Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Player FM - Internet Radio Done Right
28 subscribers
Checked 1d ago
Added four years ago
Content provided by Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to SANS Internet Storm Center's Daily Network Security News Podcast
Ever wondered how automation will change the world? Maybe you puzzle over what India could do to ease traffic congestion, or how China's aircraft carriers will transform Indian Ocean geopolitics? All Things Policy, a daily podcast brought to you by the Takshashila Institution, brings you all the answers. Every weekday, our researchers break down complex economic and geopolitical ideas through the lens of current events. For everyone from the busy executive to the curious student, All Things ...
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Entrepreneurship empowers everyone
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
If you’re reading this, chances are you’re not an undecided voter. But if you don’t want Donald Trump to become president again, between now and November you’ll need to convince as many as you can to cast their ballot for Joe Biden. With the help of some of the smartest strategists, pollsters, and organizers in politics today, host Jon Favreau explores the minds of voters who will decide the 2024 election, and gives you everything you need to persuade the persuadables in your life. Season 4 ...
…
continue reading
America is divided, and it always has been. We're going back to the moment when that split turned into war. This is Uncivil: Gimlet Media's new history podcast, hosted by journalists Jack Hitt and Chenjerai Kumanyika. We ransack the official version of the Civil War, and take on the history you grew up with. We bring you untold stories about covert operations, corruption, resistance, mutiny, counterfeiting, antebellum drones, and so much more. And we connect these forgotten struggles to the ...
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
Podcasts Worth a Listen
SPONSORED
N
No Limit Leadership
1 81: From Nothing to a Billion: The Leadership Playbook They Don’t Teach You w/ Harry L Allen 36:51
36:51 
Play Later 
Play Later 
Lists 
Like 
Liked36:51
Play Later
Play Later
Lists
Like
LikedTraditional banks often lack personalized service, and local businesses struggle to find true partnership in financial institutions. Meanwhile, higher education faces scrutiny over relevance and ROI in a world where information is nearly free. Harry Allen helped launch Studio Bank to blend technology with high-touch service, fueled by community investment. At Belmont, he's applying the same entrepreneurial mindset to modernize university operations and embed practical learning experiences, like a one-of-a-kind partnership with Dolly Parton, into academia. In this episode, Harry L. Allen, co-founder of Studio Bank and now CFO at Belmont University, unpacks the bold vision behind launching a community-first bank in a city dominated by financial giants. He shares the leadership lessons that shaped his journey, how to lead through crisis, and why mentorship is the key to filling today's leadership vacuum. Key Takeaways Leveraging both financial and social capital creates a unique, community-first banking model. High-tech doesn't mean low-touch, Studio Bank fused innovation with personal relationships. Leadership means showing up, especially during crisis. Universities must shift from being information hubs to delivering real-world experience. Succession and mentorship are vital to cultivating the next generation of leaders. Chapters 00:00 Introduction to Harry L. Allen 01:49 The Birth of Studio Bank 04:29 Leveraging Technology in Community Banking 07:25 The Courage to Start a New Venture 10:37 Leadership Challenges in High Growth 13:02 Leading Through Crisis: The COVID Experience 17:55 Transitioning from Banking to Education 21:16 The Role of Leadership in Higher Education 25:16 Adapting to Challenges in Higher Education 30:04 The Leadership Vacuum in Society 33:17 Advice for Emerging Leaders 35:21 The American Dream and Community Impact No Limit Leadership is the go-to podcast for growth-minded executives, middle managers, and team leaders who want more than surface-level leadership advice. Hosted by executive coach and former Special Forces commander Sean Patton, this show dives deep into modern leadership, self-leadership, and the real-world strategies that build high-performing teams. Whether you're focused on leadership development, building a coaching culture, improving leadership communication, or strengthening team accountability, each episode equips you with actionable insights to unlock leadership potential across your organization. From designing onboarding systems that retain talent to asking better questions that drive clarity and impact, No Limit Leadership helps you lead yourself first so you can lead others better. If you're ready to create a culture of ownership, resilience, and results, this leadership podcast is for you.…
SANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials (#)
Manage episode 490249035 series 2911633
Content provided by Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
SANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials ADS & Python Tools Didier explains how to use his tools cut-bytes.py and filescanner to extract information from alternate data streams. https://isc.sans.edu/diary/ADS%20%26%20Python%20Tools/32058 Enhanced security defaults for Windows 365 Cloud PCs Microsoft announced more secure default configurations for its Windows 365 Cloud PC offerings. https://techcommunity.microsoft.com/blog/windows-itpro-blog/enhanced-security-defaults-for-windows-365-cloud-pcs/4424914 CVE-2025-34508: Another File Sharing Application, Another Path Traversal Horizon3 reveals details of a recently patched directory traversal vulnerability in zend.to. https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/ Unexpected security footguns in Go's parsers Go parsers for JSON and XML are not always compatible and can parse data in unexpected ways. This blog by Trails of Bits goes over the various security implications of this behaviour. https://blog.trailofbits.com/2025/06/17/unexpected-security-footguns-in-gos-parsers/ keywords: parsers; go; xml; json; zend.to; ads; python
…
continue reading
1000 episodes
SANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials (#)
SANS Internet Storm Center's Daily Network Security News Podcast
ShareManage episode 490249035 series 2911633
Content provided by Johannes B. Ullrich. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Johannes B. Ullrich or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
SANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials ADS & Python Tools Didier explains how to use his tools cut-bytes.py and filescanner to extract information from alternate data streams. https://isc.sans.edu/diary/ADS%20%26%20Python%20Tools/32058 Enhanced security defaults for Windows 365 Cloud PCs Microsoft announced more secure default configurations for its Windows 365 Cloud PC offerings. https://techcommunity.microsoft.com/blog/windows-itpro-blog/enhanced-security-defaults-for-windows-365-cloud-pcs/4424914 CVE-2025-34508: Another File Sharing Application, Another Path Traversal Horizon3 reveals details of a recently patched directory traversal vulnerability in zend.to. https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/ Unexpected security footguns in Go's parsers Go parsers for JSON and XML are not always compatible and can parse data in unexpected ways. This blog by Trails of Bits goes over the various security implications of this behaviour. https://blog.trailofbits.com/2025/06/17/unexpected-security-footguns-in-gos-parsers/ keywords: parsers; go; xml; json; zend.to; ads; python
…
continue reading
1000 episodes
All episodes
×
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Friday, July 11th, 2025: SSH Tunnel; FortiWeb SQL Injection; Ruckus Unpatched Vuln; Missing Motherboard Patches; (#) 5:49
5:49 Play Later Play Later Lists Like Liked5:49
Play Later Play Later Lists Like LikedSANS Stormcast Friday, July 11th, 2025: SSH Tunnel; FortiWeb SQL Injection; Ruckus Unpatched Vuln; Missing Motherboard Patches; SSH Tunneling in Action: direct-tcp requests Attackers are compromising ssh servers to abuse them as relays. The attacker will configure port forwarding direct-tcp connections to forward traffic to a victim. In this particular case, the Yandex mail server was the primary victim of these attacks. https://isc.sans.edu/diary/SSH%20Tunneling%20in%20Action%3A%20direct-tcp%20requests%20%5BGuest%20Diary%5D/32094 Fortiguard FortiWeb Unauthenticated SQL injection in GUI (CVE-2025-25257) An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWeb may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. https://www.fortiguard.com/psirt/FG-IR-25-151 Ruckus Virtual SmartZone (vSZ) and Ruckus Network Director (RND) contain multiple vulnerabilities Ruckus products suffer from a number of critical vulnerabilities. There is no patch available, and users are advised to restrict access to the vulnerable admin interface. https://kb.cert.org/vuls/id/613753 keywords: ruckus; forgiguard; ssh; tunnel;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Thursday, July 10th, 2025: Internal CA with ACME; TapJacking on Android; Adobe Patches; (#) 5:18
5:18 Play Later Play Later Lists Like Liked5:18
Play Later Play Later Lists Like LikedSANS Stormcast Thursday, July 10th, 2025: Internal CA with ACME; TapJacking on Android; Adobe Patches; Setting up Your Own Certificate Authority for Development: Why and How. Some tips on setting up your own internal certificate authority using the smallstep CA. https://isc.sans.edu/diary/Setting%20up%20Your%20Own%20Certificate%20Authority%20for%20Development%3A%20Why%20and%20How./32092 Animation-Driven Tapjacking on Android Attackers can use a click-jacking like trick to trick victims into clicking on animated transparent dialogs opened from other applications. https://taptrap.click/usenix25_taptrap_paper.pdf Adobe Patches Adobe patched 13 different products yesterday. Most concerning are vulnerabilities in Coldfusion that include code execution and arbitrary file disclosure vulnerabilities. https://helpx.adobe.com/security/security-bulletin.html keywords: ca; smallstap; acme; tapjack; adobe…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack; (#) 7:44
