Best Ingress Insights Podcasts (2025)

1
BONUS - What is an XM Anomaly? 6:22

6h ago6:22

6:22

This is a bonus episode of Ingress Insights, explaining what an Anomaly is. It was recorded on 1st February 2025. Show Notes Ingress Events - Anomalies Ingress XM Anomaly and Ticketed Event FAQ Social Media ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Buy an Ingress Insights mug, t-shirt or pin⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Threads⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠…

1
SANS Stormcast Tuesday, June 3rd, 2025: Windows SSH C2; Google Removes CAs from trusted list; MSFT issues Emergency Patch to fix Crash issue; Qualcom Adreno GPU 0-day 6:06

2h ago6:06

6:06

Simple SSH Backdoor Xavier came across a simple SSH backdoor taking advantage of the ssh client preinstalled on recent Windows systems. The backdoor is implemented via an SSH configuration file that instructs the SSH client to connect to a remote system and forward a shell on a random port. This will make the shell accessible to anybody able to con…

1
SANS Stormcast Monday, June 2nd, 2025: PNG with RAT; Cisco IOS XE WLC Exploit; vBulletin Exploit 5:42

18h ago5:42

5:42

A PNG Image With an Embedded Gift Xavier shows how Python code attached to a PNG image can be used to implement a command and control channel or a complete remote admin kit. https://isc.sans.edu/diary/A+PNG+Image+With+an+Embedded+Gift/31998 Cisco IOS XE WLC Arbitrary File Upload Vulnerability (CVE-2025-20188) Analysis Horizon3 analyzed a recently p…

1
SANS Stormcast Friday, May 30th 2025: Alternate Data Streams; Connectwise Breach; Google Calendar C2; 13:47

1d ago13:47

13:47

Alternate Data Streams: Adversary Defense Evasion and Detection Good Primer of alternate data streams and how they are abused, as well as how to detect and defend against ADS abuse. https://isc.sans.edu/diary/Alternate%20Data%20Streams%20%3F%20Adversary%20Defense%20Evasion%20and%20Detection%20%5BGuest%20Diary%5D/31990 Connectwise Breach Affects Scr…

1
SANS Stormcast Thursday May 29th 2025: LLM Assisted Analysis; MSP Ransomware; Everetz Vulnerability 6:10

2d ago6:10

6:10

Exploring a Use Case of Artificial Intelligence Assistance with Understanding an Attack Jennifer Wilson took a weird string found in a recent honeypot sample and worked with ChatGPT to figure out what it is all about. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Exploring%20a%20Use%20Case%20of%20Artificial%20Intelligence%20Assistance%20with%20U…

1
SANS Stormcast Wednesday May 28th 2025: Securing authorized_keys; ADAuditPlus SQL Injection; Dero Miner vs Docker API 6:37

3d ago6:37

6:37

SSH authorized_keys File One of the most common techniques used by many bots is to add rogue keys to the authorized_keys file, implementing an SSH backdoor. Managing these files and detecting unauthorized changes is not hard and should be done if you operate Unix systems. https://isc.sans.edu/diary/Securing%20Your%20SSH%20authorized_keys%20File/319…

1
SANS Stormcast Tuesday, May 27th 2025: SVG Steganography; Fortinet PoC; GitLab Duo Prompt Injection 7:13

4d ago7:13

7:13

SVG Steganography Steganography is not only limited to pixel-based images but can be used to embed messages into vector-based formats like SVG. https://isc.sans.edu/diary/SVG%20Steganography/31978 Fortinet Vulnerability Details CVE-2025-32756 Horizon3.ai shows how it was able to find the vulnerability in Fortinet s products, and how to possibly exp…

1
Episode 97 - Mission Days paused & 2sDay cancelled 38:45

6d ago38:45

38:45

Join PkmnTrainerJ in the latest +Theta, Ingress and Wayfarer & Niantic Spatial news for the +Theta Anomaly Season. What awaits at the end of the 2025 seasons? This is the 97th episode of Ingress Insights, as well as Season 3 - Episode 22, and was recorded on 23rd May 2025 and released on 25th May 2025. Sponsors ⁠⁠XP Brew⁠⁠ Show Notes ⁠⁠⁠⁠May 17th A…

