A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
…
continue reading
Center For Internet Security Podcasts
RunAs Radio is a weekly Internet Audio Talk Show for IT Professionals working with Microsoft products.
…
continue reading
In this podcast, networking guru Mattias Fridström, Chief Evangelist at Arelion and industry experts discuss all things Internet, networks, cloud and connectivity.
…
continue reading
Originally the “How to Cover Money” podcast series, ”We Mean Business” is produced by The Reynolds Center for Business Journalism, designed specifically for journalists who want to cover business better on their beats.
…
continue reading
#1 Place For Negotiators
…
continue reading
Over The Edge is a podcast about edge computing and those in the industry who are creating the future of the internet. On the show we talk to corporate leaders, open-source experts, technologists, journalists, analysts, and the community at large, to discuss technological innovations, trends, practical applications, business models, and the occasional far-flung theory. Over the Edge is brought to you by the generous sponsorship of Dell Technologies.
…
continue reading
1
SANS Stormcast Friday, July 18th, 2025: Extended File Attributes; Critical Cisco ISE Patch; VMWare Patches; Quarterly Oracle Patches (#)
4:55
4:55
Play later
Play later
Lists
Like
Liked
4:55
SANS Stormcast Friday, July 18th, 2025: Extended File Attributes; Critical Cisco ISE Patch; VMWare Patches; Quarterly Oracle Patches Hiding Payloads in Linux Extended File Attributes Xavier today looked at ways to hide payloads on Linux, similar to how alternate data streams are used on Windows. Turns out that extended file attributes do the trick,…
…
continue reading
1
The FDA lets ‘risky drugs’ into the U.S. market, ProPublica reporter explains their investigation
15:27
15:27
Play later
Play later
Lists
Like
Liked
15:27
The vast majority of drugs prescribed in the United States, including antidepressants, antibiotics, and sedatives, are generic drugs, many of which are manufactured in overseas factories. While the Food and Drug Administration (FDA) is tasked with enforcing drug safety standards and regulations, a ProPublica investigation found that many drugs stil…
…
continue reading
1
SANS Stormcast Thursday, July 17th, 2025: catbox.moe abuse; Sonicwall Attacks; Rendering Issues (#)
5:09
5:09
Play later
Play later
Lists
Like
Liked
5:09
SANS Stormcast Thursday, July 17th, 2025: catbox.moe abuse; Sonicwall Attacks; Rendering Issues More Free File Sharing Services Abuse The free file-sharing service catbox.moe is abused by malware. While it officially claims not to allow hosting of executables, it only checks extensions and is easily abused https://isc.sans.edu/diary/More%20Free%20F…
…
continue reading
1
SANS Stormcast Wednesday, July 16th, 2025: ADS Keystroke Logger; Fake Homebrew; Broadcom Altiris RCE; Malicious Cursor AI Extensions (#)
5:46
5:46
Play later
Play later
Lists
Like
Liked
5:46
SANS Stormcast Wednesday, July 16th, 2025: ADS Keystroke Logger; Fake Homebrew; Broadcom Altiris RCE; Malicious Cursor AI Extensions Keylogger Data Stored in an ADS Xavier came across a keystroke logger that stores data in alternate data streams. The data includes keystroke logs as well as clipboard data https://isc.sans.edu/diary/Keylogger%20Data%…
…
continue reading
What's happening with Fabric in 2025? While at Build, Richard chatted with Arun Ulag about the fantastic progress Fabric has made in the past year. Arun discusses expanding the product line beyond analytics to include real-time intelligence and hosting primary data workloads. The goal is to make it incredibly easy to get your organization's "data e…
…
continue reading
1
Jane Gunn with Derek Arden — Navigating Conflict in a Disrupted World
28:25
28:25
Play later
Play later
Lists
Like
Liked
28:25
Welcome to Monday Night Live 🎥 – Monday Night Live Jane Gunn — Navigating Conflict in a Disrupted World 🌍🕊️ This week on Monday Night Live, we welcomed back the brilliant Jane Gunn, internationally renowned mediator, lawyer, speaker, and author — known as The Barefoot Mediator. With decades of experience in helping individuals, teams, and organizat…
…
continue reading
1
SANS Stormcast Monday, July 14th, 2025: Web Honeypot Log Volume; Browser Extension Malware; RDP Forensics (#)
6:11
6:11
Play later
Play later
Lists
Like
Liked
6:11