7:44 Play Later Play Later Lists Like Liked7:44
Play Later Play Later Lists Like LikedSANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack; Microsoft Patch Tuesday, July 2025 Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9 additional vulnerabilities not part of Microsoft's portfolio but distributed by Microsoft. 14 of these are rated critical. Only one of the vulnerabilities was disclosed before being patched, and none of the vulnerabilities have so far been exploited. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%2C%20July%202025/32088 Opposum Attack If a TLS server is configured to allow switching from HTTP to HTTPS on a specific port, an attacker may be able to inject a request into the data stream. https://opossum-attack.com/ Ivanti Security Updates Ivanty fixed vulnerabilities in Ivanty Connect Secure, EPMM, and EPM. In particular the password decryption vulnerabliity may be interesting. https://www.ivanti.com/blog/july-security-update-2025 keywords: ivanti; opposum; tls; microsoft;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Tuesday, July 8th, 2025: Detecting Filename (Windows); Atomic Stealer now with Backdoor; SEO Scams (#) 5:29
5:29 Play Later Play Later Lists Like Liked5:29
Play Later Play Later Lists Like LikedSANS Stormcast Tuesday, July 8th, 2025: Detecting Filename (Windows); Atomic Stealer now with Backdoor; SEO Scams What’s My File Name Malware may use the GetModuleFileName API to detect if it was renamed to a name typical for analysis, like sample.exe or malware.exe https://isc.sans.edu/diary/What%27s%20My%20%28File%29Name%3F/32084 Atomic macOS infostealer adds backdoor for persistent attacks Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as 'AMOS') that comes with a backdoor, to attackers persistent access to compromised systems. https://moonlock.com/amos-backdoor-persistent-access HOUKEN SEEKING A PATH BY LIVING ON THE EDGE WITH ZERO-DAYS At the beginning of September 2024, an attacker repeatedly exploited vulnerabilities CVE-2024- 8190, CVE-2024-8963, and CVE-2024-9380 vulnerabilities to remotely execute arbitrary code on vulnerable Ivanti Cloud Service Appliance devices. https://www.cert.ssi.gouv.fr/uploads/CERTFR-2025-CTI-009.pdf SEO Scams Targeting Putty, WinSCP, and AI Tools Paid Google ads are advertising trojaned versions of popuplar tools like ssh and winscp https://arcticwolf.com/resources/blog-uk/malvertising-campaign-delivers-oyster-broomstick-backdoor-via-seo-poisoning-and-trojanized-tools/ keywords: malware; getmodulefilename; houken; seo; putty; winscp…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Monday, July 7th, 2025: interesting usernames; More sudo issues; CitrixBleed2 PoC; Short Lived Certs (#) 5:48
5:48 Play Later Play Later Lists Like Liked5:48
Play Later Play Later Lists Like LikedSANS Stormcast Monday, July 7th, 2025: interesting usernames; More sudo issues; CitrixBleed2 PoC; Short Lived Certs Interesting ssh/telnet usernames Some interesting usernames observed in our honeypots https://isc.sans.edu/diary/A%20few%20interesting%20and%20notable%20ssh%20telnet%20usernames/32080 More sudo trouble The host option in Sudo can be exploited to execute commands on unauthorized hosts. https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host CitrixBleed2 PoC Posted (CVE-2025-5777) WatchTwer published additional details about the recently patched CitrixBleed vulnerability, including a PoC exploit. https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777/ Instagram Using Six Day Certificates Instagram changes their TLS certificates daily and they use certificates that are just about to expire in a week. https://hereket.com/posts/instagram-single-day-certificates/ keywords: usernames, scadaadmin, gpu001, gpu002; sudo; citrix; netscaler; citrixbleed; instagram; certificates…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Thursday July 3rd, 2025: sudo problems; polymorphic zip files; cisco vulnerablity (#) 5:21
5:21 Play Later Play Later Lists Like Liked5:21
Play Later Play Later Lists Like LikedSANS Stormcast Thursday July 3rd, 2025: sudo problems; polymorphic zip files; cisco vulnerablity Sudo chroot Elevation of Privilege The sudo chroot option can be leveraged by any local user to elevate privileges to root, even if no sudo rules are defined for that user. https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot Polymorphic ZIP Files A zip file with a corrupt End of Central Directory Record may extract different data depending on the tool used to extract the files. https://hackarcana.com/article/yet-another-zip-trick Cisco Unified Communications Manager Static SSH Credentials Vulnerability A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7 keywords: sudo; cisco; ucm; ssh; zip…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Monday June 30th, 2025: Scattered Spider; AMI BIOS Exploited; Secure Boot Certs Expiring; Microsoft Resliliency Initiative (#) 7:30
