SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Dive into the mysterious world of an obfuscated PowerShell script bundled in an MSI X package. Discover the challenges researchers face when distinguishing authentic servers from honeypots. The podcast also unveils a serious vulnerability in ClamAV that could allow arbitrary code execution. Plus, learn how ExpressVPN is addressing DNS leak issues, urging users to streamline their VPN usage for heightened security. It's a thrilling ride through the latest in cyber vulnerabilities and security measures!

This edition highlights a Python MP3 player equipped with a keylogger, sparking concerns about security. It brings attention to a fraudulent LastPass app recently spotted in the Apple App Store. The episode also discusses serious vulnerabilities in Ivanti and Fortinet software, stressing the importance of vigilance and mitigation strategies. Celebrating its 15th anniversary, the show reflects on listener feedback as crucial for improvements while tackling these pressing cybersecurity threats.

Unraveling the mystery of a suspicious IoT URL linked to device management, experts dissect its potential vulnerabilities. A critical shim vulnerability in Linux systems raises alarm bells, prompting immediate attention. Lessons from a botnet incident shed light on security risks, emphasizing the dangers posed by malicious tactics. Insights into the complexities of IoT landscape and a retrospective on botnet shutdowns make for a riveting discussion.

Computer viruses are turning 40, showcasing their long legacy in cybersecurity. From ancient malware to today’s unique threats, like smart toothbrushes forming a DDoS botnet in Switzerland, the landscape has changed dramatically. The discussion highlights a critical vulnerability in TeamCity that allows unauthorized access. Additionally, trends like 'resume looters' and misleading Facebook ads pose risks for job seekers. Stay informed to combat these evolving threats in our digital age!

Discover the risks of exposing email addresses online and learn about a significant security breach involving Anydesk. Uncover the rising threat of deepfakes, including a shocking $20 million loss from a staged video call scam. Delve into credential harvesting vulnerabilities and the alarming role of fake IDs in cryptocurrency scams. The discussion highlights the importance of enhancing security measures to combat these evolving cyber threats.

Explore the latest in cybersecurity with insights on a groundbreaking dashboard enhancing honeypot attack analysis using the ELK stack. Discover the recent breach at Anydesk, including the company's response and lingering uncertainties. Dive into the vulnerabilities found in Docker containers, spotlighting the need for proactive security measures. The discussions highlight the importance of detailed logs and collaborative feedback in combating emerging threats.

Discover the ins and outs of top-level domains and their surprising security implications. Learn how these distinctions can affect cookie assignments in browsers. Gain urgent insights on securing devices against potential breaches, with crucial steps for federal agencies regarding Ivanti solutions. The discussion also highlights a recent attack on Cloudflare, shedding light on the evolving threat landscape in cybersecurity.

Dive into the intriguing world of top-level domains and their hidden dangers. Discover the pros and cons of using internal domains versus publicly registered ones. Stay updated on critical vulnerabilities in Ivanti software and the recent patches released. Learn about the exploitation of a SAML vulnerability that allows server-side request forgery. Also, explore serious issues in the GLIP C library and a web application firewall bypass that complicates URL parsing.

Discover the clever tactics attackers use to identify honeypots, including the DeShield honeypot's unique strategies. The conversation also tackles the challenges of ensuring privacy in the digital age, particularly with the introduction of a new private use top-level domain. Juniper’s recent critical vulnerabilities take center stage, leaving networks exposed. Additionally, there’s a significant privacy concern as ChatGPT accidentally leaks user conversations, raising alarms about online security.

A recent vulnerability in Atlassian's Confluence platform has led to new exploit techniques enabling unauthorized access. The discussion highlights how attackers manipulate system statuses to bypass defenses. Additionally, malicious Python packages are on the rise, targeting cryptocurrency users with info-stealer malware. The need for prompt updates and detection against a critical Linux kernel vulnerability is emphasized, underscoring the importance of security in developer environments.