RunAs Radio is a weekly Internet Audio Talk Show for IT Professionals working with Microsoft products.
…
continue reading
Exchange Server Podcasts
The Practical 365 Podcast is a fortnightly newscast on all things Microsoft 365 including Microsoft Teams, Azure AD, Exchange, SharePoint, OneDrive, Windows, Intune and any hot topics that are worth a deep-dive to help you learn more and get the real-world view. Your hosts are Microsoft MVPs Steve Goodman, Paul Robichaux and Quest's Bastiaan Verdonk, who will share their expert opinions on the talk of the week, and Q&A with special guests.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Office 365 Exposed delivers high-quality technical insight into what's happening in the world of Office 365 and Exchange Server. Your hosts are Microsoft Exchange MVPs Tony Redmond and Paul Robichaux, both well-known personalities and the authors of many books, magazine articles, blog posts, and rants covering Exchange Server, Office 365, Skype for Business, and even, occasionally, SharePoint.
…
continue reading
High tech, IT education made easy for Microsoft DBA’s and application owners. Learn about the latest trends in technology and how to improve your application performance and availability. Topics include virtualization, backup, disaster recovery, SAN, and much more. If you run Microsoft Exchange or Microsoft SQL Server, on VMware or Hyper-V - please subscribe today!
…
continue reading
Can I Get Some Ranch is a hilarious podcast from the mind of Heather Winter. It is a weekly podcast where Heather has a new guest and they discuss working in the restaurant industry and all the server nightmares that follow! Listen for tips on how to dine out the right way!!
…
continue reading
When it comes to technology, you may have questions. So do we. Every other week, we demystify the tech industry, one answer at a time. Join us as we bring together a chorus of perspectives from within Red Hat to break down the big, emerging ideas that matter both today and beyond. Compiler is hosted by Angela Andrews and Brent Simoneaux. Learn more about our show at redhat.com/en/compiler-podcast
…
continue reading
Our regular podcast series features threat research and security news, hosted by threat researchers from the Threat Hunter Team.
…
continue reading
This week, we are joined by Jamie Levy, Director of Adversary Tactics at Huntress, who is discussing their work on "Active Exploitation of SonicWall VPNs." Huntress has released an urgent threat advisory on active exploitation of SonicWall VPNs, with attackers bypassing MFA, pivoting to domain controllers, and ultimately deploying Akira ransomware.…
…
continue reading
A suspected ransomware attack disrupts hundreds of Swedish municipalities. Google warns Gmail users of emerging cyberattacks tied to the ShinyHunters group. A malicious supply chain attack hits the npm registry. Senators press AFLAC for answers following a data breach. Law enforcement takedowns splinter the ransomware ecosystem. The FBI and Dutch p…
…
continue reading

1
SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch
5:45
5:45
Play later
Play later
Lists
Like
Liked
5:45Increasing Searches for ZIP Files Attackers are scanning our honeypots more and more for .zip files. They are looking for backups of credential files and the like left behind by careless administrators and developers. https://isc.sans.edu/diary/Increasing%20Searches%20for%20ZIP%20Files/32242 FreePBX Vulnerability An upatched vulnerability in FreePB…
…
continue reading
The FBI shares revelations on Salt Typhoon’s reach. Former NSA and FBI directors sound alarm on infrastructure cybersecurity gaps. Google is launching a new cyber “disruption unit”. A new report highlights cyber risks to the maritime industry. A Pennsylvania healthcare provider suffers a data breach affecting over six hundred thousand individuals. …
…
continue reading

1
SANS Stormcast Thursday, August 28th, 2025: Launching Shellcode; NX Compromise; Volt Typhoon Report
6:39
6:39
Play later
Play later
Lists
Like
Liked
6:39Interesting Technique to Launch a Shellcode Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code. https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238 NX Compromised to Steal Wallets and Credentials The popular open source NX build package was compromised. Code was added that uses…
…
continue reading
A whistle-blower claims DOGE uploaded a sensitive Social Security database to a vulnerable cloud server. Allies push back against North Korean IT scams. ZipLine is a sophisticated phishing campaign targeting U.S.-based manufacturing. Researchers uncover a residential proxy network operating across at least 20 U.S. states. Flock Safety license plate…
…
continue reading

1
SANS Stormcast Wednesday, August 27th, 2025: Analyzing IDNs; Netscaler 0-Day Vuln; Git Vuln Exploited;
5:43
5:43
Play later
Play later
Lists
Like
Liked
5:43Getting a Better Handle on International Domain Names and Punycode International Domain names can be used for phishing and other attacks. One way to identify suspect names is to look for mixed script use. https://isc.sans.edu/diary/Getting%20a%20Better%20Handle%20on%20International%20Domain%20Names%20and%20Punycode/32234 Citrix Netscaler Vulnerabil…
…
continue reading
What are common mistakes folks are making with their Azure tenant(s)? While at the Kansas City Developers Conference, Richard chatted with Scott Sauber to run down his top ten list of issues he checks on for all his customers using Azure. From tenant ownership to naming conventions, policies, identities, and cost controls - there are a lot of thing…
…
continue reading
A cyberattack disrupts state systems in Nevada. A China-linked threat actor targets Southeast Asian diplomats. A new attack method hides malicious prompts inside images processed by AI systems.Experts ponder preventing AI agents from going rogue. A new study finds AI is hitting entry-level jobs hardest. Michigan’s Supreme Court upholds limits on ce…
…
continue reading

1
SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln
5:01
5:01
Play later
Play later
Lists
Like
Liked
5:01Reading Location Position Value in Microsoft Word Documents Jessy investigated how Word documents store the last visited document location in the registry. https://isc.sans.edu/diary/Reading%20Location%20Position%20Value%20in%20Microsoft%20Word%20Documents/32224 Weaponizing image scaling against production AI systems AI systems often downscale imag…
…
continue reading
Farmers Insurance discloses a data breach affecting over a million people. Agentic AI tools fall for common scams. A new bill in Congress looks to revive letters of marque for the digital age. Cybercriminals target macOS users with the Shamos infostealer. New Android spyware masquerades as antivirus to target Russian business executives. CISA seeks…
…
continue reading

1
SANS Stormcast Monday, August 25th, 2025: IP Cleanup; Linux Desktop Attacks; Malicious Go SSH Brute Forcer; Onmicrosoft Domain Restrictions
6:04
6:04
Play later
Play later
Lists
Like
Liked
6:04The end of an era: Properly formatted IP addresses in all of our data. When initiall designing DShield, addresses were zero padded , an unfortunate choice. As of this week, datafeeds should no longer be zero padded . https://isc.sans.edu/diary/The%20end%20of%20an%20era%3A%20Properly%20formated%20IP%20addresses%20in%20all%20of%20our%20data./32228 .d…
…
continue reading

1
Julian Waits: Find a way to help society. [Serial Entrepreneur] [Career Notes]
11:04
11:04
Play later
Play later
Lists
Like
Liked
11:04Please enjoy this encore of Career Notes. Senior Vice President and Executive in Residence with Rapid7 and Chairman for Cyversity, Julian Waits, grew up in the era of the Justice League and Superman and it shaped his career. Julian always wanted to do something where he could find a way to help society to basically help others. Starting out as a Ba…
…
continue reading

1
Beyond the smoke screen. [Research Saturday]
22:22
22:22
Play later
Play later
Lists
Like
Liked
22:22This week, we are joined by Dr. Renée Burton, VP of Infoblox Threat Intel, who is discussing their work on VexTrio, a notorious traffic distribution system (TDS) involved in digital fraud. The VexTrio investigation uncovers a massive global ad fraud and scam operation powered by just 250 virtual machines, tying it directly to named individuals and …
…
continue reading
The FTC warns one country’s “online safety” may be another’s “censorship.” A new bipartisan bill aims to reduce barriers to federal cyber jobs. MURKY PANDA targets government, technology, academia, legal, and professional services in North America. MITRE updates their hardware weaknesses list. Customs and Border Protection conducts a record number …
…
continue reading

1
SANS Stormcast Friday, August 22nd, 2025: The -n switch; Commvault Exploit; Docker Desktop Escape Vuln;
6:52
6:52
Play later
Play later
Lists
Like
Liked
6:52Don't Forget The "-n" Command Line Switch Disabling reverse DNS lookups for IP addresses is important not just for performance, but also for opsec. Xavier is explaining some of the risks. https://isc.sans.edu/diary/Don%27t%20Forget%20The%20%22-n%22%20Command%20Line%20Switch/32220 watchTowr releases details about recent Commvault flaws Users of the …
…
continue reading
Zero-day clickjacking flaws affect major password managers. The FBI warns that Russian state-backed hackers are exploiting a long-known Cisco flaw. Apple releases emergency patches for a zero-day flaw in the Image I/O framework. Home Depot faces a proposed class action lawsuit accusing it of secretly using facial recognition at self-checkout kiosks…
…
continue reading

1
SANS Stormcast Thursday, August 21st, 2025: Airtel Scans; Apple Patch; Microsoft Copilot Audit Log Issue; Password Manager Clickjacking
6:52
6:52
Play later
Play later
Lists
Like
Liked
6:52Airtel Router Scans and Mislabeled Usernames A quick summary of some odd usernames that show up in our honeypot logs https://isc.sans.edu/diary/Airtel%20Router%20Scans%2C%20and%20Mislabeled%20usernames/32216 Apple Patches 0-Day CVE-2025-43300 Apple released an update for iOS, iPadOS and MacOS today patching a single, already exploited, vulnerabilit…
…
continue reading
Microsoft releases emergency out-of-band (OOB) Windows updates. Trump targets NSA’s leading AI and cyber expert in clearance revocations. A breach may have compromised the privacy of Ohio medical marijuana patients. Cybercriminals exploit an AI website builder to rapidly create phishing sites. Warlock ransomware operators target Microsoft’s SharePo…
…
continue reading

1
SANS Stormcast Wednesday, August 20th, 2025: Increased Elasticsearch Scans; MSFT Patch Issues
6:07
6:07
Play later
Play later
Lists
Like
Liked
6:07Increased Elasticsearch Recognizance Scans Our honeypots noted an increase in reconnaissance scans for Elasticsearch. In particular, the endpoint /_cluster/settings is hit hard. https://isc.sans.edu/diary/Increased%20Elasticsearch%20Recognizance%20Scans/32212 Microsoft Patch Tuesday Issues Microsoft noted some issues deploying the most recent patch…
…
continue reading
How do you secure your organization's data to let AI technologies work safely? Richard chats with Martina Grom about her experiences helping sysadmins responsibly bring the power of Microsoft M365 Copilot into their organizations. Martina discusses setting up security and monitoring with tools like Microsoft Purview, enabling visibility into where …
…
continue reading
A researcher uncovers vulnerabilities across Intel’s internal websites that exposed sensitive employee and supplier data. The Kimsuky group (APT43) targets South Korean diplomatic missions. A new DDoS vulnerability bypasses the 2023 “Rapid Reset” fix. Drug development firm Inotiv reports a ransomware attack to the SEC. The UK drops their demand tha…
…
continue reading

1
SANS Stormcast Tuesday, August 19th, 2025: MFA Bombing; Cisco Firewall Management Vuln; F5 Access for Android Vuln;
5:10
5:10
Play later
Play later
Lists
Like
Liked
5:10Keeping an Eye on MFA Bombing Attacks Attackers will attempt to use authentication fatigue by bombing users with MFA authentication requests. Rob is talking in this diary about how to investigate these attacks in a Microsoft ecosystem. https://isc.sans.edu/diary/Keeping+an+Eye+on+MFABombing+Attacks/32208 Critical Cisco Secure Firewall Management Ce…
…
continue reading
HR software giant Workday discloses a data breach. Researchers uncover a zero-day in Elastic’s EDR software. Ghost-tapping is an emerging fraud technique where cybercriminals use NFC relay attacks to exploit stolen payment card data. Germany may be on a path to ban ad blockers. A security researcher documents multiple serious flaws in McDonald’s sy…
…
continue reading

