Podcast Episodes
Back to SearchSANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report
Episode 9688
Updates to Domainname API
Some updates to our domainname API will make it more flexible and make it easier and faster to get the complete dataset.
h…
4 months, 3 weeks ago
SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches
Episode 9686
Apple Patches Everything, Again
Apple released a minor OS upgrade across its lineup, fixing a number of security vulnerabilities.
https://isc.sans.e…
4 months, 3 weeks ago
SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensions
Episode 9684
XWiki SolrSearch Exploit Attempts CVE-2025-24893
We have detected a number of exploit attempts against XWiki taking advantage of a vulnerability tha…
4 months, 3 weeks ago
SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements
Episode 9682
Scans for WSUS: Port 8530/8531 TCP, CVE-2025-59287
We did observe an increase in scans for TCP ports 8530 and 8531. These ports are associated with …
4 months, 3 weeks ago
SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability
Episode 9680
X-Request-Purpose: Identifying "research" and bug bounty related scans?
Our honeypots captured a few requests with bug bounty specific headers. Thes…
4 months, 3 weeks ago
SANS Stormcast Thursday, October 30th, 2025: Memory Only Filesystems Forensics; Azure Outage; docker-compose patch
Episode 9678
How to Collect Memory-Only Filesystems on Linux Systems
Getting forensically sound copies of memory-only file systems on Linux can be tricky, as too…
4 months, 3 weeks ago
SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC
Episode 9676
Phishing with Invisible Characters in the Subject Line
Phishing emails use invisible UTF-8 encoded characters to break up keywords used to detect ph…
4 months, 3 weeks ago
SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection
Episode 9674
Bytes over DNS
Didiear investigated which bytes may be transmitted as part of a hostname in DNS packets, depending on the client resolver and recurs…
4 months, 3 weeks ago
SANS Stormcast Monday, October 27th, 2025: Bilingual Phishing; Kaitai Struct WebIDE
Episode 9672
Bilingual Phishing for Cloud Credentials
Guy observed identical phishing messages in French and English attempting to phish cloud credentials
https:…
5 months ago
SANS Stormcast Friday, October 24th, 2025: Android Infostealer; SessionReaper Exploited; BIND/unbound DNS Spoofing fix; WSUS Exploit
Episode 9670
Infostealer Targeting Android Devices
This infostealer, written in Python, specifically targets Android phones. It takes advantage of Termux to gain…
5 months ago