SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

The discussion highlights a sharp rise in attacks targeting older Hikvision cameras, primarily due to weak passwords. A critical Cisco vulnerability has been patched but is already being exploited, requiring admin rights for access. SonicWall introduces a necessary firmware update to combat a persistent rootkit in its devices. Meanwhile, Microsoft steps in with an extension of free support for Windows 10, ensuring users in the US and Europe remain secure without extra costs. Cybersecurity news just keeps getting more intense!

An intern analyzes a peculiar DoS attack aimed more at distraction than disruption. GitHub unveils measures to secure the npm supply chain after recent package hijacks, emphasizing MFA and trusted publishing. SolarWinds deals with vulnerabilities in their Web Help Desk, revealing a serious remote code execution flaw. Meanwhile, Supermicro addresses critical issues in their BMC firmware, patching risks that could allow rogue firmware uploads. Tune in for insightful commentary on these pressing cybersecurity matters!

CISA reports sightings of backdoors installed through patched Ivanti EPMM vulnerabilities, raising concerns about security. LastPass warns of fake GitHub repositories impersonating companies to spread Mac malware. Additionally, ransomware exploiting exposed Oracle Database Scheduler services has been uncovered, showcasing the ever-evolving threats in cybersecurity. Stay informed to protect your systems!

Unusual HTTP requests are causing a stir in honeypots, raising questions among cybersecurity experts. A critical deserialization vulnerability has been discovered in Fortra's GoAnywhere MFT, posing serious risks. Meanwhile, a new tool called EDR Freeze is enabling users to suspend endpoint detection and response processes, allowing for unique security strategies. Stay informed with insights on these pressing topics in the ever-evolving world of cybersecurity!

Delve into the intriguing world of cybersecurity with a spotlight on file uploads in a Dshield honeypot. Discover the shocking breach of SonicWall accounts through brute force attacks and the ensuing data concerns. Learn about the biases found in code produced by the Chinese AI engine DeepSeek, highlighting how political affiliations can influence software quality. Plus, get the lowdown on a recently exploited Chrome 0-day vulnerability, now patched for your safety. Tune in for insights into these pressing security matters!

Discover the clever CTRL-Z DLL hooking technique that malware uses to dodge analysis by overwriting breakpoints. Learn about a serious vulnerability in Entra ID allowing global admin access and hear about the critical patches released by Microsoft. There's also a discussion on WatchGuard's out-of-bounds write flaw and NVIDIA's fixes for vulnerabilities in its Triton Inference Server. Tune in for the latest updates in cyber security!

Discover the urgent need for phishing-resistant authentication amid rising cyber threats. Recent attacks on npm accounts showcase how dangerous phishing emails can be. Additionally, a new wave of malware is targeting npm-related GitHub repositories, spreading through worm-like behavior. Explore shocking exploits in ChatGPT's calendar integration that could compromise personal email security. Stay informed about these critical cybersecurity issues to better protect yourself online!

Major updates from Apple address 33 vulnerabilities in their operating systems, improving security while adding new features. A reminder of the upcoming end of support for Windows 10 and older Exchange versions is issued. Developers in the Rust community are facing fresh phishing attacks, echoing previous compromises. Meanwhile, Samsung patches a significant 0-day vulnerability in its flagship phones, enhancing user safety. Stay updated on all these crucial tech developments!

Archive files are becoming prime targets as attackers search for vulnerabilities. The FBI warns of social engineering threats aimed at Salesforce, with no new vulnerabilities but significant risks. A new campaign named 'White Cobra' showcases malicious cursor extensions that threaten users. The episode dives into the financial consequences of these cyber threats and emphasizes the importance of securing misconfigured backups.

Discover the latest updates on the DShield SIEM tool, which visually tracks honeypot activity. Hear about the alarming rise in compromised SonicWall devices, as flagged by Australia's Signals Directorate. Delve into the privacy concerns surrounding website keystroke logging, revealing that many sites capture more than just form data. This episode emphasizes the critical need for user awareness and robust incident response strategies in today's cybersecurity landscape.