SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

February's Patch Tuesday reveals critical vulnerabilities in Microsoft products, particularly affecting Exchange Server and Outlook. DNS servers face alarming risks of denial-of-service attacks due to significant flaws. Meanwhile, a privilege escalation vulnerability in Zoom is making waves, and QNAP's network storage devices are under scrutiny for serious security issues. The urgency for timely updates has never been more pressing!

Discover the latest on a Mirai bot variant exploiting vulnerabilities in ByteValue routers, raising alarms about the importance of security measures. The episode also highlights ongoing phishing attacks targeting senior executives, emphasizing the need for two-factor authentication. Additionally, it covers a partnership aimed at securing software repositories alongside vulnerabilities found in PostgreSQL and Microsoft Defender, shedding light on the risks of malicious packages and coding errors.

Dive into the mysterious world of an obfuscated PowerShell script bundled in an MSI X package. Discover the challenges researchers face when distinguishing authentic servers from honeypots. The podcast also unveils a serious vulnerability in ClamAV that could allow arbitrary code execution. Plus, learn how ExpressVPN is addressing DNS leak issues, urging users to streamline their VPN usage for heightened security. It's a thrilling ride through the latest in cyber vulnerabilities and security measures!

This edition highlights a Python MP3 player equipped with a keylogger, sparking concerns about security. It brings attention to a fraudulent LastPass app recently spotted in the Apple App Store. The episode also discusses serious vulnerabilities in Ivanti and Fortinet software, stressing the importance of vigilance and mitigation strategies. Celebrating its 15th anniversary, the show reflects on listener feedback as crucial for improvements while tackling these pressing cybersecurity threats.

Unraveling the mystery of a suspicious IoT URL linked to device management, experts dissect its potential vulnerabilities. A critical shim vulnerability in Linux systems raises alarm bells, prompting immediate attention. Lessons from a botnet incident shed light on security risks, emphasizing the dangers posed by malicious tactics. Insights into the complexities of IoT landscape and a retrospective on botnet shutdowns make for a riveting discussion.

Computer viruses are turning 40, showcasing their long legacy in cybersecurity. From ancient malware to today’s unique threats, like smart toothbrushes forming a DDoS botnet in Switzerland, the landscape has changed dramatically. The discussion highlights a critical vulnerability in TeamCity that allows unauthorized access. Additionally, trends like 'resume looters' and misleading Facebook ads pose risks for job seekers. Stay informed to combat these evolving threats in our digital age!

Discover the risks of exposing email addresses online and learn about a significant security breach involving Anydesk. Uncover the rising threat of deepfakes, including a shocking $20 million loss from a staged video call scam. Delve into credential harvesting vulnerabilities and the alarming role of fake IDs in cryptocurrency scams. The discussion highlights the importance of enhancing security measures to combat these evolving cyber threats.

Explore the latest in cybersecurity with insights on a groundbreaking dashboard enhancing honeypot attack analysis using the ELK stack. Discover the recent breach at Anydesk, including the company's response and lingering uncertainties. Dive into the vulnerabilities found in Docker containers, spotlighting the need for proactive security measures. The discussions highlight the importance of detailed logs and collaborative feedback in combating emerging threats.

Discover the ins and outs of top-level domains and their surprising security implications. Learn how these distinctions can affect cookie assignments in browsers. Gain urgent insights on securing devices against potential breaches, with crucial steps for federal agencies regarding Ivanti solutions. The discussion also highlights a recent attack on Cloudflare, shedding light on the evolving threat landscape in cybersecurity.

Dive into the intriguing world of top-level domains and their hidden dangers. Discover the pros and cons of using internal domains versus publicly registered ones. Stay updated on critical vulnerabilities in Ivanti software and the recent patches released. Learn about the exploitation of a SAML vulnerability that allows server-side request forgery. Also, explore serious issues in the GLIP C library and a web application firewall bypass that complicates URL parsing.