The 1st Indonesian Christian Podcasters Community.
…
continue reading
IdN™ Podcasts
Obrolan semaunya!!! . . enjoy with podcast mennn Support this podcast: https://podcasters.spotify.com/pod/show/podcastmen/support
…
continue reading
Health Care Rounds is a weekly podcast developed for health care leaders who are at the forefront of health care delivery and payment reform. Join Darwin Research Group founder and CEO John Marchica as he discusses the latest advancements in health care business news and policy developments, including interviews with dynamic leaders in health care. John is a veteran health care strategist and is leading ongoing research initiatives on health care delivery systems and value-based care. Tags: ...
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Updated daily Indian news on 1am. India’s first daily news podcast.
…
continue reading
Healthcare Supply Chain Radio is brought to you by The Journal of Healthcare Contracting. Join us each week as Publisher John Pritchard is joined by a thought leader from the US Healthcare Supply Chain. Healthcare Supply Chain Radio will explore progressive tactics, models and collaborations seen in today’s Healthcare Supply Chain. You can expect to hear from leaders from our nation’s most progressive IDNs, Hospitals, GPOs, Distributors and Regional Collaboratives. The stakes have never been ...
…
continue reading
Welcome to the Market Access Podcast, your expert briefing on the latest in Market Access and Health Economics in the Bio-Pharmaceutical Industries.
…
continue reading
CMR Institute offers training that connects sales teams with their customers. We help pharmaceutical, medical device & diagnostic, and other life science professionals maximize market access, connect effectively with decision makers, and demonstrate the value of their products and services. These life science companies benefit from our extensive blended learning library which brings training alive when onboarding new hires, launching new products, developing leaders, meeting the need for con ...
…
continue reading
1
SANS Stormcast Wednesday, October 15th, 2025: Microsoft Patchday; Ivanti Advisory; Fortinet Patches
6:22
6:22
Play later
Play later
Lists
Like
Liked
6:22
Microsoft Patch Tuesday Microsoft not only released new patches, but also the last patches for Windows 10, Office 2016, Office 2019, Exchange 2016 and Exchange 2019. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20October%202025/32368 Ivanti Advisory Ivanti released an advisory with some mitigation steps users can take until the recently m…
…
continue reading
1
SANS Stormcast Tuesday, October 14th, 2025: ESAFENET Scans; Payroll Priates; MSFT Edge IE Mode
6:02
6:02
Play later
Play later
Lists
Like
Liked
6:02
Scans for ESAFENET CDG V5 We do see some increase in scans for the Chinese secure document management system, ESAFENET. https://isc.sans.edu/diary/Heads%20Up%3A%20Scans%20for%20ESAFENET%20CDG%20V5%20/32364 Investigating targeted payroll pirate attacks affecting US universities Microsoft wrote about how payroll pirates redirect employee paychecks vi…
…
continue reading
1
SANS Stormcast Monday, October 13th, 2025: More Oracle Patches; Sonicwall Compromisses; Unpatched Gladinet; 7-Zip Patches
5:56
5:56
Play later
Play later
Lists
Like
Liked
5:56
New Oracle E-Business Suite Patches Oracle released one more patch for the e-business suite. Oracle does not state if it is already exploited, but the timing of the patch suggests that it should be expedited. https://www.oracle.com/security-alerts/alert-cve-2025-61884.html Widespread Sonicwall SSLVPN Compromise Huntress Labs observed the widespread…
…
continue reading
1
SANS Stormcast Friday, October 10th, 2025: RedTail Defenses; SonicWall Breach; Crowdstrike “Issues”; Ivanti 0-days; Mapping Agentic Attack Surface (@sans_edu paper)
15:12
15:12
Play later
Play later
Lists
Like
Liked
15:12
Building Better Defenses: RedTail Observations Defending against attacks like RedTail is more then blocking IoCs, but instead one must focus on the techniques and tactics attackers use. https://isc.sans.edu/diary/Guest+Diary+Building+Better+Defenses+RedTail+Observations+from+a+Honeypot/32312 Sonicwall: It wasn t the user s fault Sonicwall admits to…
…
continue reading
1
SANS Stormcast Thursday, October 9th, 2025: Polymorphic Python; ssh ProxyCommand Vuln;
6:12
6:12
Play later
Play later
Lists
Like
Liked
6:12
Polymorphic Python Malware Xavier discovered self-modifying Python code on Virustotal. The remote access tool takes advantage of the inspect module to modify code on the fly. https://isc.sans.edu/diary/Polymorphic%20Python%20Malware/32354 SSH ProxyCommand Vulnerability A user cloning a git repository may be tricked into executing arbitrary code via…
…
continue reading
1
SANS Stormcast Wednesday, October 8th, 2025: FreePBX Exploits; Disrupting Teams Threats; Kibana and QT SVG Patches
5:57
5:57
Play later
Play later
Lists
Like
Liked
5:57
By Dr. Johannes B. Ullrich
…
continue reading
1
SANS Stormcast Tuesday, October 7th, 2025: More About Oracle; Redis Vulnerability; GoAnywhere Exploited
5:33
5:33
Play later
Play later
Lists
Like
Liked
5:33
By Dr. Johannes B. Ullrich
…
continue reading
1
SANS Stormcast Monday, October 6th, 2025: Oracle 0-Day
6:28
6:28
Play later
Play later
Lists
Like
Liked
6:28
Oracle E-Business Suite 0-Day CVE-2025-61882 Last week, the Cl0p ransomware gang sent messages to many businesses stating that an Oracle E-Business Suite vulnerability was used to exfiltrate data. Initially, Oracle believed the root cause to be a vulnerability patched in June, but now Oracle released a patch for a new vulnerability. https://www.ora…
…
continue reading
1
The New Rules of Health System Leadership w/ John D’Angelo, MD, FACEP
28:55
28:55
Play later
Play later
Lists
Like
Liked
28:55
What does it take to lead 100,000 health care workers through constant disruption? In this episode of Health Care Rounds, host John Marchica sits down with John D’Angelo, MD, FACEP, President & CEO of Northwell Health, to discuss his journey from physician to chief executive. Dr. D'Angelo shares critical lessons learned from managing COVID-19 surge…
…
continue reading
1
SANS Stormcast Friday, October 3rd, 2025: More .well-known Scans; RedHat Openshift Patch; TOTOLINK Vuln;
6:35
6:35
Play later
Play later
Lists
Like
Liked
6:35
More .well-known scans Attackers are using API documentation automatically published in the .well-known directory for reconnaissance. https://isc.sans.edu/diary/More%20.well-known%20Scans/32340 RedHat Patches Openshift AI Services A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, fo…
…
continue reading
1
SANS Stormcast Thursday, October 2nd, 2025: Honeypot Passwords; OneLogin Vuln; Breaking Intel SGX; OpenSSL Patch
8:11
8:11
Play later
Play later
Lists
Like
Liked
8:11
Comparing Honeypot Passwords with HIBP Most passwords used against our honeypots are also found in the Have I been pwn3d list. However, the few percent that are not found tend to be variations of known passwords, extending them to find likely mutations. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Comparing%20Honeypot%20Passwords%20with%20HIBP/…
…
continue reading
1
SANS Stormcast Wednesday, October 1st, 2025: Cookie Auth Issues; Western Digtial Command Injection; sudo exploited;
5:10
5:10
Play later
Play later
Lists
Like
Liked
5:10
Sometimes you don t even need to log in Applications using simple, predictable cookies to verify a user s identity are still exploited, and relatively recent vulnerabilities are still due to this very basic mistake. https://isc.sans.edu/diary/%22user%3Dadmin%22.%20Sometimes%20you%20don%27t%20even%20need%20to%20log%20in./32334 Western Digital My Clo…
…
continue reading
1
SANS Stormcast Tuesday, September 30th, 2025: Apple Patch; PAN Global Protect Scans; SSL.com signed malware
5:06
5:06
Play later
Play later
Lists
Like
Liked
5:06
Apple Patches Apple released patches for iOS, macOS, and visionOS, fixing a single font parsing vulnerability https://isc.sans.edu/diary/Apple%20Patches%20Single%20Vulnerability%20CVE-2025-43400/32330 Increase in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400). Our honeypots detected an increase in scans for a Palo Alto Global Prot…
…
continue reading
1
SANS Stormcast Monday, September 29th, 2025: Convert Timestamps; Cisco Compromises; GitHub Notification Phishing
8:36
8:36
Play later
Play later
Lists
Like
Liked
8:36
Converting Timestamps in .bash_history Unix shells offer the ability to add timestamps to commands in the .bash_history file. This is often done in the form of Unix timestamps. This new tool converts these timestamps into a more readable format. https://isc.sans.edu/diary/New%20tool%3A%20convert-ts-bash-history.py/32324 Cisco ASA/FRD Compromises Ex…
…
continue reading
1
SANS Stormcast Friday, September 26th, 2025: Webshells in .well-known; Critical Cisco Vulns Exploited; XCSSET Update; GoAnywhere MFT Exploit Details
6:52
6:52
Play later
Play later
Lists
Like
Liked
6:52
Webshells Hiding in .well-known Places Our honeypots registered an increase in scans for URLs in the .well-known directory, which appears to be looking for webshells. https://isc.sans.edu/diary/Webshells%20Hiding%20in%20.well-known%20Places/32320 Cisco Patches Critical Exploited Vulnerabilities Cisco released updates addressing already-exploited vu…
…
continue reading
1
SANS Stormcast Thursday, September 25th, 2025: Hikvision Exploits; Cisco Patches; Sonicawall Anit-Rootkit Patch; Windows 10 Support
5:33
5:33
Play later
Play later
Lists
Like
Liked
5:33
Exploit Attempts Against Older Hikvision Camera Vulnerability Out honeypots observed an increase in attacks against some older Hikvision issues. A big part of the problem is weak passwords, and the ability to send credentials as part of the URL. https://isc.sans.edu/diary/Exploit%20Attempts%20Against%20Older%20Hikvision%20Camera%20Vulnerability/323…
…
continue reading
1
SANS Stormcast Wednesday, September 24th, 2025: DoS against the Analyst; GitHub Improvements; Solarwinds and Supermicro BMC vulnerabilities
7:22
7:22
Play later
Play later
Lists
Like
Liked
7:22
Distracting the Analyst for Fun and Profit Our undergraduate intern, Tyler House analyzed what may have been a small DoS attack that was likely more meant to distract than to actually cause a denial of service https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Distracting%20the%20Analyst%20for%20Fun%20and%20Profit/32308 GitHub s plan for a more secur…
…
continue reading
1
SANS Stormcast Tuesday, September 23rd, 2025: Ivanti EPMM Exploit; GitHub Impersonation
4:49
4:49
Play later
Play later
Lists
Like
Liked
4:49
CISA Reports Ivanti EPMM Exploit Sightings Two different organizations submitted backdoors to CISA, which are believed to have been installed using Ivanti vulnerabilities patched in May. https://www.cisa.gov/news-events/analysis-reports/ar25-261a Lastpass Observes Impersonation on GitHub Lastpass noted a number of companies being impersonated via f…
…
continue reading
1
SANS Stormcast Monday, September 22nd, 2025: Odd HTTP Reuqest; GoAnywhere MFT Bug; EDR Freeze
9:02
9:02
Play later
Play later
Lists
Like
Liked
9:02
Help Wanted: What are these odd requests about? An odd request is hitting a number of our honeypots with a somewhat unusual HTTP request header. Please let me know if you no what the request is about. https://isc.sans.edu/forums/diary/Help+Wanted+What+are+these+odd+reuqests+about/32302/ Forta GoAnywhere MFT Vulnerability Forta s GoAnywhere MFT prod…
…
continue reading
1
Fighting Back Against Insurance Denials w/ Neal Shah
38:37
38:37
Play later
Play later
Lists
Like
Liked
38:37
Insurance denials are exploding, and they’re costing lives. In this episode of Health Care Rounds, host John Marchica sits down with Neal Shah, CEO of CareYaya and Counterforce Health, to unpack the broken insurance system and the AI-driven surge in claim rejections. Neal shares how his personal caregiving experiences shaped his mission, why most p…
