Best ID Theft Center Podcasts (2025)

1
SANS Stormcast Thursday, September 25th, 2025: Hikvision Exploits; Cisco Patches; Sonicawall Anit-Rootkit Patch; Windows 10 Support (#) 5:33

Play Pause

3h ago5:33

5:33

SANS Stormcast Thursday, September 25th, 2025: Hikvision Exploits; Cisco Patches; Sonicawall Anit-Rootkit Patch; Windows 10 Support Exploit Attempts Against Older Hikvision Camera Vulnerability Out honeypots observed an increase in attacks against some older Hikvision issues. A big part of the problem is weak passwords, and the ability to send cred…

1
SANS Stormcast Wednesday, September 24th, 2025: DoS against the Analyst; GitHub Improvements; Solarwinds and Supermicro BMC vulnerabilities (#) 7:23

8h ago7:23

7:23

SANS Stormcast Wednesday, September 24th, 2025: DoS against the Analyst; GitHub Improvements; Solarwinds and Supermicro BMC vulnerabilities Distracting the Analyst for Fun and Profit Our undergraduate intern, Tyler House analyzed what may have been a small DoS attack that was likely more meant to distract than to actually cause a denial of service …

1
SANS Stormcast Tuesday, September 23rd, 2025: Ivanti EPMM Exploit; GitHub Impersonation (#) 4:50

1d ago4:50

4:50

SANS Stormcast Tuesday, September 23rd, 2025: Ivanti EPMM Exploit; GitHub Impersonation CISA Reports Ivanti EPMM Exploit Sightings Two different organizations submitted backdoors to CISA, which are believed to have been installed using Ivanti vulnerabilities patched in May. https://www.cisa.gov/news-events/analysis-reports/ar25-261a Lastpass Observ…

1
SANS Stormcast Monday, September 22nd, 2025: Odd HTTP Reuqest; GoAnywhere MFT Bug; EDR Freeze (#) 9:03

2d ago9:03

9:03

SANS Stormcast Monday, September 22nd, 2025: Odd HTTP Reuqest; GoAnywhere MFT Bug; EDR Freeze Help Wanted: What are these odd requests about? An odd request is hitting a number of our honeypots with a somewhat unusual HTTP request header. Please let me know if you no what the request is about. https://isc.sans.edu/forums/diary/Help+Wanted+What+are+…

1
SANS Stormcast Friday, September 19th, 2025: Honeypot File Analysis (@sans_edu); SonicWall Breach; DeepSeek Bias; Chrome 0-day (#) 7:15

6d ago7:15

7:15

SANS Stormcast Friday, September 19th, 2025: Honeypot File Analysis (@sans_edu); SonicWall Breach; DeepSeek Bias; Chrome 0-day Exploring Uploads in a Dshield Honeypot Environment This guest diary by one of our SANS.edu undergraduate interns shows how to analyze files uploaded to Cowrie https://isc.sans.edu/diary/Exploring%20Uploads%20in%20a%20Dshie…

1
The Fraudian Slip Podcast: Javelin Strategy & Research - Child Identity Theft in 2025 - S6E9 28:29

6d ago28:29

28:29

Welcome to the Fraudian Slip, the Identity Theft Resource Center’s (ITRC) podcast, where we talk about all things identity theft, fraud and scams that impact people and businesses. This month’s episode focuses on child identity theft. How does child identity theft occur in 2025? What should parents know and do as their kids head back to school?Here…

1
SANS Stormcast Thursday, September 18th, 2025: DLL Hooking; Entra ID Actor Tokens; Watchguard and NVidia Patches (#) 6:32

7d ago6:32

6:32

SANS Stormcast Thursday, September 18th, 2025: DLL Hooking; Entra ID Actor Tokens; Watchguard and NVidia Patches CTRL-Z DLL Hooking Attackers may use a simple reload trick to overwrite breakpoints left by analysts to reverse malicious binaries. https://isc.sans.edu/diary/CTRL-Z%20DLL%20Hooking/32294 Global Admin in every Entra ID tenant via Actor t…

1
SANS Stormcast Wednesday, September 17th, 2025: Phishing Resistants; More npm Attacks; ChatGPT MCP abuse (#) 8:48

8d ago8:48

8:48

SANS Stormcast Wednesday, September 17th, 2025: Phishing Resistants; More npm Attacks; ChatGPT MCP abuse Why You Need Phishing-Resistant Authentication NOW. The recent compromise of a number of high-profile npmjs.com accounts has yet again shown how dangerous a “simple” phishing email can be. https://isc.sans.edu/diary/Why%20You%20Need%20Phishing%2…

1
SANS Stormcast Tuesday, September 16th, 2025: Apple Updates; Rust Phishing; Samsung 0-day (#) 6:43

9d ago6:43

6:43

SANS Stormcast Tuesday, September 16th, 2025: Apple Updates; Rust Phishing; Samsung 0-day Apple Updates Apple released major updates for all of its operating systems. In addition to new features, these updates patch 33 different vulnerabilities. https://isc.sans.edu/diary/Apple%20Updates%20Everything%20-%20iOS%20macOS%2026%20Edition/32286 Microsoft…

1
SANS Stormcast Monday, September 15th, 2025: More Archives; Salesforce Attacks; White Cobra; BSides Augusta (#) 6:06

10d ago6:06

6:06

SANS Stormcast Monday, September 15th, 2025: More Archives; Salesforce Attacks; White Cobra; BSides Augusta Web Searches For Archives Didier observed additional file types being searched for as attackers continue to focus on archive files as they spider web pages https://isc.sans.edu/diary/Web%20Searches%20For%20Archives/32282 FBI Flash Alert: Sale…

1
SANS Stormcast Friday, September 12th, 2025: DShield SIEM Update; Another Sonicwall Warning; Website Keystroke Logging (#) 6:39

13d ago6:39

6:39

SANS Stormcast Friday, September 12th, 2025: DShield SIEM Update; Another Sonicwall Warning; Website Keystroke Logging DShield SIEM Docker Updates Guy updated the “DShield SIEM” which graphically summarizes what is happening inside your honeypot. https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/32276 Again: Sonicwall SSL VPN Compromises…

1
The Weekly Breach Breakdown Podcast: The Rat Race – Phishing Attack Installs RATs – S6E28 3:47

14d ago3:47

3:47

Welcome to the Identity Theft Resource Center's (ITRC) Weekly Breach Breakdown for September 12, 2025. I'm Tatiana Cuadras, Communications Assistant for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we are going to talk abo…

1
SANS Stormcast Thursday, September 11th, 2025: BASE64 in DNS; Google Chrome, Ivantii and Sophos Patches; Apple Memory Integrity Feature (#) 7:12

14d ago7:12

7:12

SANS Stormcast Thursday, September 11th, 2025: BASE64 in DNS; Google Chrome, Ivantii and Sophos Patches; Apple Memory Integrity Feature BASE64 Over DNS The base64 character set exceeds what is allowable in DNS. However, some implementations will work even with these “invalid” characters. https://isc.sans.edu/diary/BASE64%20Over%20DNS/32274 Google C…

1
SANS Stormcast Wednesday, September 10th, 2025: Microsoft Patch Tuesday; (#) 8:26

15d ago8:26

8:26

SANS Stormcast Wednesday, September 10th, 2025: Microsoft Patch Tuesday; Microsoft Patch Tuesday As part of its September patch Tuesday, Microsoft addressed 177 different vulnerabilities, 86 of which affect Microsoft products. None of the vulnerabilities has been exploited before today. Two of the vulnerabilities were already made public. Microsoft…

1
SANS Stormcast Tuesday, September 9th, 2025: Major npm compromise; HTTP Request Signature (#) 8:44

16d ago8:44

8:44

SANS Stormcast Tuesday, September 9th, 2025: Major npm compromise; HTTP Request Signature Major npm compromise A number of high-profile npm libraries were compromised after developers fell for a phishing email. This compromise affected libraries with a total of hundreds of millions of downloads a week. https://bsky.app/profile/bad-at-computer.bsky.…

1
SANS Stormcast Monday, September 8th, 2025: YARA to Debugger Offsets; SVG JavaScript Phishing; FreePBX Patches; (#) 5:35

17d ago5:35

5:35

SANS Stormcast Monday, September 8th, 2025: YARA to Debugger Offsets; SVG JavaScript Phishing; FreePBX Patches; From YARA Offsets to Virtual Addresses Xavier explains how to convert offsets reported by YARA into offsets suitable for the use with debuggers. https://isc.sans.edu/diary/From%20YARA%20Offsets%20to%20Virtual%20Addresses/32262 Phishing vi…

1
SANS Stormcast Friday, September 5th, 2025: Cloudflare Response to 1.1.1.1 Certificate; AI Modem Namespace Reuse; macOS Vulnerability Allowed Keychain Decryption (#) 8:19

20d ago8:19

8:19

SANS Stormcast Friday, September 5th, 2025: Cloudflare Response to 1.1.1.1 Certificate; AI Modem Namespace Reuse; macOS Vulnerability Allowed Keychain Decryption Unauthorized Issuance of Certificate for 1.1.1.1 Cloudflare published a blog post with more details regarding the bad 1.1.1.1 certificate that was issued by Fina. https://blog.cloudflare.c…

1
The Weekly Breach Breakdown Podcast: Gone Quishing – QR Code Phishing Used in New Attacks – S6E27 4:22

21d ago4:22

4:22

Welcome to the Identity Theft Resource Center's (ITRC) Weekly Breach Breakdown for September 5, 2025. I'm Tatiana Cuadras, Communications Assistant for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we are going to look at h…

1
SANS Stormcast Thursday, September 4th, 2025: Dassault DELMIA Apriso Exploit Attempts; Android Updates; 1.1.1.1 Certificate Issued (#) 6:22

21d ago6:22

6:22

SANS Stormcast Thursday, September 4th, 2025: Dassault DELMIA Apriso Exploit Attempts; Android Updates; 1.1.1.1 Certificate Issued Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086 Our honeypots detected attacks against the manufacturing management system DELMIA Apriso. The deserialization vulnerability was patched in June and is one of a …

1
SANS Stormcast Wednesday, September 3rd, 2025: Sextortiion Analysis; Covert Channel DNS/ICMP; Azure AD Secret Theft; Official FreePBX Patches (#) 5:30

22d ago5:30

5:30

SANS Stormcast Wednesday, September 3rd, 2025: Sextortiion Analysis; Covert Channel DNS/ICMP; Azure AD Secret Theft; Official FreePBX Patches A Quick Look at Sextortion at Scale Jan analyzed 1900 different sextortion messages using 205 different Bitcoin addresses to look at the success rate, lifetime, and other metrics defining these campaigns. htt…

1
SANS Stormcast Tuesday, September 2nd, 2025: pdf-parser Patch; Salesloft Compromise; Velociraptor Abuse; NeuVector Default Password (#) 5:39

24d ago5:39

5:39

SANS Stormcast Tuesday, September 2nd, 2025: pdf-parser Patch; Salesloft Compromise; Velociraptor Abuse; NeuVector Default Password pdf-parser: All Streams Didier released a new version of pdf-parser.py. This version fixes a problem with dumping all filtered streams. https://isc.sans.edu/diary/pdf-parser%3A%20All%20Streams/32248 Salesloft Drift Put…

1
SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch (#) 5:46

27d ago5:46

5:46

SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch Increasing Searches for ZIP Files Attackers are scanning our honeypots more and more for .zip files. They are looking for backups of credential files and the like left behind by careless administrators and developers. https://isc.sans.edu/diary/Increas…

1
The Fraudian Slip Podcast: Socure – Identity Criminals Target Consumers with Fake Jobs – S6E8 28:09

27d ago28:09

28:09

Welcome to the Fraudian Slip, the Identity Theft Resource Center’s (ITRC) podcast, where we talk about all things identity theft, fraud and scams that impact people and businesses. This month’s episode focuses on the hot topic of fake jobs. Chances are that sometime in the past week or this week, you will receive a text from someone claiming to be …

1
SANS Stormcast Thursday, August 28th, 2025: Launching Shellcode; NX Compromise; Volt Typhoon Report (#) 6:39

28d ago6:39

6:39

SANS Stormcast Thursday, August 28th, 2025: Launching Shellcode; NX Compromise; Volt Typhoon Report Interesting Technique to Launch a Shellcode Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code. https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238 NX Compromised to Steal Wallet…

1
SANS Stormcast Wednesday, August 27th, 2025: Analyzing IDNs; Netscaler 0-Day Vuln; Git Vuln Exploited; (#) 5:43

29d ago5:43

5:43

SANS Stormcast Wednesday, August 27th, 2025: Analyzing IDNs; Netscaler 0-Day Vuln; Git Vuln Exploited; Getting a Better Handle on International Domain Names and Punycode International Domain names can be used for phishing and other attacks. One way to identify suspect names is to look for mixed script use. https://isc.sans.edu/diary/Getting%20a%20B…

1
SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln (#) 5:01

1M ago5:01

5:01

SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln Reading Location Position Value in Microsoft Word Documents Jessy investigated how Word documents store the last visited document location in the registry. https://isc.sans.edu/diary/Reading%20Location%20Position%…

1
SANS Stormcast Monday, August 25th, 2025: IP Cleanup; Linux Desktop Attacks; Malicious Go SSH Brute Forcer; Onmicrosoft Domain Restrictions (#) 6:04

1M ago6:04

6:04

SANS Stormcast Monday, August 25th, 2025: IP Cleanup; Linux Desktop Attacks; Malicious Go SSH Brute Forcer; Onmicrosoft Domain Restrictions The end of an era: Properly formatted IP addresses in all of our data. When initiall designing DShield, addresses were “zero padded”, an unfortunate choice. As of this week, datafeeds should no longer be “zero …

1
SANS Stormcast Friday, August 22nd, 2025: The -n switch; Commvault Exploit; Docker Desktop Escape Vuln; (#) 6:52

1M ago6:52

6:52

SANS Stormcast Friday, August 22nd, 2025: The -n switch; Commvault Exploit; Docker Desktop Escape Vuln; Don't Forget The "-n" Command Line Switch Disabling reverse DNS lookups for IP addresses is important not just for performance, but also for opsec. Xavier is explaining some of the risks. https://isc.sans.edu/diary/Don%27t%20Forget%20The%20%22-n%…

1
The Weekly Breach Breakdown Podcast: Mapping Out The Problem – Instagram Map Concerns - S6E26 3:49

1M ago3:49

3:49

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for August 22, 2025. I’m Timothy Walden. Thanks to SentiLink for their support of the ITRC and this podcast. Each week, we break down the latest data security incidents making headlines. Today, we’re focusing on a recent incident involving Instagram that exposed sensitiv…

1
SANS Stormcast Thursday, August 21st, 2025: Airtel Scans; Apple Patch; Microsoft Copilot Audit Log Issue; Password Manager Clickjacking (#) 6:52

1M ago6:52

6:52

SANS Stormcast Thursday, August 21st, 2025: Airtel Scans; Apple Patch; Microsoft Copilot Audit Log Issue; Password Manager Clickjacking Airtel Router Scans and Mislabeled Usernames A quick summary of some odd usernames that show up in our honeypot logs https://isc.sans.edu/diary/Airtel%20Router%20Scans%2C%20and%20Mislabeled%20usernames/32216 Apple …

1
SANS Stormcast Wednesday, August 20th, 2025: Increased Elasticsearch Scans; MSFT Patch Issues (#) 6:08

1M ago6:08

6:08

SANS Stormcast Wednesday, August 20th, 2025: Increased Elasticsearch Scans; MSFT Patch Issues Increased Elasticsearch Recognizance Scans Our honeypots noted an increase in reconnaissance scans for Elasticsearch. In particular, the endpoint /_cluster/settings is hit hard. https://isc.sans.edu/diary/Increased%20Elasticsearch%20Recognizance%20Scans/32…

1
SANS Stormcast Tuesday, August 19th, 2025: MFA Bombing; Cisco Firewall Management Vuln; F5 Access for Android Vuln; (#) 5:11

1M ago5:11

5:11

SANS Stormcast Tuesday, August 19th, 2025: MFA Bombing; Cisco Firewall Management Vuln; F5 Access for Android Vuln; Keeping an Eye on MFA Bombing Attacks Attackers will attempt to use authentication fatigue by “bombing” users with MFA authentication requests. Rob is talking in this diary about how to investigate these attacks in a Microsoft ecosyst…

1
SANS Stormcast Monday, August 18th, 2025: 5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln (#) 5:43

1M ago5:43

5:43

SANS Stormcast Monday, August 18th, 2025: 5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations Researchers from the Singapore University of Technology and Design released a new framework, SNI5GECT, to passively sniff and inject traffic into 5G data streams, l…

1
SANS Stormcast Friday, August 15th, 2025: Analysing Attack with AI; Proxyware via YouTube; Xerox FreeFlow Vuln; Evaluating Zero Trust @SANS_edu (#) 15:12

1M ago15:12

15:12

SANS Stormcast Friday, August 15th, 2025: Analysing Attack with AI; Proxyware via YouTube; Xerox FreeFlow Vuln; Evaluating Zero Trust @SANS_edu AI and Faster Attack Analysis A few use cases for LLMs to speed up analysis https://isc.sans.edu/diary/AI%20and%20Faster%20Attack%20Analysis%20%5BGuest%20Diary%5D/32198 Proxyware Malware Being Distributed o…

1
The Weekly Breach Breakdown Podcast: Love in the Time of Breaches - U.S. Breaches Cost $10M - S6E25 6:19

1M ago6:19

6:19

Welcome back to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown, supported by Sentilink. I’m James E. Lee, the ITRC’s President, and this is the episode for August 15, 2025. Each week, we take a look at the latest news and trends related to data security and privacy. For 20 years now, the CODB, along with the ITRC’s U.S. Data Br…

1
SANS Stormcast Thursday, August 14th, 2025: Equation Editor; Kerberos Patch; XZ-Utils Backdoor; ForitSIEM/FortiWeb patches (#) 7:16

1M ago7:16

7:16

SANS Stormcast Thursday, August 14th, 2025: Equation Editor; Kerberos Patch; XZ-Utils Backdoor; ForitSIEM/FortiWeb patches CVE-2017-11882 Will Never Die The (very) old equation editor vulnerability is still being exploited, as this recent sample analyzed by Xavier shows. The payload of the Excel file attempts to download and execute an infostealer …

1
SANS Stormcast Wednesday, August 13th, 2025: Microsoft Patch Tuesday; libarchive vulnerability upgrade; Adobe Patches (#) 8:55

1M ago8:55

8:55

SANS Stormcast Wednesday, August 13th, 2025: Microsoft Patch Tuesday; libarchive vulnerability upgrade; Adobe Patches Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202025%20Patch%20Tuesday/32192 https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/ libarchive Vulnerability A libarchive…

1
SANS Stormcast Tuesday, August 12th, 2025: Erlang OTP SSH Exploits (Palo Alto Networks); Winrar Exploits; Netscaler Exploits; OpenSSH Pushing PQ Crypto; (#) 6:52

1M ago6:52

6:52

SANS Stormcast Tuesday, August 12th, 2025: Erlang OTP SSH Exploits (Palo Alto Networks); Winrar Exploits; Netscaler Exploits; OpenSSH Pushing PQ Crypto; Erlang OTP SSH Exploits A recently patched and easily exploited vulnerability in Erlang/OTP SSH is being exploited. Palo Alto collected some of the details about this exploit activity that they obs…

1
SANS Stormcast Monday, August 11th, 2025: Fake Tesla Preorders; Bad USB Cameras; Win-DoS Epidemic (#) 7:07

2M ago7:07

7:07

SANS Stormcast Monday, August 11th, 2025: Fake Tesla Preorders; Bad USB Cameras; Win-DoS Epidemic Google Paid Ads for Fake Tesla Websites Someone is setting up fake Tesla lookalike websites that attempt to collect credit card data from unsuspecting users trying to preorder Tesla products. https://isc.sans.edu/diary/Google%20Paid%20Ads%20for%20Fake%…

1
SANS Stormcast Friday, August 8th, 2025:: ASN43350 Mass Scans; HTTP1.1 Must Die; Hyprid Exchange Vuln; Sonicwall Update; SANS.edu Research: OSS Security and Shifting Left (#) 23:59

2M ago23:59

23:59

SANS Stormcast Friday, August 8th, 2025:: ASN43350 Mass Scans; HTTP1.1 Must Die; Hyprid Exchange Vuln; Sonicwall Update; SANS.edu Research: OSS Security and Shifting Left Mass Internet Scanning from ASN 43350 Our undergraduate intern Duncan Woosley wrote up aggressive scans from ASN 43350 https://isc.sans.edu/diary/Mass+Internet+Scanning+from+ASN+4…

1
The Weekly Breach Breakdown Podcast: 123456 – Weak Password Leads to McDonald’s Data Breach - S6E24 5:53

2M ago5:53

5:53

Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for August 8, 2025. I'm Alex Achten, Senior Director of Communications & Media Relations of the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we a…

1
SANS Stormcast Thursday, August 7th, 2025: Sextortion Update; Adobe and Trend Micro release emergency patches (#) 5:07

2M ago5:07

5:07

SANS Stormcast Thursday, August 7th, 2025: Sextortion Update; Adobe and Trend Micro release emergency patches Do Sextortion Scams Still Work in 2025? Jan looked at recent sextortion emails to check if any of the crypto addresses in these emails received deposits. Sadly, some did, so these scams still work. https://isc.sans.edu/diary/Do%20sextortion…

