SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) cover image

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Latest episodes

undefined
5 snips
Apr 4, 2025 • 6min

SANS Stormcast Friday, Apr 4th: URL Frequency Analysis; Ivanti Flaw Exploited; WinRAR MotW Vuln; Tax filing scams; Oracle Breach Update

Discover how frequency analysis can predict malicious URLs and enhance cybersecurity. Learn about a recently exploited Ivanti vulnerability that was initially thought unexploitable. Dive into the WinRAR flaw that mismanages symlinks, potentially endangering users. Stay alert about Microsoft’s warning on rising tax-related scams as filing deadlines approach. Lastly, catch up on an Oracle breach impacting customer information, emphasizing the importance of secure online practices.
undefined
6 snips
Apr 3, 2025 • 9min

SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail

A surge in scans targeting the Juniper username 't128' raises concerns about potential vulnerabilities. Verizon's API flaw allowed unauthorized access to users' call logs, exposing serious privacy issues. Additionally, Google introduces end-to-end encryption for Gmail's business users, but with a caveat: non-Gmail recipients must jump through hoops to read encrypted messages, prompting debates about user security and phishing risks.
undefined
Apr 2, 2025 • 7min

SANS Stormcast Wednesday Apr 2nd: Apple Updates Everything;

Apple rolled out essential security updates across all its platforms, patching 145 vulnerabilities, including fixes for previously exploited issues. Meanwhile, VMWare's automatic update checks are currently malfunctioning due to recent transitions. The podcast also discusses SQL injection vulnerabilities in NIM's Postgres library, which mishandles prepared statements, emphasizing the importance of secure coding practices. A must-listen for anyone concerned about cybersecurity!
undefined
6 snips
Apr 1, 2025 • 8min

SANS Stormcast Tuesday Apr 1st: Apache Camel Exploits; New Cert Authorities Requirements; Possible Oracle Breach

Explore a newly patched vulnerability in Apache Camel that sparks various internal scans. Discover how upcoming security requirements will change the way certificate authorities verify domain ownership. Delve into the murky waters of a possible data breach at Oracle, raising questions about accountability and customer trust. This discussion highlights the importance of vigilance in cybersecurity, especially following recent incidents, urging users to reevaluate their security protocols.
undefined
Mar 31, 2025 • 7min

SANS Stormcast Monday, March 31st: Comparing Phishing Sites; DOH and MX Abuse Phishing; opkssh

Explore the fascinating world of phishing with a deep dive into two seemingly similar sites that use different backend technologies. Discover how a new phishing variant leverages DNS MX records and DoH for more targeted attacks. Plus, learn about an innovative tool that incorporates OpenID Connect with SSH, streamlining secure login processes. This discussion highlights the evolving methods of cyber threats and the importance of robust security measures.
undefined
8 snips
Mar 28, 2025 • 6min

SANS Stormcast Friday, March 28th: Sitecore Exploited; Blasting Past Webp; Splunk and Firefox Vulnerabilities

A recent deserialization attack targeted Sitecore, exploiting a thumbnail access token header. Google’s Project Zero detailed a zero-click NSO BlastPass exploit in iOS using a WebP vulnerability. Splunk patched several vulnerabilities, including one that allowed code execution for authenticated users. Meanwhile, Mozilla patched an active sandbox escape vulnerability in Firefox. The podcast highlights these critical security issues while urging listeners to stay informed on evolving cyber threats.
undefined
4 snips
Mar 27, 2025 • 5min

SANS Stormcast Thursday Mar 27th: Classifying Malware with ML; Malicious NPM Packages; Google Chrome 0-day

Discover innovative methods for classifying malware using machine learning and entropy-driven feature selection. Learn about dangerous NPM packages that masquerade as legitimate software but introduce reverse shells. Additionally, uncover a recently patched vulnerability in Google Chrome that was exploited against media and educational groups in Russia. Delve into the world of cybersecurity and the latest emerging threats in the digital landscape.
undefined
Mar 26, 2025 • 6min

SANS Stormcast Wednesday Mar 26th: XWiki Exploit; File Converter Correction; VMWare Vulnerability; Draytek Router Reboots; MMC Exploit Details;

Discover the surge in exploit attempts targeting an XWiki vulnerability that allows command injection. Learn about the FBI's warning regarding unsafe online file converters. Follow the latest on a VMWare Tools flaw that could escalate user privileges within virtual machines. Hear about issues with Draytek routers stuck in a reboot loop and the advised fixes. Finally, get insights into the recent exploitation of a Microsoft Management Console vulnerability patched just days ago.
undefined
4 snips
Mar 25, 2025 • 6min

SANS Stormcast Tuesday Mar 25th: Privacy Awware Bots; Ingress Nightmare; Malicious File Converters; VSCode Extension Leads to Ransomware

Discover the intriguing world of bot behavior as they cleverly use privacy headers to blend in, yet may make spotting them easier. Dive into the critical vulnerabilities in Kubernetes environments that could lead to serious compromises. Stay alert to the FBI's warnings about file converter scams, emphasizing the need for caution with untrusted downloads. Plus, learn about a VSCode extension that turns out to harbor ransomware. This episode is packed with essential cyber security insights!
undefined
4 snips
Mar 24, 2025 • 7min

SANS Stormcast Monday Mar 24th: Critical Next.js Vulnerability; Microsoft Trust Signing Platform Abuse

A critical vulnerability in Next.js could allow unauthorized access, raising alarms about middleware verification. The need for immediate patching is emphasized to protect applications. Meanwhile, Microsoft's Trust Signing Service is exploited by attackers to generate signatures for malware. This alarming trend sheds light on the potential dangers of poor verification processes in software development. Understanding these vulnerabilities is crucial for maintaining robust cybersecurity practices.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode