SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Discover effective techniques for capturing packets using affordable tools like LAN taps. Learn about urgent security issues affecting Team City and why timely updates are crucial. Explore GitHub's new default push protection to safeguard sensitive data. The discussion also highlights vulnerabilities in Android and Linksys routers, providing essential tips for enhancing device security. Stay informed on these critical topics to better defend your digital environment!

Dive into the world of cybersecurity as vulnerabilities in older Confluence servers raise alarms. Discover the complexities of implementing content security policies, especially with Google Analytics. Uncover the emerging threat of 'silver SAML' attacks targeting SAML authentication, highlighting security risks in legacy systems. The discussion emphasizes the importance of careful configurations and the shift towards cloud solutions for better protection. It's a fascinating insight into the evolving landscape of cyber threats and defenses.

Explore the sneaky world of DarkGate, a modular malware enabling widespread infections. Discover critical vulnerabilities in Ivanti Connect Secure products that users must address. Learn about the rising threat of malicious GitHub repositories filled with infected code. Uncover security flaws found in budget doorbell cameras, posing risks to homeowners. Plus, dive into intriguing leap year bugs impacting major companies and hear about upcoming events at the Sands Technology Institute.

Recent password reset exploits have raised alarms, especially concerning Atlassian Confluence vulnerabilities. The healthcare sector faces increased ransomware threats, highlighting the urgent need for robust security measures. A new service has emerged to combat trademark abuses by blocking look-alike domains, a crucial step in protecting brand integrity. The conversation also delves into the evolving landscape of cybersecurity, addressing risks linked to multi-factor authentication and the dangers of phishing schemes.

The discussion dives into the implications of recent takedowns and their real-world impacts. A spotlight is on the Department of Justice's crackdown on a Russian-linked botnet targeting home routers. The ongoing threats in the cloud space are explored, hinting at vulnerabilities ripe for exploitation. Additionally, there's a chilling look at how data scientists are becoming targets of malicious machine learning models, concealed with silent backdoors. Stay informed about the evolving tactics of cyber adversaries!

Dive into the fascinating world of malware analysis using the Cowrie honeypot and VirusTotal for dynamic file scrutiny. Recent Wi-Fi authentication vulnerabilities in WPA2 and WPA3 raise significant security concerns, particularly for Linux systems. Moreover, discover the alarming rise of malicious spam tactics targeting trusted brand subdomains, highlighting the importance of vigilant domain security. Stay informed and prepared as cyber threats evolve!

Discover a breakthrough in tracking the MGLNDD scan string using advanced network analysis techniques. Learn about a new info-stealer malware that cleverly evades sandbox detection. The discussion dives into recent vulnerabilities in Salesforce's Apex code and highlights significant risks tied to the Linux kernel. Emphasis is placed on the urgent need for upgrades to address these security threats, ensuring cybersecurity measures are proactive and effective.

Explore the complex world of cybersecurity as researchers probe the grey areas of security practices. Discover how a massive AT&T network outage underscores the need for solid backup systems. Learn about the LockBit ransomware group exploiting ConnectWise's Screenconnect software. Plus, hear about the emerging SSH Snake vulnerability and the rising concerns it brings. Stay informed on current scanning activities and the importance of securing SSH keys to prevent system breaches.

Discover how phishing scams are using archive.org to host malicious pages with crafty HTML and JavaScript. Dive into a dangerous vulnerability in Screen Connect that’s actively being exploited. The conversation gets technical with a critique of current quantum encryption protocols in iMessage, raising concerns about rushing into new technologies. This discussion emphasizes the ever-present security threats and the need for robust protective measures in our digital interactions.

Discover the evolving tactics of malware developers who use evasion techniques to dodge detection while exploiting software vulnerabilities. Uncover the recently revealed weaknesses in ConnectWise's Screen Connect and VMware's authentication plugin. Dive into the alarming potential threats of wireless charging, including methods to defend against them. Lastly, explore a fascinating study on manipulating wireless chargers using voltage noise, opening up a new frontier in cybersecurity challenges.