SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Friday Mar 21st: New Data Feeds; SEO Spam; Veeam Deserialization; IBM AIX RCE;

Mar 21, 2025

Discover the latest on data feeds and the impact of a recent SEO scam targeting bloggers. Learn about Veeam's alarming deserialization vulnerability and the insufficient patch that remains a concern. Dive into the critical security risks surrounding IBM's AIX operating system, where an unauthenticated remote code execution vulnerability poses serious threats. Stay informed and boost your cyber vigilance with these essential updates!

08:24

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Recent enhancements to data feeds aim to streamline threat intelligence access, allowing users to retrieve consolidated reports instead of individual queries.

The continuing discovery of deserialization vulnerabilities highlights the necessity for robust security measures and effective patching protocols in software environments.

Deep dives

Enhancements to Data Feeds

Recent changes to data feeds have been implemented to improve efficiency for users accessing threat intelligence. Instead of querying the API for individual IP addresses, users can now download static reports that consolidate recent activity and associated labels. This approach is designed to reduce the load on the API while providing faster access to relevant data, which is beneficial for those conducting security analyses. The aim is to facilitate easier and more efficient use of the resources available to users.

Reorganizing Data Feeds and Identifying SEO Scams

2min

Exploring Deserialization Vulnerabilities and Recent IBM AIX Issues

6min

Some New Data Feeds and Little Incident
We started offering additional data feeds, and an SEO spamer attempted to make us change a link from an old podcast episode.
https://isc.sans.edu/diary/Some%20new%20Data%20Feeds%2C%20and%20a%20little%20%22incident%22./31786
Veeam Deserialization Vulnerability
Veeam released details regarding the latest vulnerablity in Veeam, pointing out the insufficient patch applied to a prior deserialization vulnerability.
https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/
IBM AIX Vulnerablity
The AIX NIM service is vulnerable to an unauthenticated remote code execution vulnerability
https://www.ibm.com/support/pages/node/7186621
thanks Chris Mosby for Spotify comment

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Friday Mar 21st: New Data Feeds; SEO Spam; Veeam Deserialization; IBM AIX RCE;

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Enhancements to Data Feeds

Risks of Deserialization Vulnerabilities

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights