SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Monday, October 27th, 2025: Bilingual Phishing; Kaitai Struct WebIDE
6 snips
Oct 27, 2025 This discussion highlights a troubling trend of bilingual phishing attempts targeting cloud credentials, revealing how language can impact phishing success. There's also a spotlight on the newly available Kaitai Struct WebIDE, a browser-based tool for binary analysis. Additionally, Microsoft has issued an emergency patch for WSUS to address a critical vulnerability currently under exploitation. The conversation wraps up with concerns over outdated vulnerabilities in network security devices, which remain attractive targets for attackers.
AI Snips
Chapters
Transcript
Episode notes
Bilingual Phishing Targeting Cloud Accounts
- Guy observed identical phishing emails in French and English targeting cloud credentials.
- Johannes Ulrich noted attackers likely try both languages to improve success in bilingual regions like Canada.
Language Boosts Phishing Effectiveness
- Phishing in a recipient's native language increases success compared to generic English messages.
- Johannes Ulrich observed non-English speakers see fewer native-language phishes, making those rarer messages more effective.
Kaitai Struct Web IDE Demo
- Developers of Kaitai Struct presented a web-only IDE at hack.lu that runs entirely in JavaScript.
- Johannes Ulrich compared it to CyberChef but focused on binary analysis for occasional malware analysts.