SANS Stormcast Monday, July 14th, 2025: Web Honeypot Log Volume; Browser Extension Malware; RDP Forensics DShield Honeypot Log Volume Increase Within the last few months, there has been a dramatic increase in honeypot log volumes and how often these high volumes are seen. This has not just been from Jesse’s residential honeypot, which has historica…
…
continue reading
1
SANS Stormcast Monday, July 14th, 2025: Suspect Domain Feed; Wing FTP Exploited; FortiWeb Exploited; NVIDIA GPU Rowhammer (#)
6:54
6:54
Play later
Play later
Lists
Like
Liked
6:54
SANS Stormcast Monday, July 14th, 2025: Suspect Domain Feed; Wing FTP Exploited; FortiWeb Exploited; NVIDIA GPU Rowhammer Experimental Suspicious Domain Feed Our new experimental suspicious domain feed uses various criteria to identify domains that may be used for phishing or other malicious purposes. https://isc.sans.edu/diary/Experimental%20Suspi…
…
continue reading
1
SANS Stormcast Friday, July 11th, 2025: SSH Tunnel; FortiWeb SQL Injection; Ruckus Unpatched Vuln; Missing Motherboard Patches; (#)
5:49
5:49
Play later
Play later
Lists
Like
Liked
5:49
SANS Stormcast Friday, July 11th, 2025: SSH Tunnel; FortiWeb SQL Injection; Ruckus Unpatched Vuln; Missing Motherboard Patches; SSH Tunneling in Action: direct-tcp requests Attackers are compromising ssh servers to abuse them as relays. The attacker will configure port forwarding direct-tcp connections to forward traffic to a victim. In this partic…
…
continue reading
1
SANS Stormcast Thursday, July 10th, 2025: Internal CA with ACME; TapJacking on Android; Adobe Patches; (#)
5:18
5:18
Play later
Play later
Lists
Like
Liked
5:18
SANS Stormcast Thursday, July 10th, 2025: Internal CA with ACME; TapJacking on Android; Adobe Patches; Setting up Your Own Certificate Authority for Development: Why and How. Some tips on setting up your own internal certificate authority using the smallstep CA. https://isc.sans.edu/diary/Setting%20up%20Your%20Own%20Certificate%20Authority%20for%20…
…
continue reading
1
Building Real Software using PowerApps with Luise Freese
38:35
38:35
Play later
Play later
Lists
Like
Liked
38:35
How does a PowerApp become a fully-fledged software application? Richard chats with Luise Freese about her experience of taking a PowerApp built by an individual through the "onboarding process" of becoming a complete software application, including requirements, tests, deployment pipeline, security, user training, and more. It's easy to create a p…
…
continue reading
1
SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack; (#)
7:44
7:44
Play later
Play later
Lists
Like
Liked
7:44
SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack; Microsoft Patch Tuesday, July 2025 Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9 additional vulnerabilities not part of Microsoft's portfolio but distributed by Microsoft. 14 of these are rated critical. Only one of the vulnerabilities was discl…
…
continue reading
1
Wisdom in the Room – Special International Edition on Monday Night Live, hosted by Derek Arden!
44:26
44:26
Play later
Play later
Lists
Like
Liked
44:26
Welcome to Monday Night Live 🌟 Monday Night Live – Wisdom in the Room: Special International Edition 🌟 Oh, hello everybody, and welcome to this week’s Wisdom in the Room – Special International Edition on Monday Night Live, hosted by Derek Arden! This was an absolute global gathering of wisdom, packed with insight, humor, and heartfelt moments. Lea…
…
continue reading
1
SANS Stormcast Tuesday, July 8th, 2025: Detecting Filename (Windows); Atomic Stealer now with Backdoor; SEO Scams (#)
5:29
5:29
Play later
Play later
Lists
Like
Liked
5:29
SANS Stormcast Tuesday, July 8th, 2025: Detecting Filename (Windows); Atomic Stealer now with Backdoor; SEO Scams What’s My File Name Malware may use the GetModuleFileName API to detect if it was renamed to a name typical for analysis, like sample.exe or malware.exe https://isc.sans.edu/diary/What%27s%20My%20%28File%29Name%3F/32084 Atomic macOS inf…
…
continue reading
1
Congressional stock trading is hard to identify, but reporters persevere
20:16
20:16
Play later
Play later
Lists
Like
Liked
20:16
Congressional stock trading has been the topic of many pieces of legislation this past decade, but the U.S. is entering a new era with the Trump administration. After tariff movements that led to Democratic lawmakers proposing a ban on congressional stock trading, one journalist says it is a rare occasion where both sides are on the same page at th…
…
continue reading
1
SANS Stormcast Monday, July 7th, 2025: interesting usernames; More sudo issues; CitrixBleed2 PoC; Short Lived Certs (#)
