SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Microsoft faces a significant security challenge with 113 vulnerabilities patched, including critically exploited issues. Adobe also updates ColdFusion and Acrobat Reader, addressing serious code execution risks. Fortinet's patches tackle a dangerous buffer overflow and SSRF issues. The podcast dives into the ConsentFix attack, highlighting a crafty method where attackers manipulate OAuth consent using fake CAPTCHAs. The discussion emphasizes user awareness in combating such credential theft tactics.

A recent supply chain attack targeted n8n users with malicious npm packages aimed at stealing OAuth credentials. The podcast highlights that the fault lies with the NPM ecosystem, not n8n itself. Additionally, listeners learn about a critical flaw in Gogs, allowing attackers to exploit symlink paths. Lastly, concerns over Telegram proxy links are discussed, revealing how they can deanonymize users before Telegram issues a warning to mitigate this risk.

Explore how malware can manipulate a Windows process environment block, hiding critical metadata. Learn about the new YARA-X version that warns against invalid hash matches. Discover the latest VLC update which addresses multiple vulnerabilities, along with the potential risks of exploitation. Finally, hear about crucial patches for the Apache NimBLE Bluetooth stack that enhance security in IoT devices, fixing serious flaws like pairing takeover. Dive into essential insights for cyber security enthusiasts!

Discover the power of Gephi for visualizing honeypot data and revealing botnet connections. Unpack a classic buffer overflow vulnerability in zlib's untgz utility, leading to potential exploits. Dive into multiple GnuPG vulnerabilities unveiled, including serious risks like signature forgery. Learn how a Cloudflare DNS change rebooted Cisco switches and the implications for network stability. Tune in for insights on mitigating these issues and the future of cybersecurity!

Phishing schemes are getting crafty with QR codes embedded in HTML tables to dodge filters. Attention turns to serious vulnerabilities in n8n software, urging updates for users. The discussion highlights the concerning trend of power banks packed with unnecessary features, heightening security risks. Amidst tech tales, a production hiccup offers a fun chance for listeners to win stickers by reporting bugs. Tune in for valuable insights and cybersecurity tips!

Discover the powerful Tailsnitch tool that audits Tailscale configurations and offers automatic fixes. Learn about a critical command injection vulnerability in outdated D-Link DSL modems that's currently being exploited. Find out how TOTOLINK firmware issues could lead to unauthorized access via an unprotected telnet server after failed updates. The show dives into the importance of replacing old devices and offers risk mitigation strategies to keep your network secure.

The podcast dives into the security risks posed by cheap IP KVM devices, highlighting their vulnerability when exposed to the internet. A new auditing tool, Tailsnitch, is introduced to help users review their Tailscale configurations for security flaws. The discussion also uncovers a critical vulnerability in Net-SNMP's snmptrapd, which could allow remote code execution, risking network monitoring systems. Essential tips for hardening these devices are shared, making the episode a must-listen for cybersecurity enthusiasts!

Scammers are on the prowl with cryptocurrency confidence scams, tricking victims into handing over their funds. React2Shell continues to infiltrate botnets, highlighting ongoing cybersecurity challenges. A deep dive into DNS performance reveals how T-Shark can help debug response times and improve system efficiency. Plus, over 10,000 Fortinet devices remain vulnerable due to outdated firmware, posing significant risks. Monthly patch checks and lifecycle awareness are crucial for device security as we enter 2026.

A critical vulnerability in MongoDB has left sensitive memory exposed and is currently being exploited. This flaw resembles the infamous Heartbleed, leaking random process data, including secrets and keys. With a patch announced just before Christmas, many systems remain at risk, especially those embedded in other products. Experts recommend not exposing MongoDB online and emphasize the need for immediate action if a compromise is suspected. Tune in for insights on securing your databases and understanding the implications of this new threat.

Explore the abuse of Thread Local Storage (TLS) callbacks in DLLs and how they can execute overlooked pre-main code. Discover a critical vulnerability in FreeBSD, allowing remote code execution through crafted IPv6 router advertisements. Learn about the NIST Boulder time server outage caused by a power failure, disrupting accurate time references for internet services. The discussion also addresses mitigation strategies and the importance of syncing with multiple NTP sources for reliability.