))
Important Announcement from KRBN Internet News Talk Radio We’re beginning a new chapter for KRBN Internet News Talk Radio. Effective January 31, 2025, BlogTalkRadio—our long-standing broadcasting platform—will shut down. But KRBN is not going away! All past episodes have been archived and are available on Signal and other platforms like Amazon Music, Apple Podcasts, iHeartRadio, and more, so you can continue enjoying our content. While this change means we’ll no longer broadcast live on Blog ...
…
continue reading
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
…
continue reading
1
Internet Explorers: SEO, PPC and Content Marketing News
Digital Third Coast - Tom Shearman, Kristen Geil and Nathan Pabich
…
continue reading
Vietnam Internet Radio News
…
continue reading
IoTA is the companion blog to the IoTA Podcast. IoTA is dedicated to the Internet of Things. The Podcast will review daily news stories in IoT and will conduct frequent companion episodes where we interview people who are in the IoT Industry.
…
continue reading
1
RIApodcast - we discuss the latest news and topics in Rich Internet Applications and Technologies
John Mason
A technology podcast focusing on Rich Internet Technologies such as ColdFusion, Flex, Flash, jQuery and AIR.
…
continue reading
1
SANS ISC Stormcast, Jan 29th 2025: Python Crypto Stealer; SimpleHelp Exploited; Apple Silicon Vuln; Teamviewer Vuln; Odd QR Code (#)
6:08
SANS ISC Stormcast, Jan 29th 2025: Python Crypto Stealer; SimpleHelp Exploited; Apple Silicon Vuln; Teamviewer Vuln; Odd QR Code Learn about fileless crypto stealers written in Python, the ongoing exploitation of recent SimpleHelp vulnerablities, new Apple Silicon Sidechannel attacks a Team Viewer Vulnerablity and an odd QR Code Fileless Python Inf…
…
continue reading
1
SANS ISC Stormcast, Jan 28th 2025: Z-Shy Phishing; Apple Patches 0-Day; Fortinet Exploit Details; Github and Apache Solr Patches (#)
6:14
SANS ISC Stormcast, Jan 28th 2025: Z-Shy Phishing; Apple Patches 0-Day; Fortinet Exploit Details; Github and Apache Solr Patches This episode shows how attackers are bypassing phishing filter by abusing the "shy" softhyphen HTML entitiy. We got an update from Apple fixing a 0-day vulnerability in addition to a number of other issues. watchTowr show…
…
continue reading
1
SANS ISC Stormcast, Jan 27, 2025: Access Brokers; Llama Stack Vuln; ESXi SSH Tunnels; Zyxel Boot Loops; Subary StarLeak (#)
6:29
SANS ISC Stormcast, Jan 27, 2025: Access Brokers; Llama Stack Vuln; ESXi SSH Tunnels; Zyxel Boot Loops; Subary StarLeak Guest Diary: How Access Brokers Maintain Persistence Explore how cybercriminals utilize access brokers to persist within networks and the impact this has on organizational security. https://isc.sans.edu/forums/diary/Guest+Diary+Ho…
…
continue reading
1
SANS ISC Stormcast, Jan 24, 2025: XSS in Email, SonicWall Exploited; Cisco Vulnerablities; AI and SOAR (@sans_edu research paper by Anthony Russo) (#)
14:45
SANS ISC Stormcast, Jan 24, 2025: XSS in Email, SonicWall Exploited; Cisco Vulnerablities; AI and SOAR (@sans_edu research paper by Anthony Russo) In today's episode, learn how an attacker attempted to exploit webmail XSS vulnerablities against us. Sonicwall released a critical patch fixing an already exploited vulnerability in its SMA 1000 applian…
…
continue reading
1
SANS ISC Stormcast, Jan 23, 2025: PFSync Protocol; Oracle CPU; Korean VPN Supply Chain Attack; Ivanti Guidance (#)
7:50
SANS ISC Stormcast, Jan 23, 2025: PFSync Protocol; Oracle CPU; Korean VPN Supply Chain Attack; Ivanti Guidance In today's episode, we start by talking about the PFSYNC protocol used to synchronize firewall states to support failover. Oracle released it's quarterly critical patch update. ESET is reporting about a critical VPN supply chain attack and…
…
continue reading
1
