SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Explore the troubling SQL injection vulnerability in GeoServer, emphasizing its potential impact despite low exploit rates. Discover CrowdStrike's analysis of a recent outage and the alarming risks tied to Kibana software vulnerabilities. The importance of timely software updates comes to light, with insights on an Android update addressing privilege escalation issues. Additionally, learn about privacy risks from outdated Ubiquity devices and the crucial role of organizations in monitoring threat landscapes.

Dive into the dark side of cybersecurity as the hosts explore malware techniques like script obfuscation in Visual Basic. Learn about a significant vulnerability in CrowdStrike's software that caused massive blue screens. Discover the dangers lurking in OFBiz and the recent XSS vulnerabilities found in Roundcube, exposing how easily unprotected web applications can be exploited. This episode packs a punch with essential insights for anyone keen on staying ahead in the ever-evolving landscape of cyber threats.

A major certificate authority for Secure Boot will expire in 2026, raising concerns about system security and the need for timely updates. The podcast discusses how file format changes can affect spreadsheet verification. There’s also a deep dive into the dangers of compromised ISPs delivering malicious software updates, stressing the importance of digitally signed updates. Additionally, DARPA's TRACTOR program is highlighted, showcasing efforts to improve programming safety by converting C code into Rust.

Discover the intriguing world of proxy scans and their dual use in cyber threats. Learn how threat actors impersonate major companies, like Google, to trick users with fake ads. Uncover the surprisingly easy tactics of domain hijacking and its implications for cybersecurity. This discussion sheds light on the importance of vigilance and protective measures in an increasingly complex digital landscape.

The podcast dives into increased cyber threats related to the Apache OFBiz vulnerability. A significant certificate revocation incident by DigiCert raises alarms about trust in security certificates. They discuss a major Azure outage that affected services worldwide. Additionally, there's a spotlight on Google's innovative measures to bolster the security of Chrome cookies, underscoring the ever-evolving nature of cybersecurity.

A deep dive into Apple's latest updates reveals fixes for 64 vulnerabilities, including a critical exploit affecting kernel protections. The discussion also uncovers alarming details about a VMware vulnerability actively exploited by ransomware gangs. Additionally, concerns surrounding weak encryption in Voice Over Wi-Fi technology highlight the growing risks in modern communication. Security updates for Apache are brought to the forefront, emphasizing the necessity for robust protection against evolving cyber threats.

In this discussion, experts dive into a malicious Word document that targets a CrowdStrike vulnerability, showcasing the evolving nature of cyber threats. They also highlight a critical cross-site scripting flaw in Hotjar that jeopardizes OAuth security, putting over a million websites at risk. Additionally, the podcast examines a significant email spoofing campaign that exploits Proofpoint’s protection, detailing possible responses to enhance cybersecurity measures. Tune in for insight into these pressing security challenges!

Dive into the dark world of ExelaStealer, a new malware threat with Russian roots. Discover how to create your own BSOD with the quirky 'Not My Fault' tool for crash analysis. Unravel the PKFail vulnerability and its implications on security. The discussion also highlights major firmware vulnerabilities that could affect systems from brands like Lenovo and MSI, stressing the importance of trusted updates. Plus, learn about Microsoft’s efforts to improve the security landscape by tackling kernel driver usage in security software.

Explore the sinister world of X-Worm malware, cleverly using process hollowing for stealthy operations. Discover alarming revelations about how anyone can access deleted and private data on GitHub, raising serious security concerns. Plus, learn about Google's latest enhancement to Chrome that scans encrypted and password-protected files for potential threats. This discussion dives deep into the intersection of malware tactics and evolving cybersecurity measures.

Dive into the world of cyber threats with a look at a malicious Python script that logs keystrokes and mouse movements. Explore a revealing incident report from CrowdStrike that highlights critical configuration management flaws. Additionally, uncover the intriguing story of a North Korean impersonating an IT worker to infiltrate organizations. These discussions shed light on modern cyber risks and the cunning tactics of attackers.