…
continue reading
1
SANS Stormcast Friday, September 19th, 2025: Honeypot File Analysis (@sans_edu); SonicWall Breach; DeepSeek Bias; Chrome 0-day
7:14
7:14
Play later
Play later
Lists
Like
Liked
7:14
Exploring Uploads in a Dshield Honeypot Environment This guest diary by one of our SANS.edu undergraduate interns shows how to analyze files uploaded to Cowrie https://isc.sans.edu/diary/Exploring%20Uploads%20in%20a%20Dshield%20Honeypot%20Environment%20%5BGuest%20Diary%5D/32296 Sonicwall Breach SonicWall MySonicWall accounts were breached via crede…
…
continue reading
1
SANS Stormcast Thursday, September 18th, 2025: DLL Hooking; Entra ID Actor Tokens; Watchguard and NVidia Patches
6:31
6:31
Play later
Play later
Lists
Like
Liked
6:31
CTRL-Z DLL Hooking Attackers may use a simple reload trick to overwrite breakpoints left by analysts to reverse malicious binaries. https://isc.sans.edu/diary/CTRL-Z%20DLL%20Hooking/32294 Global Admin in every Entra ID tenant via Actor tokens As part of September s patch Tuesday, Microsoft patched CVE-2025-55241. The discoverer of the vulnerability…
…
continue reading
1
SANS Stormcast Wednesday, September 17th, 2025: Phishing Resistants; More npm Attacks; ChatGPT MCP abuse
8:47
8:47
Play later
Play later
Lists
Like
Liked
8:47
Why You Need Phishing-Resistant Authentication NOW. The recent compromise of a number of high-profile npmjs.com accounts has yet again shown how dangerous a simple phishing email can be. https://isc.sans.edu/diary/Why%20You%20Need%20Phishing%20Resistant%20Authentication%20NOW./32290 S1ngularity/nx Attackers Strike Again A second wave of attacks has…
…
continue reading
1
SANS Stormcast Tuesday, September 16th, 2025: Apple Updates; Rust Phishing; Samsung 0-day
6:42
6:42
Play later
Play later
Lists
Like
Liked
6:42
Apple Updates Apple released major updates for all of its operating systems. In addition to new features, these updates patch 33 different vulnerabilities. https://isc.sans.edu/diary/Apple%20Updates%20Everything%20-%20iOS%20macOS%2026%20Edition/32286 Microsoft End of Life October 14th, support for Windows 10, Exchange 2016, and Exchange 2019 will e…
…
continue reading
1
SANS Stormcast Monday, September 15th, 2025: More Archives; Salesforce Attacks; White Cobra; BSides Augusta
6:06
6:06
Play later
Play later
Lists
Like
Liked
6:06
Web Searches For Archives Didier observed additional file types being searched for as attackers continue to focus on archive files as they spider web pages https://isc.sans.edu/diary/Web%20Searches%20For%20Archives/32282 FBI Flash Alert: Salesforce Attacks The FBI is alerting users of Salesforce of two different threat actors targeting Salesforce. …
…
continue reading
1
SANS Stormcast Friday, September 12th, 2025: DShield SIEM Update; Another Sonicwall Warning; Website Keystroke Logging
6:38
6:38
Play later
Play later
Lists
Like
Liked
6:38
DShield SIEM Docker Updates Guy updated the DShield SIEM which graphically summarizes what is happening inside your honeypot. https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/32276 Again: Sonicwall SSL VPN Compromises The Australian Government s Signals Directorate noted an increase in compromised Sonicwall devices. https://www.cyber.go…
…
continue reading
1
SANS Stormcast Thursday, September 11th, 2025: BASE64 in DNS; Google Chrome, Ivantii and Sophos Patches; Apple Memory Integrity Feature
7:12
7:12
Play later
Play later
Lists
Like
Liked
7:12
BASE64 Over DNS The base64 character set exceeds what is allowable in DNS. However, some implementations will work even with these invalid characters. https://isc.sans.edu/diary/BASE64%20Over%20DNS/32274 Google Chrome Update Google released an update for Google Chrome, addressing two vulnerabilities. One of the vulnerabilities is rated critical and…
…
continue reading
1
SANS Stormcast Wednesday, September 10th, 2025: Microsoft Patch Tuesday;
8:25
8:25
Play later
Play later
Lists
Like
Liked
8:25
Microsoft Patch Tuesday As part of its September patch Tuesday, Microsoft addressed 177 different vulnerabilities, 86 of which affect Microsoft products. None of the vulnerabilities has been exploited before today. Two of the vulnerabilities were already made public. Microsoft rates 13 of the vulnerabilities are critical. https://isc.sans.edu/diary…
…
continue reading
1
SANS Stormcast Tuesday, September 9th, 2025: Major npm compromise; HTTP Request Signature
8:44
8:44
Play later
Play later
Lists
Like
Liked
8:44
Major npm compromise A number of high-profile npm libraries were compromised after developers fell for a phishing email. This compromise affected libraries with a total of hundreds of millions of downloads a week. https://bsky.app/profile/bad-at-computer.bsky.social/post/3lydioq5swk2y https://github.com/orgs/community/discussions/172738 https://git…
…
continue reading
1
SANS Stormcast Monday, September 8th, 2025: YARA to Debugger Offsets; SVG JavaScript Phishing; FreePBX Patches;
5:34
5:34
Play later
Play later
Lists
Like
Liked
5:34
From YARA Offsets to Virtual Addresses Xavier explains how to convert offsets reported by YARA into offsets suitable for the use with debuggers. https://isc.sans.edu/diary/From%20YARA%20Offsets%20to%20Virtual%20Addresses/32262 Phishing via JavaScript in SVG Files Virustotal uncovered a Colombian phishing campaign that takes advantage of JavaScript …
…
continue reading
1
Treating Healthcare's Misinformation Problem w/ Dr. Geeta Nayyar
34:09
34:09
Play later
Play later
Lists
Like
Liked
34:09
Why do people trust Google and TikTok more than their doctors? Dr. Geeta Nayyar, MD, MBA, the author of Dead Wrong: Diagnosing and Treating Healthcare's Misinformation Illness, joins the show to break down how misinformation spreads, why patient trust continues to decline, and what health leaders must do to lead the cure. ==========================…
…
continue reading
1
SANS Stormcast Friday, September 5th, 2025: Cloudflare Response to 1.1.1.1 Certificate; AI Modem Namespace Reuse; macOS Vulnerability Allowed Keychain Decryption
8:18
8:18
Play later
Play later
Lists
Like
Liked
8:18
Unauthorized Issuance of Certificate for 1.1.1.1 Cloudflare published a blog post with more details regarding the bad 1.1.1.1 certificate that was issued by Fina. https://blog.cloudflare.com/unauthorized-issuance-of-certificates-for-1-1-1-1/ AI Model Namespace Reuse Deleted accounts on Huggingface can be taken over by other entities unrelated to th…
…
continue reading
1
SANS Stormcast Thursday, September 4th, 2025: Dassault DELMIA Apriso Exploit Attempts; Android Updates; 1.1.1.1 Certificate Issued
6:22
6:22
Play later
Play later
Lists
Like
Liked
6:22
Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086 Our honeypots detected attacks against the manufacturing management system DELMIA Apriso. The deserialization vulnerability was patched in June and is one of a few critical vulnerabilities patched in recent months. https://isc.sans.edu/diary/Exploit%20Attempts%20for%20Dassault%20DELMIA%20Ap…
…
continue reading
1
SANS Stormcast Wednesday, September 3rd, 2025: Sextortiion Analysis; Covert Channel DNS/ICMP; Azure AD Secret Theft; Official FreePBX Patches
5:29
5:29
Play later
Play later
Lists
Like
Liked
5:29
A Quick Look at Sextortion at Scale Jan analyzed 1900 different sextortion messages using 205 different Bitcoin addresses to look at the success rate, lifetime, and other metrics defining these campaigns. https://isc.sans.edu/diary/A%20quick%20look%20at%20sextortion%20at%20scale%3A%201%2C900%20messages%20and%20205%20Bitcoin%20addresses%20spanning%2…
…
continue reading
1
SANS Stormcast Tuesday, September 2nd, 2025: pdf-parser Patch; Salesloft Compromise; Velociraptor Abuse; NeuVector Default Password
5:39
5:39
Play later
Play later
Lists
Like
Liked
5:39
pdf-parser: All Streams Didier released a new version of pdf-parser.py. This version fixes a problem with dumping all filtered streams. https://isc.sans.edu/diary/pdf-parser%3A%20All%20Streams/32248 Salesloft Drift Putting OAuth Tokens at Risk OAuth tokens used by Salesloft Drift users to provide access to integrations with Salesforce, Google Works…