1
SANS Stormcast Friday, May 23rd 2025: Backup Connectivity; Windows 2025 dMSA Abuse; Samlify Vulnerability 7:54

8d ago7:54

7:54

Resilient Secure Backup Connectivity for SMB/Home Users Establishing resilient access to a home network via a second ISP may lead to unintended backdoors. Secure the access and make sure you have the visibility needed to detect abuse. https://isc.sans.edu/diary/Resilient%20Secure%20Backup%20Connectivity%20for%20SMB%20Home%20Users/31972 BadSuccessor…

1
SANS Stormcast Thursday, May 22nd 2025: Crypto Confidence Scams; Extension Mayhem for VS Code and Chrome 6:21

9d ago6:21

6:21

New Variant of Crypto Confidence Scam Scammers are offering login credentials for what appears to be high value crypto coin accounts. However, the goal is to trick users into paying for expensive VIP memberships to withdraw the money. https://isc.sans.edu/diary/New%20Variant%20of%20Crypto%20Confidence%20Scam/31968 Malicious Chrome Extensions Malici…

1
SANS Stormcast Wednesday, May 21st 2025: Researchers Scanning the Internet; Forgotten DNS Records; openpgp.js Vulneraiblity 7:51

10d ago7:51

7:51

Researchers Scanning the Internet A newish RFC, RFC 9511, suggests researchers identify themselves by adding strings to the traffic they send, or by operating web servers on machines from which the scan originates. We do offer lists of researchers and just added three new groups today https://isc.sans.edu/diary/Researchers%20Scanning%20the%20Intern…

1
SANS Stormcast Tuesday, May 20th 2025: AutoIT Code RAT; Fake Keepass Download; Procolored Printer Software Compromise 6:41

11d ago6:41

6:41

RAT Dropped By Two Layers of AutoIT Code Xavier explains how AutoIT was used to install a remote admin tool (RAT) and how to analyse such a tool https://isc.sans.edu/diary/RAT%20Dropped%20By%20Two%20Layers%20of%20AutoIT%20Code/31960 RVTools compromise confirmed Robware.net, the site behind the popular tool RVTools now confirmed that it was compromi…

1
SANS Stormcast Monday, May 18th 2025: xorsearch python functions; pwn2own Berlin; senior govt official impersonation; dynamic domain risk 6:30

12d ago6:30

6:30

xorsearch.py: Python Functions Didier s xorsearch tool now supports python functions to filter output https://isc.sans.edu/diary/xorsearch.py%3A%20Python%20Functions/31858 Pwn2Own Berlin 2025 Last weeks Pwn2Own contest in Berlin allowed researchers to demonstrate a number of new exploits with a large focus on privilege escalation and virtual machin…

1
Episode 96 - Never raid alone again/The tale of Niantic Campfire 17:31

16d ago17:31

17:31

Join PkmnTrainerJ in the latest +Theta, Ingress and Wayfarer news for the +Theta Anomaly Season. What awaits at the end of the 2025 seasons? This is the 96th episode of Ingress Insights, as well as Season 3 - Episode 21, and was recorded on 14th May and released on 18th May. Show Notes Closed Beta of Niantic Chat begins Niantic Chat updates to v1.3…

1
SANS Stormcast Friday, May 16th: Increase in Sonicwall Scans; RVTools Compromised?; RountPress 6:26

15d ago6:26

6:26

Web Scanning SonicWall for CVE-2021-20016 - Update Scans for SonicWall increased by an order of magnitude over the last couple of weeks. Many of the attacks appear to originate from Global Host , a low-cost virtual hosting provider. https://isc.sans.edu/diary/Web%20Scanning%20SonicWall%20for%20CVE-2021-20016%20-%20Update/31952 Google Update Patches…

1
SANS Stormcast Thursday, May 15th: Google Open Redirects; Adobe, Ivanti, and Samsung patches 6:16

17d ago6:16

6:16

Another day, another phishing campaign abusing google.com open redirects Google s links from it s maps page to hotel listings do suffer from an open redirect vulnerability that is actively exploited to direct users to phishing pages. https://isc.sans.edu/diary/Another%20day%2C%20another%20phishing%20campaign%20abusing%20google.com%20open%20redirect…