SANS ISC Stormcast, Jan 22, 2025: Geolocation via Starlink and Cloudflare; AI Prompt Risks; Homebrew Phishing (#)
9:16
SANS ISC Stormcast, Jan 22, 2025: Geolocation via Starlink and Cloudflare; AI Prompt Risks; Homebrew Phishing This episodes covers how Starlink users can be geolocated and how Cloudflare may help deanonymize users. The increased use of AI helpers leads to leaking data via careless prompts. Geolocation and Starlink https://isc.sans.edu/diary/Geoloca…
…
continue reading
1
SANS ISC Stormcast, Jan 21, 2025: Downloading Partial ZIP files; Remote Tools Used in Attakcs; Azure DevOps SSRF (#)
6:21
SANS ISC Stormcast, Jan 21, 2025: Downloading Partial ZIP files; Remote Tools Used in Attakcs; Azure DevOps SSRF In this episode, we talk about downloading and analyzing partial ZIP files, how legitimate remote access tools are used in recent compromises and how a research found an SSRF vulnerability in Azure DevOps Partial ZIP File Downloads A clo…
…
continue reading
1
SANS ISC Stormcast, Jan 20, 2025: Honeypots for Offense; SimpleHelp and UEFI Secure Boot Vulnerabilities (#)
3:25
SANS ISC Stormcast, Jan 20, 2025: Honeypots for Offense; SimpleHelp and UEFI Secure Boot Vulnerabilities In this episode, we cover how to use honeypot data to keep your offensive infrastructure alive longer, three critical vulnerabilities in SimpleHelp that must be patched now, and an interesting vulnerability affecting many systems allowing UEFI S…
…
continue reading
1
SANS ISC Stormcast, Jan 17, 2025: Analyzing Complex Datasets, Citrix Update Issues, Ivanti's Security Advisory, and the Future of Passkeys (@sans_edu) (#)
12:50
SANS ISC Stormcast, Jan 17, 2025: Analyzing Complex Datasets, Citrix Update Issues, Ivanti's Security Advisory, and the Future of Passkeys (@sans_edu) In this episode, we explore the efficient storage of honeypot logs in databases, issues with Citrix's Session Recording Agent and Windows Update. Ivanti is having another interesting security event a…
…
continue reading
1
SANS ISC Stormcast, Jan 16, 2025: Critical Vulnerabilities and Cybersecurity Updates You Need to Know (#)
9:02
SANS ISC Stormcast, Jan 16, 2025: Critical Vulnerabilities and Cybersecurity Updates You Need to Know Today's episode covers an odd 12 year old Netgear vulnerability that only received a proper CVE number last year. Learn about how to properly identify OpenID connect users and avoid domain name resue. Good old rsync turns out to be in need of patch…
…
continue reading
1
SANS ISC Stormcast, Jan 14 2025: Microsoft Patch Tuesday, FortiOS and FortiProxy Patches; Paessler PRTG Patches (#)
7:49
SANS ISC Stormcast, Jan 14 2025: Microsoft Patch Tuesday, FortiOS and FortiProxy Patches; Paessler PRTG Patches Today, Microsoft Patch Tuesday headlines our news with Microsoft patching 209 vulnerabilities, some of which have already been exploited. Fortinet suspects a so far unpatched Node.js authentication bypass to be behind some recent exploits…
…
continue reading
1
SANS ISC Stormcast, Jan 14, 2025: Brute-Forcing Hikvision Devices, macOS SIP Bypass, Linux Rootkits, Aviatrix Exploits, and AWS Ransomware Tactics (#)
7:51
SANS ISC Stormcast, Jan 14, 2025: Brute-Forcing Hikvision Devices, macOS SIP Bypass, Linux Rootkits, Aviatrix Exploits, and AWS Ransomware Tactics Episode Summary: This episode covers brute-force attacks on the password reset functionality of Hikvision devices, a macOS SIP bypass vulnerability, Linux rootkit malware, and a novel ransomware campaign…
…
continue reading
1
SANS ISC Stormcast, Jan 13, 2025: Defender Updates, Ivanti RCE, Apple USB-C Hack and more (#)
6:43
SANS ISC Stormcast, Jan 13, 2025: Defender Updates, Ivanti RCE, Apple USB-C Hack and more In today's episode, we cover the latest updates in cybersecurity: Windows Defender Enhances Chrome Extension Detection Microsoft's Defender now catalogs Chrome extensions to identify malicious ones. Learn how this improves enterprise security. https://isc.sans…
…
continue reading
1
Cryptomining Malware, Fake PoC Exploit, Malicious Browser Extensions, and Palo Alto Vulnerabilities (#)
7:19
Cryptomining Malware, Fake PoC Exploit, Malicious Browser Extensions, and Palo Alto Vulnerabilities In this episode, we explore the following stories: "Examining Redtail: Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics" Overview of Redtail's multi-architecture cryptomining malware exploiting vulnerabilities and deploying per…
…
continue reading
SANS ISC Stormcast, Jan 9, 2025: Critical Vulnerabilities in Ivanti, Aviatrix, and Hijacked Backdoors in Compromised Systems In this episode, we discuss critical vulnerabilities in Ivanti Connect Secure and Policy Secure, command injection risks in Aviatrix Network Controllers, and the risks posed by hijacked abandoned backdoors. Episode Links and …
…
continue reading
SANS ISC Stormcast, Jan 8, 2025: Critical Vulnerabilities in SonicWall, Moxa, and Windows BitLocker – Plus, Malware Targets PHP Servers and the Launch of U.S. Cyber Trust Mark In this episode, we dive into active exploitation of a zero-day in SonicWall SSL-VPN, privilege escalation vulnerabilities in Moxa devices, and a BitLocker bypass in Windows …
…
continue reading
1
SANS ISC Stormcast Jan 7th 2025: Make Malware Happy and Critical Vulnerabilities in OpenSSH, BeyondTrust, and Nucle
4:52
SANS ISC Stormcast Jan 7th 2025: Make Malware Happy and Critical Vulnerabilities in OpenSSH, BeyondTrust, and Nuclei In this episode of the SANS Internet Storm Center's Stormcast, we cover critical vulnerabilities affecting OpenSSH, BeyondTrust, and Nuclei, including the newly discovered "RegreSSHion" flaw and a bypass vulnerability in Nuclei. We a…
…
continue reading
1
Stormcast 01/06/24: Python SweatRAT, Goodware Hashes, SSL/TLS Changes 2024, Malicious Chrome Extensions and More...
8:17
…
continue reading
1
Stormcast January 5th 2024: Python SweatRAT, Goodware Hashes, SSL/TLS Changes 2024, Malicious Chrome Extensions and More...
8:46
…
continue reading
PPUnit and Androxgh0st; Session Smart Router Attack; FortiWLM Patch; BadBox Update; Beyond Trust Advisory PHPUnit and Androxgh0st https://isc.sans.edu/diary/Command%20Injection%20Exploit%20For%20PHPUnit%20before%204.8.28%20and%205.x%20before%205.6.3%20%5BGuest%20Diary%5D/31528 Mirai Attacks Session Smart Routers https://supportportal.juniper.net/s/…
…
continue reading
TeamTNT Deep Diver; Complex RDP Attacks; Okta Social Engineering; TP-Link Ban A Deep Dive into TeamTNT and Spinning YARN https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20A%20Deep%20Dive%20into%20TeamTNT%20and%20Spinning%20YARN/31530 Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks https://www.trendmicro.com/en_us/research/24/l/earth-kosh…
…
continue reading
Python Installs Anydesk; Vishing, Teams and Anydesk; SS7 Attacks; CrushFTP Vuln; Python Delivering AnyDesk Client as RAT https://isc.sans.edu/diary/Python+Delivering+AnyDesk+Client+as+RAT/31524/ Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion https://www.trendmicro.com/en_us/research/24/l/darkgate-malware.html SS7 Attacks https:/…
…
continue reading
MUT-1244 Targeting Offensive Actors; Golang SSH Issue; Meeten Malware MUT-1244 Targeting Offensive Actors https://securitylabs.datadoghq.com/articles/mut-1244-targeting-offensive-actors/ Golang Crypto Vulnerability https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909 Meeten Malware: A Cross-Platform Threat to Crypto Wall…
…
continue reading
Struts 2 Exploited; Citrix Password Spraying; 6 Day Certs; Certified Pre-Pw0n3d Exploit Attempts Inspired by Recent Struts 2 File Upload Vulnerability https://isc.sans.edu/diary/Exploit%20attempts%20inspired%20by%20recent%20Struts2%20File%20Upload%20Vulnerability%20%28CVE-2024-53677%2C%20CVE-2023-50164%29/31520 Citrix Netscaler Password Spraying Mi…
…
continue reading