5:48
5:48
Play later
Play later
Lists
Like
Liked
5:48
SANS Stormcast Monday, July 7th, 2025: interesting usernames; More sudo issues; CitrixBleed2 PoC; Short Lived Certs Interesting ssh/telnet usernames Some interesting usernames observed in our honeypots https://isc.sans.edu/diary/A%20few%20interesting%20and%20notable%20ssh%20telnet%20usernames/32080 More sudo trouble The host option in Sudo can be e…
…
continue reading
1
SANS Stormcast Thursday July 3rd, 2025: sudo problems; polymorphic zip files; cisco vulnerablity (#)
5:21
5:21
Play later
Play later
Lists
Like
Liked
5:21
SANS Stormcast Thursday July 3rd, 2025: sudo problems; polymorphic zip files; cisco vulnerablity Sudo chroot Elevation of Privilege The sudo chroot option can be leveraged by any local user to elevate privileges to root, even if no sudo rules are defined for that user. https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot Polym…
…
continue reading
1
More Azure Innovations with Mark Russinovich
30:18
30:18
Play later
Play later
Lists
Like
Liked
30:18
How has Azure been innovating lately? While at Build Richard chatted with Azure CTO Mark Russinovich about some of the latest innovations in Azure, including some of the new hardware available. Mark talks about working with hardware manufacturers to build servers optimized to the workloads the largest Azure customers need. The conversation also exp…
…
continue reading
1
Business journalists embrace Substack as a full-time platform
13:35
13:35
Play later
Play later
Lists
Like
Liked
13:35
While Substack may be a departure from the traditional news formula, its platform has benefited many journalists, including Joseph Politano, the data journalist behind Apricitas Economics. In this episode of We Mean Business, George Headley interviews Politano about what drove him to start his Substack newsletter and what drives him to continue pub…
…
continue reading
1
SANS Stormcast Monday June 30th, 2025: Scattered Spider; AMI BIOS Exploited; Secure Boot Certs Expiring; Microsoft Resliliency Initiative (#)
7:30
7:30
Play later
Play later
Lists
Like
Liked
7:30
SANS Stormcast Monday June 30th, 2025: Scattered Spider; AMI BIOS Exploited; Secure Boot Certs Expiring; Microsoft Resliliency Initiative Scattered Spider Update The threat actor known as Scattered Spider is in the news again, this time focusing on airlines. But the techniques used by Scattered Spider, social engineering, are still some of the most…
…
continue reading
1
Dylan Tweney—acclaimed IT journalist, former editor at Wired and VentureBeat, Derek Arden
28:21
28:21
Play later
Play later
Lists
Like
Liked
28:21
Welcome to Monday Night Live 🌟electrifying deep dive into the world of tech, journalism, AI, and digital wellbeing as we welcomed Dylan Tweney—acclaimed IT journalist, former editor at Wired and VentureBeat, and now a strategic communications coach. From interviewing Jeff Bezos to navigating the social-media slot machine, Dylan brought decades of f…
…
continue reading
1
SANS Stormcast Friday, June 27th, 2025: Open-VSX Flaw; Airoha Bluetooth Vulnerablity; Critical Cisco Identity Service Engine Vuln; (#)
6:48
6:48
Play later
Play later
Lists
Like
Liked
6:48
SANS Stormcast Friday, June 27th, 2025: Open-VSX Flaw; Airoha Bluetooth Vulnerablity; Critical Cisco Identity Service Engine Vuln; Open-VSX Flaw Puts Developers at Risk A flaw in the open-vsx extension marketplace could have let to the compromise of any extension offered by the marketplace. https://blog.koi.security/marketplace-takeover-how-we-coul…
…
continue reading
1
SANS Stormcast Thursday, June 26th, 2025: Another Netscaler Vuln; CentOS Web Panel Vuln; IP Based Certs (#)
5:53
5:53
Play later
Play later
Lists
Like
Liked
5:53
SANS Stormcast Thursday, June 26th, 2025: Another Netscaler Vuln; CentOS Web Panel Vuln; IP Based Certs NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543 Citrix patched a memory overflow vulnerability leading to unintended control flow and denial of service. https://support.citrix.com/support-home/kbsearch/article?articleNumbe…
…
continue reading
How do you get more from GitHub in your work routine? Richard chats with April Yoho about how sysadmins can take advantage of more GitHub features to make better quality scripts and more! April discusses the capabilities of GitHub Copilot to assist administrators in comprehending the intricacies of source management, including branching and merging…
…
continue reading
