SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

A recent compromise of an old .mobi whois server sheds light on the cybersecurity risks tied to forgotten domains. The podcast discusses Microsoft's new security innovations, including the implementation of post-quantum cryptography to safeguard Windows customers. Additionally, a critical update for GitLab is highlighted, addressing a severe remote code execution vulnerability. The necessity for vigilant data validation and management post-expiration is emphasized, showcasing the importance of proactive security measures in today's digital landscape.

The hosts dive into urgent cybersecurity vulnerabilities impacting Microsoft, highlighting risks of remote code execution. A critical issue in ColdFusion also gets attention. The importance of timely patching is stressed, especially with notable updates from Microsoft, Adobe, and Ivanti. Listeners are advised on best practices for vulnerability management, considering upcoming changes to the podcast schedule.

Explore critical cybersecurity vulnerabilities, including a high-risk flaw in Loadmaster with a CVSS score of 10. Urgent patches for HAProxy and SonicWall SSL VPN are highlighted. The discussion dives into Akira ransomware targeting specific accounts and a severe Kibana deserialization vulnerability. Additionally, it examines how Stately Taurus abuses Visual Studio Code for espionage, shedding light on the complexity of these attacks that exploit legitimate software features.

Discover the shocking energy consumption of password cracking using Hashcat and how a new Python plugin enhances Notepad++. Dive into the murky waters of fake LinkedIn job ads used by North Korea to distribute malware. Learn about a sneaky new Android malware that strips crypto wallet passphrases right from your device. Plus, be wary of a sneaky sextortion scam that leverages victims' spouses' names as bait, highlighting the critical need for vigilance in online security.

Discover how enriching log data from honeypots can unveil malicious activities. Learn about critical vulnerabilities in Veeam's service provider console and the urgent need for updates. Delve into major security flaws in the OF Biz CRM suite, including a dangerous unauthenticated remote code execution issue. Plus, find out about essential patches for Cisco’s Smart License Manager that highlight the importance of keeping software up-to-date. These discussions shed light on protecting against evolving cyber threats.

The talk dives into a recently identified vulnerability in the Moodle learning platform that has caught the attention of cybersecurity experts. Listeners learn about the alarming risks associated with the PyPi repository, where a technique has exposed around 22,000 packages. The discussion also highlights important updates regarding Android security patches and a new proof-of-concept exploit targeting MediaTek chipsets. It's a deep dive into current threats and protective measures in the digital landscape.

Discover how to protect OOXML text documents while navigating the world of sextortion scams that now include personal photos. Learn about newly uncovered vulnerabilities in D-Link routers and the potential risks of OS command injection. The conversation delves into critical issues like VMWare privilege escalation and a YubiKey sidechannel attack, emphasizing the importance of regular firmware updates to combat these emerging cybersecurity threats.

Discover the latest in Wireshark as new features simplify filtering, though risks remain with open-source collaboration. Learn about malicious GitHub comments that could spread malware and the chilling effects of Voldemort malware threatening organizations via tax authority impersonation. Dive into a critical Jenkins vulnerability that enables remote code execution, highlighting the urgent need for enhanced cybersecurity measures. Stay informed and prepared for the ever-evolving digital landscape!

Discover the intricate world of cybersecurity threats, from live patching DLLs with Python to the latest in BlackByte ransomware. Dive into phishing tactics targeting VPN users and the risks of exposed GenAI services. Learn about the challenges in spotting malicious activities amid legitimate admin actions and how understanding context is vital for effective threat detection. Plus, explore the importance of change control practices in crucial sectors like healthcare and the need for standardized tools to bolster security measures.

Explore innovative ways to analyze IP activity over time using Vega-Lite and Kibana. Discover the latest attack tool updates that disrupt Windows systems. Delve into the troubling connection between Iranian cyber actors and ransomware targeting US organizations. Learn about Confluence vulnerabilities exploited for crypto mining and the risks associated with hard-coded credentials in Fortra's products. Stay informed about the evolving cybersecurity landscape and the critical need for robust defenses.