SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Apple addresses 110 vulnerabilities with a comprehensive OS upgrade, raising questions about exploitability. Attackers leverage remote management tools to infiltrate trucking and logistics sectors, employing fake load postings as a phishing tactic. A critical vulnerability in Android allows remote code execution, underscoring the urgency to apply patches promptly. Insights on the financial repercussions of these cyber threats highlight the importance of controlling remote access in securing logistics operations.

Discover the latest threats in cybersecurity, including exploit attempts targeting XWiki SolrSearch, linking attackers to unusual references. Dive into the AMD Zen 5 RDSEED bug, where random number generation issues could pose security risks. Explore the alarming rise of malicious Open VSX extensions, particularly focusing on the SleepyDuck malware that targets crypto developers. Stay informed about these crucial topics that could impact digital security!

Beware of rising scans on TCP ports 8530 and 8531, as threat actors target WSUS vulnerabilities. The Australian Signals Directorate warns about the BADCANDY webshell implant exploiting unpatched Cisco IOS XE devices. Meanwhile, Open VSX is ramping up security measures after a troubling incident, introducing improvements like shorter token lifetimes and easier revocation processes. Stay updated and secure in the ever-evolving landscape of cyber threats!

Explore the intriguing world of bug bounty programs, where new HTTP headers are making waves for identifying researchers. Proton has launched a breach observatory to uncover unreported data breaches, raising questions about transparency. Discover best practices for hardening Microsoft Exchange Server, implemented in collaboration with national cyber security agencies. Finally, learn about a critical vulnerability in the MOVEit file transfer program, prompting immediate action for users. Tune in for essential insights in cyber security!

Discover the challenges of collecting memory-only filesystems on Linux and a shell-script method to tackle them. Learn about a recent Azure Front Door outage that disrupted authentication for many users. Plus, there's a critical vulnerability in docker-compose that could lead to unauthorized file creation, urging immediate patch application. Tune in for insights and updates on these vital cybersecurity topics!

Invisible characters in email subjects are now weaponized in phishing attacks, tricking users and evading filters. A critical flaw in Apache Tomcat’s PUT method could lead to remote code execution through unauthorized file uploads. Plus, there's a newly available proof of concept for a BIND9 DNS spoofing vulnerability, highlighting trust issues with additional records. The discussion also touches on OpenVPN’s risk with unsanitized parameters that can allow command injection. Stay informed on these pressing security threats!

Explore the intriguing world of DNS as different characters are examined for transmission in hostnames. Unifi addresses a critical vulnerability in its Access product, posing a 10.0 risk. Discover the dangers of AI-enabled browsers, which increase security threats through unstructured data. A demonstration reveals how prompts can be injected into OpenAI's Atlas browser, risking data leakage. Dive into these compelling topics that highlight the evolving landscape of cybersecurity.

This discussion highlights a troubling trend of bilingual phishing attempts targeting cloud credentials, revealing how language can impact phishing success. There's also a spotlight on the newly available Kaitai Struct WebIDE, a browser-based tool for binary analysis. Additionally, Microsoft has issued an emergency patch for WSUS to address a critical vulnerability currently under exploitation. The conversation wraps up with concerns over outdated vulnerabilities in network security devices, which remain attractive targets for attackers.

A crafty infostealer is targeting Android devices, using Python and Termux to siphon off data via Telegram. The SessionReaper exploit has emerged just weeks after an Adobe patch, highlighting the urgency for e-commerce platforms. Meanwhile, a significant flaw in BIND and Unbound could open doors for DNS spoofing due to weak random number generation. Lastly, a new proof-of-concept for a WSUS vulnerability has been revealed, stressing the need for immediate security updates.

Discover the latest exploits targeting Blue Angel Software, with intriguing honeypot detections suggesting a connection to CVE-2025-34033. Oracle's recent critical patch update tackles an impressive 374 vulnerabilities, focusing on significant flaws in their e-Business Suite. Plus, explore the Rust TAR library's vulnerabilities, revealing potential risks from unmaintained packages and the challenge of managing security disclosures. Tune in for expert insights on these pressing cyber threats!