SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

This discussion dives into Microsoft's latest Patch Tuesday, unveiling fixes for 55 vulnerabilities, including critical issues with LDAP and Active Directory. Notably, some flaws are already exploited, urging immediate attention. Adobe also steps up with patches for seven products, with a focus on critical Adobe Commerce issues. Finally, Fortinet faces scrutiny as they acknowledge exploitation of a vulnerability in FortiOS, raising concerns about security protocols. It's a critical time for updates in the cybersecurity landscape!

Explore the critical need for secure file extraction with 7-Zip updates that require the mark of the web. Apple rushes to patch a vulnerability that lets attackers bypass USB restrictions on devices. Meanwhile, a microcode exploit on AMD CPUs raises alarms, manipulating functions and random number generation. Trimble Cityworks falls victim to a newly exploited flaw, while the latest MageCart tactics involve stealthy JavaScript injections stealing credit card data through Google Tag Manager, highlighting the importance of cautious coding practices.

Celebrate 16 years of cybersecurity insights while discussing the age of SSL 2.0, which turns 30 but still has over 400k hosts exposed. Delve into alarming security flaws in the Chinese Deepseek AI model, highlighting various deficiencies. Learn about the intricacies of dual signature crypto scams, revealing that these wallets actually require financial investment to set up. Join in on a blend of nostalgia and critical reflections on current cybersecurity threats!

Dive into advanced multilayer anti-debugging techniques crafted in Python. Discover alarming malware using OCR to steal information from both Google Play and the Apple App Store. Uncover how legitimate remote management tools like ScreenConnect are being exploited by threat actors. Stay updated on critical vulnerabilities affecting Cisco’s Identity Services Engine and authentication issues in F5’s TLS client certificates. This discussion rounds out with insights on securing remote tools against unauthorized misuse.

Learn how scammers are exploiting com- prefix domains to launch convincing phishing attacks, targeting victims with toll fee scams. Microsoft updates pricing for Windows 10 Extended Security Updates, setting a fee for continued protection. Mozilla pushes for better internet security by enforcing certificate transparency measures. Additionally, discover serious vulnerabilities in Veeam's backup process and Netgear's WiFi routers, highlighting the need for rapid updates in cybersecurity.

Updates on data feeds highlight the introduction of the Rosti Feed, while concerns about reviving dead S3 buckets spark intriguing discussions. Let's Encrypt's move to stop sending expiration emails raises questions about certificate management. Meanwhile, new guidelines from CISA focus on fortifying edge devices like firewalls and VPN concentrators, emphasizing the need for vigilance in cybersecurity.

Discover how a YouTube spam scam tricks users into losing money on crypto wallet fees, while their private keys remain safe. Learn about critical patches from Mediatek addressing serious vulnerabilities in WLAN products. D-Link faces challenges with older routers that will no longer receive updates, leaving users with the need to upgrade. Finally, Microsoft announces the discontinuation of its VPN service, prompting discussions about online security practices.

Discover the intriguing world of automated cyber ranges and their creation processes. Learn how scammers are capitalizing on the Deepseek hype, leading to malware infections through deceptive sites. Delve into the newly archived status feature on PyPi, signaling the end of maintenance for certain projects. Finally, uncover concerns about a backdoor found in a medical monitoring device, raising alarms in cybersecurity for healthcare. Tune in for insights into modern threats and innovations!

Explore the alarming persistence of old vulnerabilities in Netgear routers, still a threat in 2025. Discover a risky remote code execution flaw in the AI platform Lightning AI that could be exploited with just a click. Delve into various vulnerabilities in Canon printers that could lead to significant security breaches. Lastly, learn about the exposure of the Deepseek ClickHouse database and why securing databases is more critical than ever.

The discussion kicks off with a deep dive into devious Python malware that cleverly mimics PDF documents to steal data. A critical Fortinet vulnerability is making rounds on Russian forums, raising alarms over timely patches. The vulnerabilities in the Voyager PHP framework reveal risks like arbitrary file uploads. Active exploitation of unpatched Zyxel devices highlights the ever-present threat landscape. Finally, a VMware patch tackles a serious SQL injection flaw, underscoring the necessity for quick updates in cybersecurity.