…
continue reading
1
SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch
5:45
5:45
Play later
Play later
Lists
Like
Liked
5:45
Increasing Searches for ZIP Files Attackers are scanning our honeypots more and more for .zip files. They are looking for backups of credential files and the like left behind by careless administrators and developers. https://isc.sans.edu/diary/Increasing%20Searches%20for%20ZIP%20Files/32242 FreePBX Vulnerability An upatched vulnerability in FreePB…
…
continue reading
1
SANS Stormcast Thursday, August 28th, 2025: Launching Shellcode; NX Compromise; Volt Typhoon Report
6:39
6:39
Play later
Play later
Lists
Like
Liked
6:39
Interesting Technique to Launch a Shellcode Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code. https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238 NX Compromised to Steal Wallets and Credentials The popular open source NX build package was compromised. Code was added that uses…
…
continue reading
1
SANS Stormcast Wednesday, August 27th, 2025: Analyzing IDNs; Netscaler 0-Day Vuln; Git Vuln Exploited;
5:43
5:43
Play later
Play later
Lists
Like
Liked
5:43
Getting a Better Handle on International Domain Names and Punycode International Domain names can be used for phishing and other attacks. One way to identify suspect names is to look for mixed script use. https://isc.sans.edu/diary/Getting%20a%20Better%20Handle%20on%20International%20Domain%20Names%20and%20Punycode/32234 Citrix Netscaler Vulnerabil…
…
continue reading
1
SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln
5:01
5:01
Play later
Play later
Lists
Like
Liked
5:01
Reading Location Position Value in Microsoft Word Documents Jessy investigated how Word documents store the last visited document location in the registry. https://isc.sans.edu/diary/Reading%20Location%20Position%20Value%20in%20Microsoft%20Word%20Documents/32224 Weaponizing image scaling against production AI systems AI systems often downscale imag…
…
continue reading
1
SANS Stormcast Monday, August 25th, 2025: IP Cleanup; Linux Desktop Attacks; Malicious Go SSH Brute Forcer; Onmicrosoft Domain Restrictions
6:04
6:04
Play later
Play later
Lists
Like
Liked
6:04
The end of an era: Properly formatted IP addresses in all of our data. When initiall designing DShield, addresses were zero padded , an unfortunate choice. As of this week, datafeeds should no longer be zero padded . https://isc.sans.edu/diary/The%20end%20of%20an%20era%3A%20Properly%20formated%20IP%20addresses%20in%20all%20of%20our%20data./32228 .d…
…
continue reading
1
The Truth About PBMs and Drug Pricing w/ Dr. Alan Pannier
41:22
41:22
Play later
Play later
Lists
Like
Liked
41:22
Pharmacy benefit managers (PBMs) play a pivotal role in drug pricing, yet their practices often remain shrouded in a black box of rebates, spread pricing, and misaligned incentives. In this installment of our Pharma Series, Alan Pannier, Senior Vice President of Product Strategy at SmithRx, breaks down how legacy PBMs use opaque contracts and verti…
…
continue reading
1
SANS Stormcast Friday, August 22nd, 2025: The -n switch; Commvault Exploit; Docker Desktop Escape Vuln;
6:52
6:52
Play later
Play later
Lists
Like
Liked
6:52
Don't Forget The "-n" Command Line Switch Disabling reverse DNS lookups for IP addresses is important not just for performance, but also for opsec. Xavier is explaining some of the risks. https://isc.sans.edu/diary/Don%27t%20Forget%20The%20%22-n%22%20Command%20Line%20Switch/32220 watchTowr releases details about recent Commvault flaws Users of the …
…
continue reading
1
SANS Stormcast Thursday, August 21st, 2025: Airtel Scans; Apple Patch; Microsoft Copilot Audit Log Issue; Password Manager Clickjacking
6:52
6:52
Play later
Play later
Lists
Like
Liked
6:52
