Podcast Episodes
Back to SearchSANS Stormcast Friday, June 27th, 2025: Open-VSX Flaw; Airoha Bluetooth Vulnerablity; Critical Cisco Identity Service Engine Vuln;
Episode 9508
Open-VSX Flaw Puts Developers at Risk
A flaw in the open-vsx extension marketplace could have let to the compromise of any extension offered by the …
9 months ago
SANS Stormcast Thursday, June 26th, 2025: Another Netscaler Vuln; CentOS Web Panel Vuln; IP Based Certs
Episode 9506
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543
Citrix patched a memory overflow vulnerability leading to unintended control…
9 months ago
SANS Stormcast Tuesday, June 24th, 2025: Telnet/SSH Scan Evolution; Fake Sonicwall Software; File-Fix vs Click-Fix
Episode 9504
Quick Password Brute Forcing Evolution Statistics
After collecting usernames and passwords from our ssh and telnet honeypots for about a decade, I t…
9 months ago
SANS Stormcast Tuesday, June 24th, 2025: Ichano ATHome IP Camera Scans; Netscaler Vulnerability; WinRar Vulnerability
Episode 9502
Scans for Ichano AtHome IP Cameras
A couple days ago, a few sources started scanning for the username super_yg and the password 123. This is associa…
9 months ago
SANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials
Episode 9500
ADS & Python Tools
Didier explains how to use his tools cut-bytes.py and filescanner to extract information from alternate data streams.
https://isc…
9 months ago
SANS Stormcast Friday, June 20th, 2025: New Employee Phishing; Malicious Tech Support Links; Social Engineering App Sepecific Passwords
Episode 9498
How Long Until the Phishing Starts? About Two Weeks
After setting up a Google Workspace and adding a new user, it took only two weeks for the new em…
9 months, 1 week ago
SANS Stormcast Monday, June 16th, 2025: Extracing Data from JPEG; Windows Recall Export; Anubis Wiper; Mitel Vuln and PoC
Episode 9496
Extracting Data From JPEGs
Didier shows how to efficiently extract data from JPEGs using his tool jpegdump.py
https://isc.sans.edu/diary/A%20JPEG%20…
9 months, 1 week ago
SANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil
Episode 9494
Katz Stealer in JPG
Xavier found some multistage malware that uses an Excel Spreadsheet and an HTA file to load an image that includes embeded a cop…
9 months, 1 week ago
SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln;
Episode 9492
Automated Tools to Assist with DShield Honeypot Investigations
https://isc.sans.edu/diary/Automated%20Tools%20to%20Assist%20with%20DShield%20Honeypo…
9 months, 2 weeks ago
SANS Stormcast Thursday, June 12th, 2025: Quasar RAT; Windows 11 24H2 Delay; SMB Client Vuln PoC; Connectwise Signing Keys; KDE Telnet code exec
Episode 9490
Quasar RAT Delivered Through Bat Files
Xavier is walking you through a quick reverse analysis of a script that will injection code extracted from a …
9 months, 2 weeks ago