1
SANS Stormcast Wednesday, August 6th, 2025: Machinekeys and VIEWSTATEs; Perplexity Unethical Learning; SonicWall Updates (#) 7:42

2M ago7:42

7:42

SANS Stormcast Wednesday, August 6th, 2025: Machinekeys and VIEWSTATEs; Perplexity Unethical Learning; SonicWall Updates Stealing Machinekeys for fun and profit (or riding the SharePoint wave) Bojan explains in detail how .NET uses Machine Keys to protect the VIEWSTATE, and how to abuse the VIEWSTATE for code execution if the Machine Keys are lost.…

1
SANS Stormcast Tuesday, August 05, 2025: Daily Trends Report; NVidia Triton RCE; Cursor AI Misconfiguration (#) 6:48

2M ago6:48

6:48

SANS Stormcast Tuesday, August 05, 2025: Daily Trends Report; NVidia Triton RCE; Cursor AI Misconfiguration Daily Trends Report A new trends report will bring you daily data highlights via e-mail. https://isc.sans.edu/diary/New%20Feature%3A%20Daily%20Trends%20Report/32170 NVidia Triton RCE Wiz found an interesting information leakage vulnerability …

1
SANS Stormcast Sunday, August 03, 2025: Legacy Protocols; Sonicwall SSL VPN Possible 0-Day; (#) 5:18

2M ago5:18

5:18

SANS Stormcast Sunday, August 03, 2025: Legacy Protocols; Sonicwall SSL VPN Possible 0-Day; Scans for pop3user with guessable password A particular IP assigned to a network that calls itself “Unmanaged” has been scanning telnet/ssh for a user called “pop3user” with passwords “pop3user” or “123456”. I assume they are looking for legacy systems that …

1
SANS Stormcast Friday, August 1st, 2025: Scattered Spider Domains; Excel Blocking Dangerous Links; CISA Releasing Thorium Platform (#) 5:42

2M ago5:42

5:42

SANS Stormcast Friday, August 1st, 2025: Scattered Spider Domains; Excel Blocking Dangerous Links; CISA Releasing Thorium Platform Scattered Spider Related Domain Names A quick demo of our domain feeds and how they can be used to find Scattered Spider related domains https://isc.sans.edu/diary/Scattered+Spider+Related+Domain+Names/32162 Excel Exter…

1
The Weekly Breach Breakdown Podcast by ITRC: Prime Target - S6E23 3:38

2M ago3:38

3:38

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for August 1, 2025. I’m Timothy Walden. Thanks to SentiLink for their support of the ITRC and this podcast. Each week, we examine the latest events and trends in data security and privacy.This week, we’re looking at an Amazon phishing scam that could impact more than 200…

1
SANS Stormcast Thursday July 31st, 2025: Firebase Security; WebKit Vuln Exploited; Scattered Spider Update (#) 6:40

2M ago6:40

6:40

SANS Stormcast Thursday July 31st, 2025: Firebase Security; WebKit Vuln Exploited; Scattered Spider Update Securing Firebase: Lessons Re-Learned from the Tea Breach Inspried by the breach of the Tea app, Brendon Evans recorded a video to inform of Firebase security issues https://isc.sans.edu/diary/Securing%20Firebase%3A%20Lessons%20Re-Learned%20fr…

1
SANS Stormcast Wednesday July 30th, 2025: Apple Updates; Python Triage; Papercut Vuln Exploited (#) 6:45

2M ago6:45

6:45

SANS Stormcast Wednesday July 30th, 2025: Apple Updates; Python Triage; Papercut Vuln Exploited Apple Updates Everything: July 2025 Edition Apple released updates for all of its operating systems patching 89 different vulnerabilities. Many vulnerabilities apply to multiple operating systems. https://isc.sans.edu/diary/Apple%20Updates%20Everything%3…

1
SANS Stormcast Tuesday, July 29th, 2025:Parasitic Exploits; Cisco ISE Exploit; MyASUS Vuln (#) 5:35

2M ago5:35

5:35

SANS Stormcast Tuesday, July 29th, 2025:Parasitic Exploits; Cisco ISE Exploit; MyASUS Vuln Parasitic SharePoint Exploits We are seeing attacks against SharePoint itself and attempts to exploit backdoors left behind by attackers. https://isc.sans.edu/diary/Parasitic%20Sharepoint%20Exploits/32148 Cisco ISE Vulnerability Exploited A recently patched v…