Powered by RND
PodcastsNewsSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Listen to SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) in the App
Listen to SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) in the App
(3,738)(249,730)
Save favourites
Alarm
Sleep timer

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Podcast SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brie...

Available Episodes

5 of 2132
  • SANS Stormcast Feb 13th 2025: Smart City Threats; Advanced Social Engineering Attacks; Wazuh Vulnerability; PAM Vulnerability; Ivanti Patches
    An Ontology for Threats: Cybercrime and Digital Forensic Investigation on Smart City Infrastructure Smart cities is a big topic for many local governments. With building these complex systems, attacks will follow. https://isc.sans.edu/diary/An%20ontology%20for%20threats%2C%20cybercrime%20and%20digital%20forensic%20investigation%20on%20Smart%20City%20Infrastructure/31676 North Korean state actor tricking admins into executing PowerShell North Korean state actors are spending quite a bit of effort setting up relationships with South Korean system administrators, culminating in them getting tricked into executing malicious PowerShell scripts. https://x.com/MsftSecIntel/status/1889407814604296490 Wazuh Vulnerability A deserialization vulnerability in Wazuh may lead to an unauthenticated remote code execution vulnerability https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh PAM PKCS11 Vulnerablity Several vulnerabilities in the Linux PAM module processing smart card authentication can be used to bypass authentication https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13 Ivanti Patches Ivanti released its monhtly update, fixing a number of critical vulnerabilities in Connect Secure and other prodcuts https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
    --------  
    5:58
  • SANS Stormcast Feb 12th 2025: MSFT Patch Tuesday; Adobe Patches; FortiNet Acknowledges Exploitation of FortiOS
    Microsoft Patch Tuesday Microsoft released patches for 55 vulnerabilities. Three of them are actagorized as critical, two are already exploited and another two have been publicly disclosed. The LDAP server vulnerability could become a huge deal, but it is not clear if an exploit will appear. https://isc.sans.edu/diary/Microsoft%20February%202025%20Patch%20Tuesday/31674 Adobe Patches Adobe released patches for seven products. Watch out in particular for the Adobe Commerce issues https://helpx.adobe.com/security/security-bulletin.html Fortinet Acknowledges Exploitation of Vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-24-535
    --------  
    5:53
  • SANS Stormcast Feb 11th 2025: 7zip and MoW; Apple 0-Day Fix; AMD Microcode Overwrite; Trimble CityWorks 0-Day; MageCart Update
    Reminder: 7-Zip MoW The MoW must be added to any files extracted from ZIP or other compound file formats. 7-Zip does not do so by default unless you alter the default configuration. https://isc.sans.edu/diary/Reminder%3A%207-Zip%20%26%20MoW/31668 Apple Fixes 0-Day Apple released updates to iOS and iPadOS fixing a bypass for USB Restricted Mode. The vulnerability is already being exploited. https://support.apple.com/en-us/122174 AMD ZEN CPU Microcode Update An attacker is able to replace microcode on some AMD CPUs. This may alter how the CPUs function and Google released a PoC showing how it can be used to manipulate the random number generator. https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w Trimble Cityworks Exploited CISA added a recent Trimble Cityworks vulnerabliity to its list of exploited vulnerabilities. https://learn.assetlifecycle.trimble.com/i/1532182-cityworks-customer-communication-2025-02-06-docx/0? Google Tag Manager Skimmer Steals Credit Card Info Sucuri released a blog post with updates to the mage cart campaign. The latest version is injecting malicious code as part of the google tag manager / analytics code. https://blog.sucuri.net/2025/02/google-tag-manager-skimmer-steals-credit-card-info-from-magento-site.html
    --------  
    7:15
  • SANS Internet Stormcast Feb 10th 2025: Podcast Anniversary; SSL 2.0; Exposed Deepseek Installs; Crypto Scam costs
    SSL 2.0 Turns 30 This Sunday SSL was created in February 1995. However, back in 2005, only a year later, SSL 3.0 was released, and as of 2011, SSL 2.0 was deprecated, and support was removed from many crypto libraries. However, over 400k hosts are still exposed via SSL 2.0. https://isc.sans.edu/diary/SSL%202.0%20turns%2030%20this%20Sunday...%20Perhaps%20the%20time%20has%20come%20to%20let%20it%20die%3F/31664 Deepseek News Many articles cover various security shortcomings in the Chinese Deepseek AI model. Remember that some of these issues are not unique to Deepseek. https://www.upguard.com/blog/deepseek-adoption https://www.reversinglabs.com/blog/rl-identifies-malware-ml-model-hosted-on-hugging-face https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak https://www.nowsecure.com/blog/2025/02/06/nowsecure-uncovers-multiple-security-and-privacy-flaws-in-deepseek-ios-mobile-app/ Crypto Wallet Scam Not For Free Didier looked closer at the recent dual signature crypto scams. These wallets are not free; attackers must spend money to set them up. https://isc.sans.edu/diary/Crypto+Wallet+Scam+Not+For+Free/31666
    --------  
    6:52
  • SANS Internet Stormcast Feb 7th 2025: Unbreakable Anti-Debugging;
    The Unbreakable Multi-Layer Anti-Debugging System Xavier found a nice Python script that included what it calls the "Unbreakable Multi-Layer Anti-Debugging System". Leave it up to Xavier to tear it appart for you. https://isc.sans.edu/diary/The%20Unbreakable%20Multi-Layer%20Anti-Debugging%20System/31658 Take my money: OCR crypto stealers in Google Play and App Store Malware using OCR on screen shots was available not just via Google Play, but also the Apple App Store. https://securelist.com/sparkcat-stealer-in-app-store-and-google-play-2/115385/ Threat Actors Still Leveraging Legit RMM Tool ScreenConnect Unsurprisingly, threat actors still like to use legit remote admin tools, like ScreenConnect, as a command and control channel. Silent Push outlines the latest trends and IoCs they found https://www.silentpush.com/blog/screenconnect/ Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities Java deserializing strikes again to allow arbitrary code execution. Cisco fixed this vulnerability and a authorization bypass issue in its Identity Services Engine https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF F5 Update F5 fixes an interesting authentication bypass problem affecting TLS client certificates https://my.f5.com/manage/s/article/K000149173
    --------  
    6:22

More News podcasts

About SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Podcast website

Listen to SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast), The Bridge with Peter Mansbridge and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features
Social
v7.7.0 | © 2007-2025 radio.de GmbH
Generated: 2/13/2025 - 1:37:14 PM