SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Explore the latest cyber threats targeting D-Link NAS devices and learn about vulnerabilities in Android applications disguising as videos on Telegram. Discover how attackers can bypass Windows Hello strong authentication measures, raising concerns for user security. Additionally, dive into Let's Encrypt's plan to replace OCSP with CRLs and Google's shift in managing third-party cookies, moving towards a privacy-focused approach.

Discover the fallout from a major CrowdStrike incident that affected 8.5 million systems and learn about the daunting recovery efforts underway. The discussion explores the rising tide of phishing attacks and offers insights into effective strategies for managing recovery keys. Tune in for expert advice on navigating these challenges and safeguarding your systems!

A significant flaw in a cybersecurity update has caused widespread crashes on Windows systems. The discussion offers insights into the aftermath of this technical mishap. Listeners will also learn about recovery strategies and confront common myths surrounding the issue. This informative talk sheds light on the intersection of technology and security, highlighting the importance of careful software updates.

Explore Oracle's critical patch update addressing 386 vulnerabilities, including a staggering CVSS score of 9.8. Discover Microsoft's latest advancements in email security with the new inbound SMTP DANE, enhancing protection. Learn how to improve your email reputation with DKIM and insights on upcoming SMTP features. Don't miss the analysis of recent VPN vulnerabilities and novel attack vectors that could jeopardize your connections. It's a treasure trove of information for anyone concerned about cyber security!

In this engaging discussion, Androx Gh0st, a member of the Androx Gh0st Busters, dives into urgent cybersecurity threats including Anthrax Ghost malware. They shed light on critical vulnerabilities affecting Cisco's Smart Software Manager and Secure Email Gateway, underscoring the risks they pose. The conversation also covers Microsoft's new Windows update processes and vital patches for GeoServer, stressing the importance of proactive patch management in today's digital landscape.

Discover the latest twist on phishing with reply chain tactics that trick unsuspecting users. Delve into alarming vulnerabilities in TP-Link routers and Synology IP cameras revealed in recent attacks. Learn about the Cosmic Sting exploit affecting Adobe Commerce stores, exposing sensitive data. Tune in for insights on how these threats are evolving and the importance of staying informed in cybersecurity.

Dive into the world of modern Cyber Security as the evolution of cyber attacks is unveiled, highlighting the layers of protection in Excel spreadsheets. Discover a new tool for efficiently exporting hashes tailored for high-performance systems. The discussion also brings to light the dangers of credential exposure, including a critical incident involving a GitHub token found within a Docker image. Plus, a major update issue surrounding Microsoft 365 Defender raises concerns about network data reporting on Windows Server 2022.

Discover the intriguing world of cyber vulnerabilities, from the unexpected 16-bit hash collisions in Excel spreadsheets to the ongoing exploits in the Nette PHP framework. Learn about critical tools designed to crack password protections and the risks of ignoring software updates. The podcast also highlights the importance of secure domain transfer practices, especially when moving from Google to Squarespace, to safeguard sensitive information amid rising security threats like denial of service amplifiers.

Explore the intriguing world of honeypots and their logs, as attackers fingerprint vulnerabilities. Discover the critical vulnerabilities patched by tech giants like Juniper and VMware. Learn about the risks associated with SMS-based multi-factor authentication and why stronger methods are essential. Stay informed on recent incidents like the Veeam vulnerability to better protect your systems and consider joining an enlightening upcoming conference.

Explore the intriguing world of honeypots as the podcast delves into using DBSCAN for identifying data clusters. Discover a new vulnerability in OpenSSH that raises security concerns. The discussion also unveils recent cyber threats, including a zero-day exploit targeting Internet Explorer and patched vulnerabilities in SharePoint, Citrix NetScaler, and OpenVPN. Each segment unpacks the implications for users and highlights the importance of staying ahead in cybersecurity.