Podcast Episodes
Back to SearchSANS Stormcast Friday, January 30th, 2026: Residential Proxy Networks; Clowdbot/Moltbot Themed Malware; eScan Malicious Updates
Episode 9788
No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network
Google dismantled the IPIDEA network that used residential prox…
1 month, 3 weeks ago
SANS Stormcast Thursday, January 29th, 2026: WebLogic AI Slop; Fortinet Patches; WebLogic AI Slop; Fortinet Patches
Episode 9786
Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop?
We are seeing attempts to attack CVE-2026-21962, a recent weblog vulnerabi…
1 month, 3 weeks ago
SANS Stormcast Wednesday, January 28th, 2026: Romance Scams; DoS Vuln in React Server Components; OpenSSL Patch; Kubernetes Priv Confusion
Episode 9784
Initial Stages of Romance Scams [Guest Diary]
Romance scams often start with random text messages that appear to be misrouted . This guest diary by…
1 month, 3 weeks ago
SANS Stormcast Tuesday, January 27th, 2026: PWD scanning; MSFT Office OOB Patch; Exposed Clawdbot
Episode 9782
Scanning Webserver with pwd as a Starting Path
Attackers are adding the output of the pwd command to their web scans.
https://isc.sans.edu/diary/x…
2 months ago
SANS Stormcast Monday, January 26th, 2026: FortiOS SSO Vuln Updates; Outlook OOB Update; VMware vCenter Exploited
Episode 9780
Analysis of Single Sign-On Abuse on FortiOS
Fortinet released an advisory. FortiOS devices are vulnerable if configured with any SAML integration, n…
2 months ago
SANS Stormcast Friday, January 23rd, 2026: Scanning AI Code; FortiGate Update; ISC BIND DoS; Trivial SmaterMail Vulnerability
Episode 9778
Is AI-Generated Code Secure?
Xavier used the free static code analysis tool Bandit to review code he wrote with heavy AI support.
https://isc.sans.e…
2 months ago
SANS Stormcast Thursday, January 22nd, 2026: Visual Studio Code Scripts; Cisco Unified Comm and Zoom Vuln; Insufficient Fortinet Patch; SANS SOC Survey
Episode 9776
Automatic Script Execution In Visual Studio Code
Visual Studio Code will read configuration files within the source code that may lead to code execu…
2 months ago
SANS Stormcast Wednesday, January 21st, 2026: Punycode Hunting; telnetd vuln; 6 day Certs and IP Certs; Oracle Patches
Episode 9774
Add Punycode to your Threat Hunting Routine
Punycode patterns in DNS queries make excellent hunting opportunities.
https://isc.sans.edu/diary/Add%20…
2 months ago
SANS Stormcast Tuesday, January 20th, 2026: Scans Against LLMs; NTLM Rainbow Table; OOB MSFT Patch
Episode 9772
"How many states are there in the United States?"
Attackers are actively scanning for LLMs, fingerprinting them using the query How many states are…
2 months, 1 week ago
SANS Stormcast Friday, January 16th, 2026: Cryptojacking Hidden Gifts; Bluetooth Vulnerability; Reprompt in MSFT Copilot
Episode 9770
Battling Cryptojacking, Botnets, and IABs
Cryptojacking often comes with less obvious addons, like SSH backdoors
https://isc.sans.edu/diary/Battling…
2 months, 1 week ago