7:30 Play Later Play Later Lists Like Liked7:30
Play Later Play Later Lists Like LikedSANS Stormcast Monday June 30th, 2025: Scattered Spider; AMI BIOS Exploited; Secure Boot Certs Expiring; Microsoft Resliliency Initiative Scattered Spider Update The threat actor known as Scattered Spider is in the news again, this time focusing on airlines. But the techniques used by Scattered Spider, social engineering, are still some of the most dangerous techniques used by various threat actors. https://cloud.google.com/blog/topics/threat-intelligence/unc3944-proactive-hardening-recommendations?e=48754805 AMI BIOS Vulnerability Exploited CVE-2024-54085 A vulnerability in the Redfish remote access software, including AMI’s BIOS, is now being exploited. https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdf https://eclypsium.com/blog/ami-megarac-vulnerabilities-bmc-part-3/ Act now: Secure Boot certificates expire in June 2026 The Microsoft certificates used in Secure Boot are the basis of trust for operating system security, and all will be expiring beginning June 2026. https://techcommunity.microsoft.com/blog/windows-itpro-blog/act-now-secure-boot-certificates-expire-in-june-2026/4426856 The Windows Resiliency Initiative: Building resilience for a future-ready enterprise Microsoft announced more details about its future security and resilience strategy for Windows. In particular, security tools will no longer have kernel access, which is supposed to prevent a repeat of the Cloudflare issue, but may also restrict security tools’ functionality. https://blogs.windows.com/windowsexperience/2025/06/26/the-windows-resiliency-initiative-building-resilience-for-a-future-ready-enterprise/ keywords: windows; resiliency; cloudflare; secure boot; certificate; ami bios; redfish; scattered spider…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Friday, June 27th, 2025: Open-VSX Flaw; Airoha Bluetooth Vulnerablity; Critical Cisco Identity Service Engine Vuln; (#) 6:48
6:48 Play Later Play Later Lists Like Liked6:48
Play Later Play Later Lists Like LikedSANS Stormcast Friday, June 27th, 2025: Open-VSX Flaw; Airoha Bluetooth Vulnerablity; Critical Cisco Identity Service Engine Vuln; Open-VSX Flaw Puts Developers at Risk A flaw in the open-vsx extension marketplace could have let to the compromise of any extension offered by the marketplace. https://blog.koi.security/marketplace-takeover-how-we-couldve-taken-over-every-developer-using-a-vscode-fork-f0f8cf104d44 Bluetooth Vulnerability Could Allow Eavesdropping A vulnerability in the widely used Airoha Bluetooth chipset can be used to compromise devices and use them for eavesdropping. https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/ Critical Cisco Identity Services Engine Vulnerability Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an unauthenticated, remote attacker to issue commands on the underlying operating system as the root user. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 keywords: cisco; ISE; bluetooth; airoha; open-vsx; vs-code…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Thursday, June 26th, 2025: Another Netscaler Vuln; CentOS Web Panel Vuln; IP Based Certs (#) 5:53
5:53 Play Later Play Later Lists Like Liked5:53
Play Later Play Later Lists Like LikedSANS Stormcast Thursday, June 26th, 2025: Another Netscaler Vuln; CentOS Web Panel Vuln; IP Based Certs NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543 Citrix patched a memory overflow vulnerability leading to unintended control flow and denial of service. https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 Remote code execution in CentOS Web Panel - CVE-2025-48703 An arbitrary file upload vulnerability in the user (not admin) part of Web Panel can be used to execute arbitrary code https://fenrisk.com/rce-centos-webpanel Gogs Arbitrary File Deletion Vulnerability Due to the insufficient patch for the CVE-2024-39931, it's still possible to delete files under the .git directory and achieve remote command execution. https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7 Let’s Encrypt Will Soon Issue IP Address-Based Certs Let’s Encrypt is almost ready to issue certificates for IP address SANs from Let's Encrypt's production environment. They'll only be available under the short-lived profile (which has a 6-day validity period), and that profile will remain allowlist-only for a while. https://community.letsencrypt.org/t/getting-ready-to-issue-ip-address-certificates/238777 keywords: netscaler; adc; citrix; dos; lets encrypt; certificates; gogs; centos; web panel…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Tuesday, June 24th, 2025: Telnet/SSH Scan Evolution; Fake Sonicwall Software; File-Fix vs Click-Fix (#) 4:03
