We're sunsetting PodQuest on 2025-07-28. Thank you for your support!

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

A brief daily summary of what is important in information security. The podcast is published every w

Episodes

Total: 2247

SANS Stormcast Monday March 17th: Mirai Makes Mistakes; Compromised Github Action; ruby-saml vulnerability; Fake GitHub Security Alert Phishing

2025/3/17

Mirai Bot Now Incorporating Malformed DrayTek Vigor Router Exploits One of the many versions of th

SANS Stormcast: File Hashes in MSFT BI; Apache Camel Vuln; Juniper Fixes Exploited Vuln; AMI Patches 10.0 Redfish BMC Vuln

2025/3/14

File Hashes Analysis with Power BI Guy explains in this diary how to analyze Cowrie honeypot file

SANS Stormcast Thursday Mar 13th: Exploiting Login Pages with Log4j; Patch Tuesday Fallout; Adobe Patches; Medusa Ransomware; Zoom and Font Library Updates;

2025/3/13

Log4J Scans for VMWare Hyhbrid Cloud Extensions An attacker is scanning various login pages, inclu

SANS Stormcast Wednesday Mar 12th: Microsoft Patch Tuesday; Apple Patch; Espressif ESP32 Statement

2025/3/12

Microsoft Patch Tuesday Microsoft Patched six already exploited vulnerabilities today. In addition

SANS Stormcast Tuesday Mar 11th: Shellcode as UUIDs; Moxe Switch Vuln Updates; Opentext Vuln; Livewire Volt Vuln;

2025/3/11

Shellcode Encoded in UUIDs Attackers are using UUIDs to encode Shellcode. The 128 Bit (or 16 Bytes

SANS Stormcast: Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution

2025/3/10

Commonly Probed Webshell URLs Many attackers deploy web shells to gain a foothold on vulnerable we

SANS Stormcast Friday Mar 7th: Chrome vs Extensions; Kibana Update; PrePw0n3d Android TV Sticks; Identifying APTs (@sans_edu, Eric LeBlanc)

2025/3/7

Latest Google Chrome Update Encourages UBlock Origin Removal The latest update to Google Chrome no

SANS Stormcast Thursday Mar 6th: DShield ELK Analysis; Jailbreaking AMD CPUs; VIM Vulnerability; Snail Mail Ransomware

2025/3/6

DShield Traffic Analysis using ELK The "DShield SIEM" includes an ELK dashboard as part of the Hon

SANS Stormcast Wednesday Mar 5th: SMTP Credential Hunt; mac-robber.py update; ADSelfService Plus Account Takeover; Android Patch Day; PayPal Scams; VMWare Escape Fix

2025/3/5

Romanian Distillery Scanning for SMTP Credentials A particular attacker expanded the scope of thei

SANS Stormcast Tuesday Mar 4th: Mark of the Web Details; Sharepint and Click-Fix Phishing; Paragon Partionmanager BYOVD Exploit

2025/3/4

Mark of the Web: Some Technical Details Windows implements the "Mark of the Web" (MotW) as an alte

SANS Stormcast Monday Mar 3rd: AI Training Data Leaks; MITRE Caldera Vuln; modsecurity bypass

2025/3/3

Common Crawl includes Common Leaks The "Common Crawl" dataset, a large dataset created by spiderin

SANS Stormcast Friday Feb 28th: Njrat devtunnels.ms; Apple FindMe Abuse; XSS Exploited; @sans_edu Ben Powell EDR vs. Ransomware

2025/2/28

Njrat Compaign Using Microsoft dev Tunnels: A recent version of the Njrat remote admin tool is tak

SANS Stormcast Thursday Feb 27th: High Exfil Ports; Malicious VS Code Theme; Developer Workstation Safety; NAKIVO PoC; OpenH264 and rsync vuln;

2025/2/27

Attacker of of Ephemeral Ports Attackers often use ephermeral ports to reach out to download addit

SANS Stormcast Wednesday Feb 26th: M365 Infostealer Botnet; Mixing OpenID Keys; Malicious Medical Image Apps

2025/2/26

Massive Botnet Targets M365 with Password Spraying A large botnet is targeting service accounts in

SANS Stormcast Tuesday Feb 25th: Unfurl Updates; Google Ditches SMS; Paypal Phish; Exim, libXML, Parallels Vuln

2025/2/25

Unfurl Update Released Unfurl released an Update fixing a few bugs and adding support to decode Bl

SANS Stormcast Monday Feb 24th: sigs.py update; Google Introdusing Quantum Safe Sigs; MSFT Update Win 11 issues; LTE/5G Vulns;

2025/2/24

Tool Update: Sigs.py Jim updates sigs.py. The tool verifies hashes for files and automatically rec

SANS Stormcast Friday Feb 21st: Kibana Queries; Mongoose Injection; U-Boot Flaws; Unifi Protect Camera Vulnerabilities; Protecting Network Devices as Endpoint (Austin Clark @sans_edu)

2025/2/21

Using ES|QL In Kibana to Query DShield Honeypot Logs Using the "Elastic Search Piped Query Languag

SANS Stormcast Wednesday Feb 20th: XWorm Cocktail; Quantum Computing Breakthrough; Signal Phishing

2025/2/20

XWorm Cocktail: A Mix of PE data with PowerShell Code Quick analysis of an interesting XWrom sampl

SANS Stormcast Tuesday Feb 19th: ModelScan AI Model Security; OpenSSH Vuln; Juniper Patches; Dell BIOS Vulnerability

2025/2/19

ModelScan: Protection Against Model Serialization Attacks ModelScan is a tool to inspect AI models

SANS Stormcast: Securing the Edge; PostgreSQL Exploit; Ivanti Exploit; WinZip Vulnerablity; Xerox Patch

2025/2/18

My Very Personal Guidance and Strategies to Protect Network Edge Devices A quick summary to help y