Podcast Episodes
Back to SearchSANS Stormcast Wednesday May 28th 2025: Securing authorized_keys; ADAuditPlus SQL Injection; Dero Miner vs Docker API
Episode 9468
SSH authorized_keys File
One of the most common techniques used by many bots is to add rogue keys to the authorized_keys file, implementing an SSH b…
10 months ago
SANS Stormcast Tuesday, May 27th 2025: SVG Steganography; Fortinet PoC; GitLab Duo Prompt Injection
Episode 9466
SVG Steganography
Steganography is not only limited to pixel-based images but can be used to embed messages into vector-based formats like SVG.
http…
10 months ago
SANS Stormcast Friday, May 23rd 2025: Backup Connectivity; Windows 2025 dMSA Abuse; Samlify Vulnerability
Episode 9464
Resilient Secure Backup Connectivity for SMB/Home Users
Establishing resilient access to a home network via a second ISP may lead to unintended bac…
10 months ago
SANS Stormcast Thursday, May 22nd 2025: Crypto Confidence Scams; Extension Mayhem for VS Code and Chrome
Episode 9462
New Variant of Crypto Confidence Scam
Scammers are offering login credentials for what appears to be high value crypto coin accounts. However, the g…
10 months ago
SANS Stormcast Wednesday, May 21st 2025: Researchers Scanning the Internet; Forgotten DNS Records; openpgp.js Vulneraiblity
Episode 9460
Researchers Scanning the Internet
A newish RFC, RFC 9511, suggests researchers identify themselves by adding strings to the traffic they send, or…
10 months, 1 week ago
SANS Stormcast Tuesday, May 20th 2025: AutoIT Code RAT; Fake Keepass Download; Procolored Printer Software Compromise
Episode 9458
RAT Dropped By Two Layers of AutoIT Code
Xavier explains how AutoIT was used to install a remote admin tool (RAT) and how to analyse such a tool
ht…
10 months, 1 week ago
SANS Stormcast Monday, May 18th 2025: xorsearch python functions; pwn2own Berlin; senior govt official impersonation; dynamic domain risk
Episode 9456
xorsearch.py: Python Functions
Didier s xorsearch tool now supports python functions to filter output
https://isc.sans.edu/diary/xorsearch.py%3A%20P…
10 months, 1 week ago
SANS Stormcast Friday, May 16th: Increase in Sonicwall Scans; RVTools Compromised?; RountPress
Episode 9454
Web Scanning SonicWall for CVE-2021-20016 - Update
Scans for SonicWall increased by an order of magnitude over the last couple of weeks. Many of th…
10 months, 1 week ago
SANS Stormcast Thursday, May 15th: Google Open Redirects; Adobe, Ivanti, and Samsung patches
Episode 9452
Another day, another phishing campaign abusing google.com open redirects
Google s links from it s maps page to hotel listings do suffer from an ope…
10 months, 1 week ago
SANS Stormcast Wednesday, May 14th: Microsoft Patch Tuesday; 0-Days patched for Ivanti Endpoint Manager and Fortinet Products
Episode 9450
Microsoft Patch Tuesday
Microsoft patched 70-78 vulnerabilities (depending on how you count them). Five of these vulnerabilities are already being e…
10 months, 2 weeks ago