4:03 Play Later Play Later Lists Like Liked4:03
Play Later Play Later Lists Like LikedSANS Stormcast Tuesday, June 24th, 2025: Telnet/SSH Scan Evolution; Fake Sonicwall Software; File-Fix vs Click-Fix Quick Password Brute Forcing Evolution Statistics After collecting usernames and passwords from our ssh and telnet honeypots for about a decade, I took a look back at how scans changed. Attackers are attempting more passwords in each scans than they used to, but the average length of passwords did not change. https://isc.sans.edu/diary/Quick%20Password%20Brute%20Forcing%20Evolution%20Statistics/32068 Introducing FileFix – A New Alternative to ClickFix Attacks Attackers may trick the user into copy/pasting strings into file explorer, which will execute commands similar to the ClickFix attack that tricks users into copy pasting the command into the start menu’s cmd feature. https://www.mobile-hacker.com/2025/06/24/introducing-filefix-a-new-alternative-to-clickfix-attacks/ Threat Actors Modify and Re-Create Commercial Software to Steal User’s Information A fake Sonicwall Netextender clone will steal user’s credentials https://www.sonicwall.com/blog/threat-actors-modify-and-re-create-commercial-software-to-steal-users-information keywords: clickfix; filefix; password; brute forcing…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Tuesday, June 24th, 2025: Ichano ATHome IP Camera Scans; Netscaler Vulnerability; WinRar Vulnerability (#) 5:04
5:04 Play Later Play Later Lists Like Liked5:04
Play Later Play Later Lists Like LikedSANS Stormcast Tuesday, June 24th, 2025: Ichano ATHome IP Camera Scans; Netscaler Vulnerability; WinRar Vulnerability Scans for Ichano AtHome IP Cameras A couple days ago, a few sources started scanning for the username super_yg and the password 123. This is associated with Ichano IP Camera software. https://isc.sans.edu/diary/Scans%20for%20Ichano%20AtHome%20IP%20Cameras/32062 Critical Netscaler Security Update CVE-2025-5777 CVE 2025-5777 is a critical severity vulnerability impacting NetScaler Gateway, i.e. if NetScaler has been configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. https://www.netscaler.com/blog/news/critical-security-updates-for-netscaler-netscaler-gateway-and-netscaler-console/ WinRar Vulnerability CVE-2025-6218 WinRar may be tricked into extracting files into attacker-determined locations, possibly leading to remote code execution https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=276&cHash=b5165454d983fc9717bc8748901a64f9 keywords: ip cameras; winrar; netscaler; ichano; athome; ip camera;…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials (#) 5:37
5:37 Play Later Play Later Lists Like Liked5:37
Play Later Play Later Lists Like LikedSANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials ADS & Python Tools Didier explains how to use his tools cut-bytes.py and filescanner to extract information from alternate data streams. https://isc.sans.edu/diary/ADS%20%26%20Python%20Tools/32058 Enhanced security defaults for Windows 365 Cloud PCs Microsoft announced more secure default configurations for its Windows 365 Cloud PC offerings. https://techcommunity.microsoft.com/blog/windows-itpro-blog/enhanced-security-defaults-for-windows-365-cloud-pcs/4424914 CVE-2025-34508: Another File Sharing Application, Another Path Traversal Horizon3 reveals details of a recently patched directory traversal vulnerability in zend.to. https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/ Unexpected security footguns in Go's parsers Go parsers for JSON and XML are not always compatible and can parse data in unexpected ways. This blog by Trails of Bits goes over the various security implications of this behaviour. https://blog.trailofbits.com/2025/06/17/unexpected-security-footguns-in-gos-parsers/ keywords: parsers; go; xml; json; zend.to; ads; python…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Friday, June 20th, 2025: New Employee Phishing; Malicious Tech Support Links; Social Engineering App Sepecific Passwords (#) 5:47
5:47 Play Later Play Later Lists Like Liked5:47
Play Later Play Later Lists Like LikedSANS Stormcast Friday, June 20th, 2025: New Employee Phishing; Malicious Tech Support Links; Social Engineering App Sepecific Passwords How Long Until the Phishing Starts? About Two Weeks After setting up a Google Workspace and adding a new user, it took only two weeks for the new employee to receive somewhat targeted phishing emails. https://isc.sans.edu/diary/How%20Long%20Until%20the%20Phishing%20Starts%3F%20About%20Two%20Weeks/32052 Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone numbers Scammers are placing Google ads that point to legitimate companies’ sites, but are injecting malicious text into the page advertising fake tech support numbers https://www.malwarebytes.com/blog/news/2025/06/scammers-hijack-websites-of-bank-of-america-netflix-microsoft-and-more-to-insert-fake-phone-number What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia Targeted attacks are tricking victims into creating app-specific passwords to Google resources. https://cloud.google.com/blog/topics/threat-intelligence/creative-phishing-academics-critics-of-russia keywords: asp; app specific; google; scammer; workspace; phishing…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Monday, June 16th, 2025: Extracing Data from JPEG; Windows Recall Export; Anubis Wiper; Mitel Vuln and PoC (#) 5:47