Airtel Router Scans and Mislabeled Usernames A quick summary of some odd usernames that show up in our honeypot logs https://isc.sans.edu/diary/Airtel%20Router%20Scans%2C%20and%20Mislabeled%20usernames/32216 Apple Patches 0-Day CVE-2025-43300 Apple released an update for iOS, iPadOS and MacOS today patching a single, already exploited, vulnerabilit…
…
continue reading
1
SANS Stormcast Wednesday, August 20th, 2025: Increased Elasticsearch Scans; MSFT Patch Issues
6:07
6:07
Play later
Play later
Lists
Like
Liked
6:07
Increased Elasticsearch Recognizance Scans Our honeypots noted an increase in reconnaissance scans for Elasticsearch. In particular, the endpoint /_cluster/settings is hit hard. https://isc.sans.edu/diary/Increased%20Elasticsearch%20Recognizance%20Scans/32212 Microsoft Patch Tuesday Issues Microsoft noted some issues deploying the most recent patch…
…
continue reading
1
SANS Stormcast Tuesday, August 19th, 2025: MFA Bombing; Cisco Firewall Management Vuln; F5 Access for Android Vuln;
5:10
5:10
Play later
Play later
Lists
Like
Liked
5:10
Keeping an Eye on MFA Bombing Attacks Attackers will attempt to use authentication fatigue by bombing users with MFA authentication requests. Rob is talking in this diary about how to investigate these attacks in a Microsoft ecosystem. https://isc.sans.edu/diary/Keeping+an+Eye+on+MFABombing+Attacks/32208 Critical Cisco Secure Firewall Management Ce…
…
continue reading
1
SANS Stormcast Monday, August 18th, 2025: 5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln
5:43
5:43
Play later
Play later
Lists
Like
Liked
5:43
SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations Researchers from the Singapore University of Technology and Design released a new framework, SNI5GECT, to passively sniff and inject traffic into 5G data streams, leading to DoS, downgrade and other attacks. https://isc.sans.edu/diary/SNI5GECT%3A%20Sniffing%20and%20Injecting%20…
…
continue reading
1
SANS Stormcast Friday, August 15th, 2025: Analysing Attack with AI; Proxyware via YouTube; Xerox FreeFlow Vuln; Evaluating Zero Trust @SANS_edu
15:12
15:12
Play later
Play later
Lists
Like
Liked
15:12
AI and Faster Attack Analysis A few use cases for LLMs to speed up analysis https://isc.sans.edu/diary/AI%20and%20Faster%20Attack%20Analysis%20%5BGuest%20Diary%5D/32198 Proxyware Malware Being Distributed on YouTube Video Download Site Popular YouTube download sites will attempt to infect users with proxyware. https://asec.ahnlab.com/en/89574/ Xero…
…
continue reading
1
SANS Stormcast Thursday, August 14th, 2025: Equation Editor; Kerberos Patch; XZ-Utils Backdoor; ForitSIEM/FortiWeb patches
7:16
7:16
Play later
Play later
Lists
Like
Liked
7:16
CVE-2017-11882 Will Never Die The (very) old equation editor vulnerability is still being exploited, as this recent sample analyzed by Xavier shows. The payload of the Excel file attempts to download and execute an infostealer to exfiltrate passwords via email. https://isc.sans.edu/diary/CVE-2017-11882%20Will%20Never%20Die/32196 Windows Kerberos El…
…
continue reading
1
SANS Stormcast Wednesday, August 13th, 2025: Microsoft Patch Tuesday; libarchive vulnerability upgrade; Adobe Patches
8:55
8:55
Play later
Play later
Lists
Like
Liked
8:55
Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202025%20Patch%20Tuesday/32192 https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/ libarchive Vulnerability A libarchive vulnerability patched in June was upgraded from a low CVSS score to a critical one. Libarchive is used by compression…
…
continue reading
1
SANS Stormcast Tuesday, August 12th, 2025: Erlang OTP SSH Exploits (Palo Alto Networks); Winrar Exploits; Netscaler Exploits; OpenSSH Pushing PQ Crypto;
6:52
6:52
Play later
Play later
Lists
Like
Liked
6:52
Erlang OTP SSH Exploits A recently patched and easily exploited vulnerability in Erlang/OTP SSH is being exploited. Palo Alto collected some of the details about this exploit activity that they observed. https://unit42.paloaltonetworks.com/erlang-otp-cve-2025-32433/ WinRAR Exploited WinRAR vulnerabilities are actively being exploited by a number of…
…
continue reading
