SANS Internet Storm Center's Daily Network Security News Podcast Podcast Por Johannes B. Ullrich arte de portada

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Internet Storm Center's Daily Network Security News Podcast

De: Johannes B. Ullrich
Escúchala gratis

Obtén 3 meses por US$0.99 al mes
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .(c) SANS Institute 2021 This work is licensed under a Creative Commons License - Attribution-NonCommercial-ShareAlike - http://creativecommons.org/licenses/by-nc-sa/4.0/ Política y Gobierno
Episodios
  • SANS Stormcast Monday, December 8th, 2025: AutoIT3 FileInstall; React2Shell Update; Tika Vuln (#)

    SANS Stormcast Monday, December 8th, 2025: AutoIT3 FileInstall; React2Shell Update; Tika Vuln (#)
    Dec 8 2025
    SANS Stormcast Monday, December 8th, 2025: AutoIT3 FileInstall; React2Shell Update; Tika Vuln AutoIT3 Compiled Scripts Dropping Shellcodes Malicious AutoIT3 scripts are usign the "FileInstall" function to include additional scripts at compile time that are dropped as temporary files during execution. https://isc.sans.edu/diary/AutoIT3%20Compiled%20Scripts%20Dropping%20Shellcodes/32542 React2Shell Update The race is on to patch vulnerable systems. Various groups are aggressively scanning the internet with different exploit variants. Some attempt to bypass WAFs. https://blog.cloudflare.com/5-december-2025-outage/ https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/ Apache Tika XXE Flaw Apache's Tika library patched a XXE flaw. https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k keywords: apache; tika; react; autoit3; autoit;
    Más Menos
    6 m
  • SANS Stormcast Friday, December 5th, 2025: Compromised Govt System; React Vuln Update; Array Networks VPN Attacks (#)

    SANS Stormcast Friday, December 5th, 2025: Compromised Govt System; React Vuln Update; Array Networks VPN Attacks (#)
    Dec 5 2025
    SANS Stormcast Friday, December 5th, 2025: Compromised Govt System; React Vuln Update; Array Networks VPN Attacks Nation-State Attack or Compromised Government? [Guest Diary] An IP address associated with the Indonesian Government attacked one of our interns' honeypots. https://isc.sans.edu/diary/Nation-State%20Attack%20or%20Compromised%20Government%3F%20%5BGuest%20Diary%5D/32536 React Update Working exploits for the React vulnerability patched yesterday are not widely available Array Networks Array AG Vulnerablity A recently patched vulnerability in Array Networks' Array AG VPN gateways is actively exploited. https://www.jpcert.or.jp/at/2025/at250024.html keywords: react; ssh; array networks; vpn
    Más Menos
    5 m
  • SANS Stormcast Thursday, December 4th, 2025: CDN Headers; React Vulnerabiity; PickleScan Patch (#)

    SANS Stormcast Thursday, December 4th, 2025: CDN Headers; React Vulnerabiity; PickleScan Patch (#)
    Dec 4 2025
    SANS Stormcast Thursday, December 4th, 2025: CDN Headers; React Vulnerabiity; PickleScan Patch Attempts to Bypass CDNs Our honeypots recently started receiving scans that included CDN specific headers. https://isc.sans.edu/diary/Attempts%20to%20Bypass%20CDNs/32532 React Vulnerability CVE-2025-55182 React patched a critical vulnerability in React server components. Exploitation is likely imminent. https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components Unveiling 3 PickleScan Vulnerabilities The PyTorch AI model security tool, PickleScan, has patched three critical vulnerabilities. https://jfrog.com/blog/unveiling-3-zero-day-vulnerabilities-in-picklescan/ keywords: pytorch; picklescan; react; server components; cdn;
    Más Menos
    7 m
Todas las estrellas
Más relevante
This podcast is essential for any technologist, not just security folks. Keeping your finger on the pulse of cybersecurity is difficult, this podcast makes it much easier.

Essential daily listening

Se ha producido un error. Vuelve a intentarlo dentro de unos minutos.
I've been listening to this podcast for years on a near daily basis. Has provided time-sensitive info on many occasions.

One of the Best

Se ha producido un error. Vuelve a intentarlo dentro de unos minutos.