5:47 Play Later Play Later Lists Like Liked5:47
Play Later Play Later Lists Like LikedSANS Stormcast Monday, June 16th, 2025: Extracing Data from JPEG; Windows Recall Export; Anubis Wiper; Mitel Vuln and PoC Extracting Data From JPEGs Didier shows how to efficiently extract data from JPEGs using his tool jpegdump.py https://isc.sans.edu/diary/A%20JPEG%20With%20A%20Payload/32048 Windows Recall Export in Europe In its latest insider build for Windows 11, Microsoft is testing an export feature for data stored by Recall. The feature is limited to European users and requires that you note an encryption key that will be displayed only once as Recall is enabled. https://blogs.windows.com/windows-insider/2025/06/13/announcing-windows-11-insider-preview-build-26120-4441-beta-channel/ Anubis Ransomware Now Wipes Data The Anubis ransomware, usually known for standard double extortion, is now also wiping data preventing any recovery even if you pay the ransom. https://www.trendmicro.com/en_us/research/25/f/anubis-a-closer-look-at-an-emerging-ransomware.html Mitel Vulnerabilities CVE-2025-47188 Mitel this week patched a critical path traversal vulnerability (sadly, no CVE), and Infoguard Labs published a PoC exploit for an older file upload vulnerability. https://labs.infoguard.ch/posts/cve-2025-47188_mitel_phone_unauthenticated_rce/https://www.mitel.com/support/mitel-product-security-advisory-misa-2025-0007 keywords: mitel; anubis; ringtone; wiper; ransomware; windows; recall; jpegdump; jpeg…
S
SANS Internet Storm Center's Daily Network Security News Podcast
1 SANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil (#) 6:45
6:45 Play Later Play Later Lists Like Liked6:45
Play Later Play Later Lists Like LikedSANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil Katz Stealer in JPG Xavier found some multistage malware that uses an Excel Spreadsheet and an HTA file to load an image that includes embeded a copy of Katz stealer. https://isc.sans.edu/diary/More+Steganography/32044 https://unit42.paloaltonetworks.com/malicious-javascript-using-jsfiretruck-as-obfuscation/ JavaScript obfuscated with JSF*CK is being used on over 200,000 websites to direct victims to malware Expired Discord Invite Links Used for Malware Distribution Expired discord invite links are revived as vanity links to direct victims to malware sites https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/ keywords: discord; invite; malware; katz; jpg; jpeg; javascript;…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Similar to SANS Internet Storm Center's Daily Network Security News Podcast
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Ever wondered how automation will change the world? Maybe you puzzle over what India could do to ease traffic congestion, or how China's aircraft carriers will transform Indian Ocean geopolitics? All Things Policy, a daily podcast brought to you by the Takshashila Institution, brings you all the answers. Every weekday, our researchers break down complex economic and geopolitical ideas through the lens of current events. For everyone from the busy executive to the curious student, All Things ...
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Entrepreneurship empowers everyone
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
If you’re reading this, chances are you’re not an undecided voter. But if you don’t want Donald Trump to become president again, between now and November you’ll need to convince as many as you can to cast their ballot for Joe Biden. With the help of some of the smartest strategists, pollsters, and organizers in politics today, host Jon Favreau explores the minds of voters who will decide the 2024 election, and gives you everything you need to persuade the persuadables in your life. Season 4 ...
…
continue reading
America is divided, and it always has been. We're going back to the moment when that split turned into war. This is Uncivil: Gimlet Media's new history podcast, hosted by journalists Jack Hitt and Chenjerai Kumanyika. We ransack the official version of the Civil War, and take on the history you grew up with. We bring you untold stories about covert operations, corruption, resistance, mutiny, counterfeiting, antebellum drones, and so much more. And we connect these forgotten struggles to the ...
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
