SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Discover the alarming vulnerabilities linked to the compromised NetSupport remote access tool and the unprotected backdoor in D-Link routers. Learn about the critical security updates for iTerm2, spotlighting issues related to tmux integration. The urgency of patching high-risk vulnerabilities in Nextcloud is also tackled, as these flaws could severely jeopardize multi-factor authentication systems. Stay informed and secure in the ever-evolving landscape of cyber threats.

This discussion highlights tools for managing JSON data and dives into Python's 'sleepy pickle' vulnerability. The challenges of detecting headless Chrome are examined, alongside a new tool for evaluating browser extension safety. Additionally, critical security updates for Asus routers are revealed, emphasizing the importance of addressing vulnerabilities in network devices.

Discover the fascinating world of jq, a powerful command line tool for JSON parsing. Dive into critical vulnerabilities in Microsoft Outlook and learn how these flaws could impact users. Explore the emerging threat of pickle file attacks on machine learning models, revealing the risks associated with this technology. Get insights on how to safeguard personal email accounts in light of these vulnerabilities. Plus, stay tuned for exciting updates on future podcast events!

Discover how reconnaissance activities reveal intriguing patterns in Microsoft Message Queue traffic. Learn about Adobe's critical updates addressing vulnerabilities in its products, including Commerce and Cold Fusion. Delve into the alarming exploitation of a privilege escalation flaw by Black Basta ransomware. The discussion also highlights the complexities of forensic analysis in these incidents and reviews essential Android updates that patch critical vulnerabilities.

Get ready for a deep dive into the latest security landscape! This discussion covers crucial June patches from Microsoft, highlighting 58 vulnerabilities, including a major flaw in the Message Queuing Service. The podcast also reveals a worrying vulnerability in JetBrains' GitHub plugin and addresses risks in Veeam Recovery Orchestrator. Plus, an intriguing insight into a potential threat posed by internet-connected treadmills adds an unexpected twist!

A serious vulnerability has been found in the Veeam backup system, enabling authentication bypass. The podcast highlights the recent shutdown of the Sorbs Anti-Spam list, which could affect spam management strategies. It also covers alarming reports about rogue cell towers in London sending out smishing texts, leading to arrests. Additionally, there’s a discussion about malicious Comfyui modules posing risks in software development. Cybersecurity is more critical than ever with these emerging threats!

Discover the latest vulnerabilities in PHP and PyTorch, including a concerning code injection flaw. Learn how malicious Visual Studio Code extensions pose risks to users, even with millions of installs. The discussion emphasizes the importance of staying updated and cautious with software choices to maintain cybersecurity.

A novel Python malware with a unique 'best before date' raises questions about its effectiveness in targeted attacks. The FBI’s recent recovery of 7,000 LockBit ransomware keys showcases ongoing efforts in cybercrime enforcement. Meanwhile, Apple’s commitment to five years of security updates highlights their focus on user safety. The FCC proposes new rules to enhance Internet routing security, addressing vulnerabilities in the ever-expanding IoT landscape. It's a fascinating dive into contemporary cyber threats and protective measures!

Brute force attacks on WatchGuard VPNs are on the rise, raising alarms about cybersecurity. There's a spotlight on the risks associated with Microsoft's Windows Co-Pilot Plus Recall feature. Additionally, a serious vulnerability in WebEx has come to light, allowing unauthorized access to meetings. The discussion emphasizes the importance of robust security measures in the face of these threats.

Discover the complex world of anti-malware tools and the conflicts that can arise when they coexist on a system. Uncover the dangers lurking in fake job ads that lead to stolen cryptocurrency, as highlighted by the FBI. Learn about critical vulnerabilities in Zyxel NAS devices and the swift action taken for better protection. Stay informed about these pressing cybersecurity issues that could affect you!