22nd, 2025: The -n switch; Commvault Exploit; Docker Desktop Escape Vuln; Don't Forget The "-n" Command Line Switch Disabling reverse DNS lookups for IP addresses is important not just for performance, but also for opsec. Xavier is explaining some of the risks. https://isc.sans.edu/diary/Don%27t%20Forget%20The%20%22-n%…

1
SANS Stormcast Thursday, August 21st, 2025: Airtel Scans; Apple Patch; Microsoft Copilot Audit Log Issue; Password Manager Clickjacking (#) 6:52

1M ago6:52

6:52

SANS Stormcast Thursday, August 21st, 2025: Airtel Scans; Apple Patch; Microsoft Copilot Audit Log Issue; Password Manager Clickjacking Airtel Router Scans and Mislabeled Usernames A quick summary of some odd usernames that show up in our honeypot logs https://isc.sans.edu/diary/Airtel%20Router%20Scans%2C%20and%20Mislabeled%20usernames/32216 Apple …

1
SANS Stormcast Wednesday, August 20th, 2025: Increased Elasticsearch Scans; MSFT Patch Issues (#) 6:08

1M ago6:08

6:08

SANS Stormcast Wednesday, August 20th, 2025: Increased Elasticsearch Scans; MSFT Patch Issues Increased Elasticsearch Recognizance Scans Our honeypots noted an increase in reconnaissance scans for Elasticsearch. In particular, the endpoint /_cluster/settings is hit hard. https://isc.sans.edu/diary/Increased%20Elasticsearch%20Recognizance%20Scans/32…

1
Data Governance for AI with Martina Grom 38:43

1M ago38:43

38:43

How do you secure your organization's data to let AI technologies work safely? Richard chats with Martina Grom about her experiences helping sysadmins responsibly bring the power of Microsoft M365 Copilot into their organizations. Martina discusses setting up security and monitoring with tools like Microsoft Purview, enabling visibility into where …

Podcasts Worth a Listen

Internet Information Server Podcasts

Podcasts Worth a Listen

Quick Reference Guide