Podcast Episodes
Back to SearchSANS Stormcast Wednesday, August 27th, 2025: Analyzing IDNs; Netscaler 0-Day Vuln; Git Vuln Exploited;
Episode 9588
Getting a Better Handle on International Domain Names and Punycode
International Domain names can be used for phishing and other attacks. One way to…
7 months ago
SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln
Episode 9586
Reading Location Position Value in Microsoft Word Documents
Jessy investigated how Word documents store the last visited document location in the re…
7 months ago
SANS Stormcast Monday, August 25th, 2025: IP Cleanup; Linux Desktop Attacks; Malicious Go SSH Brute Forcer; Onmicrosoft Domain Restrictions
Episode 9584
The end of an era: Properly formatted IP addresses in all of our data.
When initiall designing DShield, addresses were zero padded , an unfortunate…
7 months ago
SANS Stormcast Friday, August 22nd, 2025: The -n switch; Commvault Exploit; Docker Desktop Escape Vuln;
Episode 9582
Don't Forget The "-n" Command Line Switch
Disabling reverse DNS lookups for IP addresses is important not just for performance, but also for opsec. …
7 months ago
SANS Stormcast Thursday, August 21st, 2025: Airtel Scans; Apple Patch; Microsoft Copilot Audit Log Issue; Password Manager Clickjacking
Episode 9580
Airtel Router Scans and Mislabeled Usernames
A quick summary of some odd usernames that show up in our honeypot logs
https://isc.sans.edu/diary/Airt…
7 months ago
SANS Stormcast Wednesday, August 20th, 2025: Increased Elasticsearch Scans; MSFT Patch Issues
Episode 9578
Increased Elasticsearch Recognizance Scans
Our honeypots noted an increase in reconnaissance scans for Elasticsearch. In particular, the endpoint /_…
7 months, 1 week ago
SANS Stormcast Tuesday, August 19th, 2025: MFA Bombing; Cisco Firewall Management Vuln; F5 Access for Android Vuln;
Episode 9576
Keeping an Eye on MFA Bombing Attacks
Attackers will attempt to use authentication fatigue by bombing users with MFA authentication requests. Rob …
7 months, 1 week ago
SANS Stormcast Monday, August 18th, 2025: 5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln
Episode 9574
SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations
Researchers from the Singapore University of Technology and Design released …
7 months, 1 week ago
SANS Stormcast Friday, August 15th, 2025: Analysing Attack with AI; Proxyware via YouTube; Xerox FreeFlow Vuln; Evaluating Zero Trust @SANS_edu
Episode 9572
AI and Faster Attack Analysis
A few use cases for LLMs to speed up analysis
https://isc.sans.edu/diary/AI%20and%20Faster%20Attack%20Analysis%20%5BGu…
7 months, 1 week ago
SANS Stormcast Thursday, August 14th, 2025: Equation Editor; Kerberos Patch; XZ-Utils Backdoor; ForitSIEM/FortiWeb patches
Episode 9570
CVE-2017-11882 Will Never Die
The (very) old equation editor vulnerability is still being exploited, as this recent sample analyzed by Xavier shows.…
7 months, 1 week ago