SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Discover the latest Unfurl update that improves URL decoding and timestamp management. Learn how Google is phasing out SMS for GMail, opting for Passkeys instead. Beware of new PayPal phishing tactics that exploit legitimate emails. The podcast also covers vulnerabilities in mail servers, including a serious Exim SQL injection flaw and a newly discovered 0-day in Parallels. Stay informed about evolving cyber threats and enhance your security awareness!

Discover the latest advancements in cybersecurity tools, including the innovative sigs.py for hash verification. Google introduces quantum-safe digital signatures in its cloud key management, marking a significant shift in security. The conversation also delves into recent issues with Windows 11 updates affecting file usability. Finally, researchers raise alarms about numerous vulnerabilities in 5G and LTE networks, underlining the urgent need for enhanced security in our digital infrastructure.

Discover how to leverage ES|QL in Kibana for querying DShield honeypot logs effectively. Dive into the vulnerabilities of Mongoose leading to potential MongoDB exploits. Uncover the issues within the U-Boot open-source bootloader that could allow malicious code execution. Learn about key updates to Unifi Protect Cameras that address security risks. Lastly, explore innovative ways to treat network devices as endpoints, enhancing detection and privilege management to bolster cybersecurity.

Dive into the world of cybersecurity with a look at XWorm, a tricky malware disguised as anti-cheat software, packed with malicious PowerShell code. Discover Microsoft's revolutionary Majorana 1 chip, paving the way for stable, low-error quantum computing. Also, learn about the vulnerabilities in the popular Signal messaging app, where QR codes could compromise user accounts, and how Russian actors are exploiting this for phishing attacks. It's a cybersecurity rollercoaster you won't want to miss!

Discover how ModelScan combats deserialization attacks on AI models, ensuring safety against malicious code. Learn about critical vulnerabilities in OpenSSH that could lead to server impersonation, emphasizing the importance of timely updates. Juniper fixes significant authentication bypass issues, while Dell addresses privilege escalation in BIOS across its product line. Each topic highlights the ongoing battle to secure our digital landscape.

Dive into essential strategies for securing edge devices as vulnerabilities grow. Explore the PostgreSQL exploit and the alarming exploitation of Ivanti Connect Secure. The discussion also covers a recently patched WinZip buffer overflow threat that could be triggered by malicious files. Plus, learn about critical patches for Xerox printers that address vulnerabilities potentially allowing lateral movement. Stay informed and protect your network from emerging cyber threats!

A malicious Python script is creating fake blue screens of death, possibly to trick users into calling support scams. The importance of managing volatile IP addresses is emphasized, as mismanagement can lead to serious security risks. A critical SQL injection vulnerability in PostgreSQL’s libpq functions is detailed, exposing systems to potential breaches. Finally, the podcast explores how Russian threat actors are exploiting OAuth device code authentication through phishing attacks, highlighting the need for increased user awareness and security measures.

Explore the fascinating world of honeypots with insights on new SIEM dashboards that summarize attack data. Discover the recently patched vulnerability in Palo Alto Networks' devices that could lead to authentication bypass. Learn how China's Volt Typhoon group exploits older Cisco vulnerabilities for telecom attacks. Plus, find out about the latest security patches from Crowdstrike for their Linux client. A deep dive into pressing cybersecurity topics that keep professionals on their toes.

The discussion dives into the complex security challenges posed by smart cities, emphasizing the need for standardized vocabularies. It highlights North Korean state actors' cunning social engineering tactics targeting South Korean administrators. Additionally, listeners learn about vulnerabilities in Wazuh and the PAM module for Linux, which could lead to serious breaches. Finally, critical updates from Ivanti address multiple security flaws, stressing the importance of proactive measures in cybersecurity.

This discussion dives into Microsoft's latest Patch Tuesday, unveiling fixes for 55 vulnerabilities, including critical issues with LDAP and Active Directory. Notably, some flaws are already exploited, urging immediate attention. Adobe also steps up with patches for seven products, with a focus on critical Adobe Commerce issues. Finally, Fortinet faces scrutiny as they acknowledge exploitation of a vulnerability in FortiOS, raising concerns about security protocols. It's a critical time for updates in the cybersecurity landscape!