SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Tuesday, February 10th, 2026: Extracting URLs; Singal Phishing; Ivanti PoC; BeyondTrust RCE; Forticlient SQL Inection
8 snips
Feb 10, 2026 Quick techniques for extracting URLs hidden in RTF documents. Alerts about Signal-targeted phishing campaigns aimed at politicians, military, and journalists. Deep dives into pre-auth remote code execution flaws in Ivanti and BeyondTrust. Coverage of a critical FortiClient EMS SQL injection vulnerability and urgent patching advice.
AI Snips
Chapters
Transcript
Episode notes
Extract URLs From RTF Attachments
- Extract URLs from RTF files to uncover malicious links hidden in attachments quickly.
- Use document analysis tools as demonstrated in the SANS diary to find even malformed, effective URLs.
Ivanti URL-Based Command Injection
- Ivanti Endpoint Manager Mobile contains an OS command injection that can be triggered via crafted URL input.
- Public writeups make exploitation easy, so patching quickly is critical once details are published.
AI Finds BeyondTrust Pre-Auth RCE
- BeyondTrust Remote Support and PRA had a pre-auth RCE found and credited to AI Haktron as the discoverer.
- Johannes highlights that AI-assisted discovery is already producing impactful vulnerability findings.