SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Monday, January 5th, 2026: MongoBleed/React2Shell Recap; Crypto Scams; DNS Stats; Old Fortinet Vulns
6 snips
Jan 5, 2026 Scammers are on the prowl with cryptocurrency confidence scams, tricking victims into handing over their funds. React2Shell continues to infiltrate botnets, highlighting ongoing cybersecurity challenges. A deep dive into DNS performance reveals how T-Shark can help debug response times and improve system efficiency. Plus, over 10,000 Fortinet devices remain vulnerable due to outdated firmware, posing significant risks. Monthly patch checks and lifecycle awareness are crucial for device security as we enter 2026.
AI Snips
Chapters
Transcript
Episode notes
Classic Crypto Advanced-Fee Scam Example
- Johannes Ulrich recounts a cryptocurrency advanced-fee scam that promises victims over one bitcoin to lure them.
- Victims are asked to pay a withdrawal fee and then lose the funds when attempting to collect the fake deposit.
Use TShark To Debug DNS Latency
- Use TShark to measure DNS request-to-response times and identify slow resolvers.
- Break down timings by query type to find troublesome services like PTR reverse lookups and fix them.
Anycast Makes Public Resolvers Look Similar
- Co-located anycast instances can make multiple public recursive resolvers show nearly identical performance.
- Local misconfiguration or services (like NTP reverse lookups) often cause the real DNS slowdowns.