1
Mental Health Awareness & ALGEE 4:55

17d ago4:55

4:55

Hey Agents, take some time to chill out and learn about ALGEE, let me know if Ingress is good for your mental health and where to get support*. Our regular episode will be out on Sunday but remember to take some time for yourself and your mental health! *Note: I am in the UK, so have made some UK specific recommendations, if you have any others I s…

1
SANS Stormcast Wednesday, May 14th: Microsoft Patch Tuesday; 0-Days patched for Ivanti Endpoint Manager and Fortinet Products 6:38

17d ago6:38

6:38

Microsoft Patch Tuesday Microsoft patched 70-78 vulnerabilities (depending on how you count them). Five of these vulnerabilities are already being exploited. In particular, a remote code execution vulnerability in the scripting engine should be taken seriously. It requires the Microsoft Edge browser to run in Internet Explorer mode. https://isc.san…

1
SANS Stormcast Tuesday, May 12th: Apple Patches; Unipi Technologies Scans; 6:29

18d ago6:29

6:29

Apple Updates Everything Apple patched all of its operating systems. This update ports a patch for a recently exploited vulnerability to older versions of iOS and macOS. https://isc.sans.edu/diary/31942 It Is 2025, And We Are Still Dealing With Default IoT Passwords And Stupid 2013 Router Vulnerabilities Versions of the Mirai botnet are attacking d…

1
SANS Stormcast Monday, May 11th: Steganography Challenge; End-of-Life Routers; ASUS Driverhub; RV-Tools SEO Poisoning 6:39

19d ago6:39

6:39

Steganography Challenge Didier revealed the solution to last weekend s cryptography challenge. The image used the same encoding scheme as Didier described before, but the columns and rows were transposed. https://isc.sans.edu/forums/diary/Steganography%20Challenge%3A%20My%20Solution/31912/ FBI Warns of End-of-life routers The FBI is tracking larger…

1
Episode 95 - The end of automatic Portal sync (under Wayfarer) 25:06

20d ago25:06

25:06

Join PkmnTrainerJ in the latest +Theta, Ingress and Wayfarer news for the +Theta Anomaly Season. What awaits at the end of the 2025 seasons? This is the 95th episode of Ingress Insights, as well as Season 3 - Episode 20, and was recorded on 9th May 2025 and released on 11th May 2025. Sponsors ⁠XP Brew⁠ Show Notes ⁠⁠⁠⁠+Theta Global Op⁠⁠ ends ⁠⁠⁠AMER…

1
SANS Stormcast Friday, May 9th: SSH Exfil Tricks; magicINFO still vulnerable; SentinelOne Vulnerability; Commvault insufficient patch 4:57

22d ago4:57

4:57

No Internet Access: SSH to the Rescue If faced with restrictive outbound network access policies, a single inbound SSH connection can quickly be turned into a tunnel or a full-blown VPN https://isc.sans.edu/diary/No%20Internet%20Access%3F%20SSH%20to%20the%20Rescue!/31932 SAMSUNG magicINFO 9 Server Flaw Still exploitable The SAMSUNG magicINFO 9 Serv…

1
SANS Stormcast Thursday, May 8th: Modular Malware; Sysaid Vuln; Cisco Wireless Controller Patch; Unifi Protect Camera Patch 5:41

23d ago5:41

5:41

Example of Modular Malware Xavier analyzes modular malware that downloads DLLs from GitHub if specific features are required. In particular, the webcam module is inspected in detail. https://isc.sans.edu/diary/Example%20of%20%22Modular%22%20Malware/31928 Sysaid XXE Vulnerabilities IT Service Management Software Sysaid patched a number of XXE vulner…

1
Ingress Insights Interviews…Erin Fitzgerald AKA Dr. Carrie Campbell 33:26

24d ago33:26

33:26

This episode was recorded in February 2025, and released in May 2025. A special episode which is an interview with acclaimed Emmy-nominated actor Erin Fitzgerald. Amongst many of her roles in video games, television and live action, Erin played the character of Dr. Carrie Campbell at many of Ingress' live events. Listen for details of how Erin got …

1
SANS Stormcast Wednesday, May 7th: Infostealer with Webserver; Android Update; CISA Warning 6:44

24d ago6:44

6:44

Python InfoStealer with Embedded Phishing Webserver Didier found an interesting infostealer that, in addition to implementing typical infostealer functionality, includes a web server suitable to create local phishing sites. https://isc.sans.edu/diary/Python%20InfoStealer%20with%20Embedded%20Phishing%20Webserver/31924 Android Update Fixes Freetype 0…

1
SANS Stormcast Tuesday, May 6th: Mirai Exploiting Samsung magicInfo 9; Kali Signing Key Lost; 6:57

25d ago6:57

6:57

Mirai Now Exploits Samsung MagicINFO CMS CVE-2024-7399 The Mirai botnet added a new vulnerability to its arsenal. This vulnerability, a file upload and remote code execution vulnerability in Samsung s MagicInfo 9 CMS, was patched last August but attracted new attention last week after being mostly ignored so far. https://isc.sans.edu/diary/Mirai+No…

1
SANS Stormcast Monday, May 5th: Steganography Challenge; Microsoft Makes Passkeys Default and Moves Away from Authenticator as Password Manager; Magento Components Backdoored. 5:57

26d ago5:57

5:57

Steganography Challenge Didier published a fun steganography challenge. A solution will be offered on Saturday. https://isc.sans.edu/diary/Steganography+Challenge/31910 Microsoft Makes Passkeys Default Authentication Method Microsoft is now encouraging new users to use Passkeys as the default and only login method, further moving away from password…

1
Episode 94 - +Theta Global Op remains (almost) 50/50 13:43

27d ago13:43

13:43

Join PkmnTrainerJ in the latest +Theta, Ingress and Wayfarer news for the +Theta Anomaly Season. What awaits at the end of the 2025 seasons? This is the 94th episode of Ingress Insights, as well as Season 3 - Episode 19, and was recorded on 2nd May 2025 and released on 4th May 2025. Sponsors XP Brew Show Notes ⁠⁠⁠+Theta Global Op⁠⁠⁠ ⁠Carrie Campbel…

1
SANS Stormcast Friday, May 2nd: More Steganography; Malicious Python Packages GMail C2; BEC to Steal Rent Payments 7:16

30d ago7:16

7:16

Steganography Analysis With pngdump.py: Bitstreams More details from Didiear as to how to extract binary content hidden inside images https://isc.sans.edu/diary/Steganography%20Analysis%20With%20pngdump.py%3A%20Bitstreams/31904 Using Trusted Protocols Against You: Gmail as a C2 Mechanism Attackers are using typosquatting to trick developers into in…

1
SANS Stormcast Thursday, May 1st: Sonicwall Attacks; Cached Windows RDP Credentials 6:28

1M ago6:28

6:28

Web Scanning for Sonicwall Vulnerabilities CVE-2021-20016 For the last week, scans for Sonicwall API login and domain endpoints have skyrocketed. These attacks may be exploiting an older vulnerability or just attempting to brute force credentials. https://isc.sans.edu/diary/Web%20Scanning%20Sonicwall%20for%20CVE-2021-20016/31906 The Wizards APT Gro…

1
BONUS - What is Second Sunday? 4:20

1M ago4:20

4:20

This is a bonus episode of Ingress Insights, explaining what Second Sunday is. It was recorded on 1st February 2025. Show Notes Second Sunday Social Media ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Buy an Ingress Insights mug, t-shirt or pin⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Threads⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠BlueSky⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠…

1
SANS Stormcast Wednesday, April 30th: SMS Attacks; Apple Airplay Vulnerabilities 8:51

1M ago8:51

8:51

More Scans for SMS Gateways and APIs Attackers are not just looking for SMS Gateways like the scans we reported on last week, but they are also actively scanning for other ways to use APIs and add on tools to send messages using other people s credentials. https://isc.sans.edu/diary/More%20Scans%20for%20SMS%20Gateways%20and%20APIs/31902 AirBorne: A…

1
SANS Stormcast Tuesday, April 29th: SRUM-DUMP 3; Policy Puppetry; Choice Jacking; @sansinstitute at #RSAC 7:37

1M ago7:37

7:37

SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics Mark Baggett released SRUM-DUMP Version 3. The tool simplifies data extraction from Widnows System Resource Usage Monitor (SRUM). This database logs how much resources software used for 30 days, and is invaluable to find out what software was executed when and if it sent or received netw…