1
SANS Stormcast Monday, August 18th, 2025: 5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln
5:43
5:43
Play later
Play later
Lists
Like
Liked
5:43SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations Researchers from the Singapore University of Technology and Design released a new framework, SNI5GECT, to passively sniff and inject traffic into 5G data streams, leading to DoS, downgrade and other attacks. https://isc.sans.edu/diary/SNI5GECT%3A%20Sniffing%20and%20Injecting%20…
…
continue reading

1
The CVE countdown clock. [Research Saturday]
29:58
29:58
Play later
Play later
Lists
Like
Liked
29:58Bob Rudis, VP Data Science from GreyNoise, is sharing some insights into their work on "Early Warning Signals: When Attacker Behavior Precedes New Vulnerabilities." New research reveals a striking trend: in 80% of cases, spikes in malicious activity against enterprise edge technologies like VPNs and firewalls occurred weeks before related CVEs were…
…
continue reading

1
Dr. Rois Ni Thuama: Get into the game. [Cyber governance] [Career Notes]
9:50
9:50
Play later
Play later
Lists
Like
Liked
9:50Please enjoy this encore of Career Notes. Head of Cyber Governance with Red Sift, Dr. Rois Ni Thuama shares the circuitous route of her career into cyber governance. She notes the route "looks really clean, but actually it was a bit more Jeremy Bearimy." While at Trinity College, Rois was moved to be part of history unfolding in South Africa and pa…
…
continue reading
Plex urges users to immediately update their Media Server due to an undisclosed security flaw. Cisco warns of a critical remote code execution flaw in their Secure Firewall Management Center software.Rockwell Automation discloses multiple critical and high-severity flaws. Hackers breached a Canadian House of Commons database. Active law enforcement…
…
continue reading

1
SANS Stormcast Friday, August 15th, 2025: Analysing Attack with AI; Proxyware via YouTube; Xerox FreeFlow Vuln; Evaluating Zero Trust @SANS_edu
15:12
15:12
Play later
Play later
Lists
Like
Liked
15:12AI and Faster Attack Analysis A few use cases for LLMs to speed up analysis https://isc.sans.edu/diary/AI%20and%20Faster%20Attack%20Analysis%20%5BGuest%20Diary%5D/32198 Proxyware Malware Being Distributed on YouTube Video Download Site Popular YouTube download sites will attempt to infect users with proxyware. https://asec.ahnlab.com/en/89574/ Xero…
…
continue reading
A ransomware attack exposes personal medical records of VA patients. New joint guidance from CISA and the NSA emphasizes asset inventory and OT taxonomy. The UK government reportedly spent millions to cover up a data breach. Researchers identified two critical flaws in a widely used print orchestration platform. Phishing attacks increasingly rely o…
…
continue reading

1
SANS Stormcast Thursday, August 14th, 2025: Equation Editor; Kerberos Patch; XZ-Utils Backdoor; ForitSIEM/FortiWeb patches
7:16
7:16
Play later
Play later
Lists
Like
Liked
7:16CVE-2017-11882 Will Never Die The (very) old equation editor vulnerability is still being exploited, as this recent sample analyzed by Xavier shows. The payload of the Excel file attempts to download and execute an infostealer to exfiltrate passwords via email. https://isc.sans.edu/diary/CVE-2017-11882%20Will%20Never%20Die/32196 Windows Kerberos El…
…
continue reading
Patch Tuesday. The Matrix Foundation patches high-severity vulnerabilities in its open-source communications protocol. The “Curly COMrades” Russian-aligned APT targets critical infrastructure. Microsoft tells users to ignore new CertificateServicesClient (CertEnroll) errors. Researchers uncover a malware campaign hiding the NjRat Remote Access Troj…
…
continue reading

