SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Discover how a YouTube spam scam tricks users into losing money on crypto wallet fees, while their private keys remain safe. Learn about critical patches from Mediatek addressing serious vulnerabilities in WLAN products. D-Link faces challenges with older routers that will no longer receive updates, leaving users with the need to upgrade. Finally, Microsoft announces the discontinuation of its VPN service, prompting discussions about online security practices.

Discover the intriguing world of automated cyber ranges and their creation processes. Learn how scammers are capitalizing on the Deepseek hype, leading to malware infections through deceptive sites. Delve into the newly archived status feature on PyPi, signaling the end of maintenance for certain projects. Finally, uncover concerns about a backdoor found in a medical monitoring device, raising alarms in cybersecurity for healthcare. Tune in for insights into modern threats and innovations!

Explore the alarming persistence of old vulnerabilities in Netgear routers, still a threat in 2025. Discover a risky remote code execution flaw in the AI platform Lightning AI that could be exploited with just a click. Delve into various vulnerabilities in Canon printers that could lead to significant security breaches. Lastly, learn about the exposure of the Deepseek ClickHouse database and why securing databases is more critical than ever.

The discussion kicks off with a deep dive into devious Python malware that cleverly mimics PDF documents to steal data. A critical Fortinet vulnerability is making rounds on Russian forums, raising alarms over timely patches. The vulnerabilities in the Voyager PHP framework reveal risks like arbitrary file uploads. Active exploitation of unpatched Zyxel devices highlights the ever-present threat landscape. Finally, a VMware patch tackles a serious SQL injection flaw, underscoring the necessity for quick updates in cybersecurity.

Delve into the world of cybersecurity with discussions on a Python script targeting Exodus wallets, swiftly stealing crypto without saving data. Hear about the exploitation of vulnerabilities in SimpleHelp software, raising alarm for initial network breaches. Explore new side-channel attacks affecting Apple Silicon processors, enabling unauthorized access to sensitive data. The podcast also highlights privilege escalation vulnerabilities in TeamViewer and examines the strange misuse of QR codes in cyber threats.

Discover how cybercriminals are using the 'shy' HTML entity to bypass phishing filters in a cunning new tactic. Apple has rolled out vital patches that address a 0-day vulnerability, bolstering user security. Learn about a serious vulnerability in Fortinet's systems that could be exploited. Plus, hear the latest updates on vulnerabilities in GitHub Desktop and Apache Solr, ensuring you're informed about necessary patches and security measures in the ever-evolving landscape of cybersecurity.

Cybercriminals are using access brokers to maintain a persistent grip on compromised networks, raising significant security concerns. A critical vulnerability in Meta's Llama Stack highlights the need for robust mitigation strategies. The discussion also covers how to defend against ESXi ransomware and the importance of SSH tunneling. Additionally, a flaw in Subaru's Starlink system puts vehicles at risk of remote hacking, prompting urgent resolution measures. Tune in for insights on these pressing cybersecurity issues!

In this discussion, Anthony Russo, U.S. team lead for security operations at Atlassian, shares insights on using AI for SOAR platforms. He highlights recent XSS attacks targeting webmail and the essential patches from SonicWall and Cisco to address critical vulnerabilities. Russo also delves into the integration of AI in automating security operations and the potential of large language models like ChatGPT in enhancing cybersecurity. However, he stresses the importance of understanding AI limitations and ensuring effective automation.

Discover the intricacies of the PFSync protocol, crucial for synchronizing firewall states during failover scenarios. Delve into Oracle's latest critical patch release that targets multiple vulnerabilities. Uncover a sophisticated supply chain attack on a Korean VPN service, revealing significant security implications. Explore the challenges of VPN configuration and the urgent need for enhanced security measures regarding Ivanti. Stay informed with effective strategies to protect critical infrastructure from emerging threats.

Explore the unsettling geolocation risks for Starlink users, revealing how satellite internet could expose sensitive data. Learn about Cloudflare's role in potentially deanonymizing individuals by tracking cached content. Delve into alarming incidents where AI assistants leak confidential customer information due to careless prompts. Finally, discover the rising threat of phishing attacks targeting Mac users, underscoring the urgent need for better data protection and user training.