SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

This discussion delves into significant vulnerabilities in VPN technology, specifically the dangers of DHCP-based routing leaks. It highlights a concerning DNS traffic leak issue found in Mullvad VPN on Android devices. Additionally, it brings attention to an unpatched vulnerability in TinyProxy, shedding light on the implications for user security. Tune in to uncover these critical security challenges and learn more about upcoming RSA events!

Explore the latest in cybersecurity with insights on troubleshooting DNS issues using nslookup. Learn about Microsoft's upcoming Zero Trust DNS, designed to enhance Windows security. Discover how trusted DNS protocols like DNS over TLS protect against interception. The podcast also highlights the challenges hackers face, particularly with the Microsoft Graph API serving as a potential control method for malware. Tune in for a mix of technical updates and actionable cybersecurity strategies!

Discover the latest probing attacks targeting LB-Link and Vinga routers, exploiting critical CVE vulnerabilities. Dive into the serious buffer overflow issues found in ArubaOS that could compromise device security. Uncover the specifics of the Cuttlefish malware and its implications for office networks. Get practical recommendations to secure your web applications and routers from such evolving threats.

Discover the alarming rise of the Xorddos Linux Trojan and its clever tactics involving DNS servers. Delve into the potential financial pitfalls of empty S3 buckets that can skyrocket AWS bills. Explore how new privacy concerns with iOS Safari could impact user tracking and data security. Finally, uncover critical vulnerabilities like CVE-2024-2912 in BentoML. It’s a revealing insight into the evolving landscape of cyber threats!

Today’s discussion dives into escalating cyber threats targeting NAS devices, focusing on vulnerabilities in Zyxel NAS326 units. The spotlight also shifts to the risks associated with R's deserialization vulnerabilities and how they can lead to arbitrary code execution. Additionally, the conversation highlights the rising tide of coordinated attacks on Docker Hub, showcasing a dangerous proliferation of malicious repositories. Tune in for insights into NVMe-oF/TCP vulnerabilities that could pose significant security challenges.

Dive into the latest cybersecurity threats, including a new exploit affecting DLink NAS devices. Learn about the clever DNS manipulation tactics known as Muddling Meerkat and how it ties into China’s Great Firewall. Discover alarming data leakage issues with Android TVs revealing user email inboxes. Plus, get insights into upcoming cybersecurity training sessions that are designed to strengthen your skills in application security. Stay informed and bolster your defense against emerging digital risks!

Credential stuffing attacks are on the rise, and Okta shares insights on defense strategies. In Japan, police use fake payment cards to creatively warn the elderly about scams. The podcast highlights phishing trends, with alarming new campaigns aimed at USPS. Additionally, Chrome 124's update breaks the TLS handshake, raising concerns for web security. Innovators in cybersecurity are pioneering solutions, and upcoming events at the RSA conference are discussed.

Matthew Alan Vorhees, a cybersecurity expert, dives deep into prevention strategies for modern cyber threats. He discusses the critical role of honeypots and effective traffic redirection in monitoring malicious activity. The conversation also highlights living off the land attacks, emphasizing how threat actors exploit established binaries. Vorhees shares strategies for blocking these attacks while ensuring functionality for enterprise users. Additionally, the podcast addresses the unique cybersecurity challenges in regulated medical devices, underscoring the balance between security and operational needs.

Dive into the latest cybersecurity vulnerabilities, including critical Cisco device patches and concerning flaws in keyboard apps that risk exposing keystrokes. Discover the hidden dangers of user-defined database connections in MySQL2 and learn about the newly uncovered Arcane backdoor targeting network devices. Stay informed about the need for firmware updates and don’t miss the upcoming AI Forum centered on information security. Cyber threats are evolving, and awareness is key!

Forest Blizard, an expert in cybersecurity tools and vulnerabilities, joins the discussion to highlight persistent issues like the Struts2 devmode vulnerability still affecting systems after ten years. He analyzes his own custom post-compromise tool for exploiting CVE-2022-38028 and sheds light on crucial updates in the April 2024 Exchange Server hotfix. The conversation also covers alarming threats from the hijacking of antivirus updates, showcasing the ever-evolving landscape of cybersecurity risks.