1
SANS Stormcast Monday, April 28th: Image Steganography; SAP Netweaver Exploited 7:55

1M ago7:55

7:55

Example of a Payload Delivered Through Steganography Xavier and Didier published two diaries this weekend, building on each other. First, Xavier showed an example of an image being used to smuggle an executable past network defenses, and second, Didier showed how to use his tools to extract the binary. https://isc.sans.edu/diary/Example%20of%20a%20…

1
Episode 93 - Moving rapidly to Niantic Spatial 24:18

1M ago24:18

24:18

Join PkmnTrainerJ in the latest +Theta, Ingress and Wayfarer news for the +Theta Anomaly Season. What awaits at the end of the 2025 seasons? This is the 93rd episode of Ingress Insights, as well as Season 3 - Episode 18, and was recorded on 25th April 2025 and released on 27th April 2025. Show Notes ⁠⁠+Theta Global Op⁠⁠ Niantic Profile disconnected…

1
SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; 6:38

1M ago6:38

6:38

Attacks against Teltonika Networks SMS Gateways Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords. https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888 Commvault Vulnerability CVE-2205-34028 Commvault, about a week ago, publishe…

1
SANS Stormcast Thursday, April 24th: Honeypot iptables Maintenance; XRPL.js Compromise; Erlang/OTP SSH Vuln affecting Cisco 5:44

1M ago5:44

5:44

Honeypot Iptables Maintenance and DShield-SIEM Logging In this diary, Jesse is talking about some of the tasks to maintain a honeypot, like keeping filebeats up to date and adjusting configurations in case your dynamic IP address changes https://isc.sans.edu/diary/Honeypot%20Iptables%20Maintenance%20and%20DShield-SIEM%20Logging/31876 XRPL.js Compro…

1
BONUS - How to submit a PokéStop in Pokémon GO (so that you can still get new Portals) 7:56

1M ago7:56

7:56

This is a bonus episode, recorded on 19th April 2025, when the Ingress team turned off new Portal Nominations. It covers how to submit in Pokémon GO so that can still have New Portals. Social Media ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Subscribe to the Ingress Insights Insider mailing list⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠Buy an Ingress In…

1
SANS Stormcast Wednesday, April 23rd: More xorsearch Updates; DKIM Replay Attack; SSL.com Vulnerability Fixed 6:18

1M ago6:18

6:18

xorsearch.py: Ad Hoc YARA Rules Adhoc YARA rules allow for easy searches using command line arguments without having to write complete YARA rules for simple use cases like string and regex searches https://isc.sans.edu/diary/xorsearch.py%3A%20%22Ad%20Hoc%20YARA%20Rules%22/31856 Google Spoofed via DKIM Replay Attack DKIM replay attacks are a known i…

1
SANS Stormcast Tuesday, April 22nd: Phishing via Google; ChatGPT Fingerprint; Asus AI Cloud Vuln; PyTorch RCE 5:35

1M ago5:35

5:35

It's 2025, so why are malicious advertising URLs still going strong? Phishing attacks continue to take advantage of Google s advertising services. Sadly, this is still the case for obviously malicious links, even after various anti-phishing services flag the URL. https://isc.sans.edu/diary/It%27s%202025...%20so%20why%20are%20obviously%20malicious%2…

1
SANS Stormcast Monday, April 21st: MSFT Entra Lockouts; Erlang/OTP SSH Exploit; Sonicwall Exploit; bubble.io bug 7:31

1M ago7:31

7:31

Microsoft Entra User Lockout Multiple organizations reported widespread alerts and account lockouts this weekend from Microsoft Entra. The issue is caused by a new feature Microsoft enabled. This feature will lock accounts if Microsoft believes that the password for the account was compromised. https://www.bleepingcomputer.com/news/microsoft/widesp…

1
Inverse Insights VII: Welcome to the world of Futurama: Worlds of Tomorrow with Michael Rosenblum 23:47

1M ago23:47

23:47

This episode was recorded in January 2023, and released on 20th April 2025 to celebrate the second anniversary of the closure of Futurama: Worlds of Tomorrow! Please note, this was recorded on an old headset from my place of work (unless you’re listening from work in which case…um…no it wasn’t) and taken from a previous video recording so the sound…

