SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Delve into the world of cybersecurity with discussions on a Python script targeting Exodus wallets, swiftly stealing crypto without saving data. Hear about the exploitation of vulnerabilities in SimpleHelp software, raising alarm for initial network breaches. Explore new side-channel attacks affecting Apple Silicon processors, enabling unauthorized access to sensitive data. The podcast also highlights privilege escalation vulnerabilities in TeamViewer and examines the strange misuse of QR codes in cyber threats.

Discover how cybercriminals are using the 'shy' HTML entity to bypass phishing filters in a cunning new tactic. Apple has rolled out vital patches that address a 0-day vulnerability, bolstering user security. Learn about a serious vulnerability in Fortinet's systems that could be exploited. Plus, hear the latest updates on vulnerabilities in GitHub Desktop and Apache Solr, ensuring you're informed about necessary patches and security measures in the ever-evolving landscape of cybersecurity.

Cybercriminals are using access brokers to maintain a persistent grip on compromised networks, raising significant security concerns. A critical vulnerability in Meta's Llama Stack highlights the need for robust mitigation strategies. The discussion also covers how to defend against ESXi ransomware and the importance of SSH tunneling. Additionally, a flaw in Subaru's Starlink system puts vehicles at risk of remote hacking, prompting urgent resolution measures. Tune in for insights on these pressing cybersecurity issues!

In this discussion, Anthony Russo, U.S. team lead for security operations at Atlassian, shares insights on using AI for SOAR platforms. He highlights recent XSS attacks targeting webmail and the essential patches from SonicWall and Cisco to address critical vulnerabilities. Russo also delves into the integration of AI in automating security operations and the potential of large language models like ChatGPT in enhancing cybersecurity. However, he stresses the importance of understanding AI limitations and ensuring effective automation.

Discover the intricacies of the PFSync protocol, crucial for synchronizing firewall states during failover scenarios. Delve into Oracle's latest critical patch release that targets multiple vulnerabilities. Uncover a sophisticated supply chain attack on a Korean VPN service, revealing significant security implications. Explore the challenges of VPN configuration and the urgent need for enhanced security measures regarding Ivanti. Stay informed with effective strategies to protect critical infrastructure from emerging threats.

Explore the unsettling geolocation risks for Starlink users, revealing how satellite internet could expose sensitive data. Learn about Cloudflare's role in potentially deanonymizing individuals by tracking cached content. Delve into alarming incidents where AI assistants leak confidential customer information due to careless prompts. Finally, discover the rising threat of phishing attacks targeting Mac users, underscoring the urgent need for better data protection and user training.

Explore the cunning tactics behind partial ZIP file downloads that help attackers sneak past security checks. Learn about the Ukrainian CERT's urgent advice on thwarting threats linked to AnyDesk remote access. Delve into the risky SSRF vulnerabilities discovered within Azure DevOps, revealing how they can be exploited by cybercriminals. This discussion highlights the importance of maintaining awareness against social engineering and unauthorized access in today's digital landscape.

Explore the intriguing world of honeypots and how they can extend the life of offensive security operations. Discover three critical vulnerabilities in SimpleHelp that urgently need patching to avert exploitation. Dive into the alarming findings about a new flaw that allows UEFI Secure Boot bypass, potentially putting countless systems at risk. Stay ahead of the curve in cybersecurity by understanding these pressing issues.

Rich Green, a SANS.edu graduate student and senior solutions engineer, dives into the transformative world of passkeys, highlighting their potential to enhance security beyond traditional passwords. He shares insights from his research on the cryptographic methods underlying passkeys and the challenges of implementing them in legacy systems. The discussion also addresses the latest issues with Citrix's Session Recording Agent and Ivanti's security advisories, offering a glimpse into the evolving landscape of cybersecurity.

A long-neglected vulnerability in Netgear routers is back in the spotlight, with attackers exploiting it to deploy crypto miners. There's a critical flaw in Google's OAuth that threatens sensitive data through defunct domains. Rsync also faces urgent security issues that require immediate patching. Meanwhile, Fortinet's advisory nudges the importance of updating firmware to secure defenses. Explore these pressing concerns and fortify your cybersecurity today!