1
SANS Stormcast Wednesday, August 13th, 2025: Microsoft Patch Tuesday; libarchive vulnerability upgrade; Adobe Patches
8:55
8:55
Play later
Play later
Lists
Like
Liked
8:55Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202025%20Patch%20Tuesday/32192 https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/ libarchive Vulnerability A libarchive vulnerability patched in June was upgraded from a low CVSS score to a critical one. Libarchive is used by compression…
…
continue reading
Are you tapping the power of Microsoft Graph? Richard chats with Tony Redmond about his work teaching people to leverage Microsoft Graph and all the insights it can provide about their organization. Tony views Graph as one of the key skills a sysadmin needs to manage an M365 tenant, alongside Exchange Online, SharePoint, and Teams. Throw in some En…
…
continue reading
Hackers leak backend data from the North Korean state-sponsored hacking group Kimsuky. A ransomware attack on a Dutch clinical diagnostics lab exposes medical data of nearly half a million women. One of the world’s largest staffing firms suffers a data breach. Saint Paul, Minnesota, confirms the Interlock ransomware gang was behind a July cyberatta…
…
continue reading

1
SANS Stormcast Tuesday, August 12th, 2025: Erlang OTP SSH Exploits (Palo Alto Networks); Winrar Exploits; Netscaler Exploits; OpenSSH Pushing PQ Crypto;
6:52
6:52
Play later
Play later
Lists
Like
Liked
6:52Erlang OTP SSH Exploits A recently patched and easily exploited vulnerability in Erlang/OTP SSH is being exploited. Palo Alto collected some of the details about this exploit activity that they observed. https://unit42.paloaltonetworks.com/erlang-otp-cve-2025-32433/ WinRAR Exploited WinRAR vulnerabilities are actively being exploited by a number of…
…
continue reading
CISA issues an Emergency Directive to urgently patch a critical vulnerability in Microsoft Exchange hybrid configurations. SoupDealer malware proves highly evasive. Google patches a Gemini calendar flaw. A North Korean espionage group pivots to financial crime. Russia’s RomCom exploits a WinRAR zero-day. Researchers turn Linux-based webcams into pe…
…
continue reading

1
SANS Stormcast Monday, August 11th, 2025: Fake Tesla Preorders; Bad USB Cameras; Win-DoS Epidemic
7:07
7:07
Play later
Play later
Lists
Like
Liked
7:07Google Paid Ads for Fake Tesla Websites Someone is setting up fake Tesla lookalike websites that attempt to collect credit card data from unsuspecting users trying to preorder Tesla products. https://isc.sans.edu/diary/Google%20Paid%20Ads%20for%20Fake%20Tesla%20Websites/32186 Compromising USB Devices for Persistent Stealthy Access USB devices, like…
…
continue reading

1
Ed Amoroso: Security shouldn't be the main dish. [Computer Science] [Career Notes]
11:03
11:03
Play later
Play later
Lists
Like
Liked
11:03Please enjoy this encore of Career Notes. Chief Executive Officer and Founder of TAG Cyber, Ed Amoroso, shares how he learned on the job and grew his career. In his words, Ed "went from my dad having an ARPANET connection and I'm learning Pascal, to Bell Labs, to CISO, to business, to quitting, to starting something new. And now I'm riding a new ex…
…
continue reading

1
When malware plays pretend. [Research Saturday]
20:30
20:30
Play later
Play later
Lists
Like
Liked
20:30Nicolás Chiaraviglio, Chief Scientist from Zimperium's zLabs, joins to discuss their work on "Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed." Zimperium’s zLabs team has been tracking an evolving banker trojan dubbed DoubleTrouble, which has grown more sophisticated in both its distribution and capabilities. Initially spread via …
…
continue reading
Researchers uncover multiple vulnerabilities in a popular open-source secrets manager. Software bugs threaten satellite safety. Columbia University confirms a cyberattack. Researchers uncover malicious NPM packages posing as WhatsApp development tools.A new EDR killer tool is being used by multiple ransomware gangs. Home Improvement stores integrat…
…
continue reading