1
Episode 92 - Global Op + Global Challenge 21:14

1M ago21:14

21:14

Join PkmnTrainerJ in the latest +Theta, Ingress and Wayfarer news for the +Theta Anomaly Season. What awaits at the end of the 2025 seasons? This is the 92nd episode of Ingress Insights, as well as Season 3 - Episode 17, and was recorded on 19th April 2025 and released on 20th April 2025. Show Notes ⁠+Theta Global Op⁠ Alex Stamm let go +Theta Globa…

1
Episode 91 - Hello +Theta, Goodbye Wayfarer and Campfire 33:29

1M ago33:29

33:29

Join PkmnTrainerJ in the latest +Theta, Ingress and Wayfarer news for the +Theta Anomaly Season. What awaits at the end of the 2025 seasons? This is the 91st episode of Ingress Insights, as well as Season 3 - Episode 16, and was recorded on 13th April 2025 and released on 13th April 2025. Show Notes +Theta Overview +Theta Global Op Couch Portal Tri…

1
SANS Stormcast Friday, April 18th: Remnux Cloud Environment; Erlang/OTP SSH Vuln; Brickstorm Backdoor Analysis; GPT 4.1 Safety Controversy 6:18

1M ago6:18

6:18

RedTail: Remnux and Malware Management A description showing how to set up a malware analysis in the cloud with Remnux and Kasm. RedTail is a sample to illustrate how the environment can be used. https://isc.sans.edu/diary/RedTail%2C%20Remnux%20and%20Malware%20Management%20%5BGuest%20Diary%5D/31868 Critical Erlang/OTP SSH Vulnerability Researchers …

1
SANS Stormcast Thursday April 17th: Apple Updates; Oracle Updates; Google Chrome Updates; CVE News; 6:04

1M ago6:04

6:04

Apple Updates Apple released updates for iOS, iPadOS, macOS, and VisionOS. The updates fix two vulnerabilities which had already been exploited against iOS. https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Vulnerability/31866 Oracle Updates Oracle released it quarterly critical patch update. The update addresses 378 security vulnerabilities…

1
Breaking News - The Final Wayfarer Challenge for Ingress (?) starts NOW 8:08

1M ago8:08

8:08

A bonus episode covering the breaking news about the latest Wayfarer Challenge. It was recorded on 16th April 2025 and released on 16th April 2025. Show Notes Global Wayfarer Challenge begins Ingress news post on OPR Live Challenge Brian's tweet Social Media ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Subscribe to the Ingress …

1
SANS Stormcast Wednesday Apr 16th: File Upload Service Abuse; OpenSSH 10.0 Released; Apache Roller Vuln; Possible CVE Changes 5:54

2M ago5:54

5:54

Online Services Again Abused to Exfiltrate Data Attackers like to abuse free online services that can be used to exfiltrate data. From the originals , like pastebin, to past favorites like anonfiles.com. The latest example is gofile.io. As a defender, it is important to track these services to detect exfiltration early https://isc.sans.edu/diary/On…

1
Inverse Insights VI: Marvelling at MARVEL: World of Heroes with Jeff James 30:46

2M ago30:46

30:46

This episode was recorded in March 2025, and released on 15th April 2025 to celebrate the Daredevil: Born Again S1 finale! The sixth episode of Inverse Insights, which is all about Marvel: World of Heroes. It contains an interview with Jeff James, Game Designer for Marvel: World of Heroes and board game creator extraordinaire! Show Notes ⁠⁠⁠⁠Back S…

1
SANS Stormcast Tuesday April 15th: xorsearch Update; Short Lived Certificates; New USB Malware 5:35

2M ago5:35

5:35

xorsearch Update Diedier updated his "xorsearch" tool. It is now a python script, not a compiled binary, and supports Yara signatures. With Yara support also comes support for regular expressions. https://isc.sans.edu/diary/xorsearch.py%3A%20Searching%20With%20Regexes/31854 Shorter Lived Certificates The CA/Brower Forum passed an update to reduce t…

Podcasts Worth a Listen

Ingress Insights Podcasts

Podcasts Worth a Listen