))
Johnny Ball is famous for knowing many things, so who better to tell you how to keep your computer safe from online fraud. Johnny's guides contain all you need to know about internet and email security. There are four wisdom-packed episodes to download onto your computer and portable audio player.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
…
continue reading
Internet safety, security, and digital parenting tips. You'll learn about protecting kids online (cybersafety), and general digital security and privacy (for adults as well as kids). https://DefendingDigital.com
…
continue reading
1
SANS Stormcast Friday, January 9th, 2026: Gephi Analysis; zlib vuln; GnuPG Vulns; Cisco/Cloudflare DNS Issue
7:12
7:12
Mais Tarde
Mais Tarde
Listas
Like
Curtido
7:12
Analysis using Gephi with DShield Sensor Data Gephi is a neat tool to create interactive data visualizations. It can be applied to honeypot data to find data clusters. https://isc.sans.edu/diary/Analysis%20using%20Gephi%20with%20DShield%20Sensor%20Data/32608 zlib v1.3.1.2 Global Buffer Overflow in TGZfname() of zlib untgz Utility The untgz utility …
…
continue reading
1
SANS Stormcast Friday, January 9th, 2026: Gephi Analysis; zlib vuln; GnuPG Vulns; Cisco/Cloudflare DNS Issue (#)
7:12
7:12
Mais Tarde
Mais Tarde
Listas
Like
Curtido
7:12
SANS Stormcast Friday, January 9th, 2026: Gephi Analysis; zlib vuln; GnuPG Vulns; Cisco/Cloudflare DNS Issue Analysis using Gephi with DShield Sensor Data Gephi is a neat tool to create interactive data visualizations. It can be applied to honeypot data to find data clusters. https://isc.sans.edu/diary/Analysis%20using%20Gephi%20with%20DShield%20Se…
…
continue reading
1
SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep
7:23
7:23
Mais Tarde
Mais Tarde
Listas
Like
Curtido
7:23
A phishing campaign with QR codes rendered using an HTML table Phishing emails are bypassing filters by encoding QR codes as HTML tables. https://isc.sans.edu/diary/A%20phishing%20campaign%20with%20QR%20codes%20rendered%20using%20an%20HTML%20table/32606 n8n vulnerabilities In recent days, several new n8n vulnerabilities were disclosed. Ensure that …
…
continue reading
1
SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep (#)
7:23
7:23
Mais Tarde
Mais Tarde
Listas
Like
Curtido
7:23
SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep A phishing campaign with QR codes rendered using an HTML table Phishing emails are bypassing filters by encoding QR codes as HTML tables. https://isc.sans.edu/diary/A%20phishing%20campaign%20with%20QR%20codes%20rendered%20using%20an%20HTML%…
…
continue reading
1
SANS Stormcast Wednesday, January 7th, 2026: Tailsnitch Review; D-Link DSL EoL Vuln; TOTOLINK Unpatched Vuln
5:44
5:44
Mais Tarde
Mais Tarde
Listas
Like
Curtido
5:44
Tool Review: Tailsnitch Tailsnitch is a tool to audit your Tailscale configuration. It does a comprehensive analysis of your configuration and suggests (or even applies) fixes. https://isc.sans.edu/diary/Tool%20Review%3A%20Tailsnitch/32602 D-Link DSL Command Injection via DNS Configuration Endpoint A new vulnerability in very old D-Link DSL modems …
…
continue reading
1
SANS Stormcast Wednesday, January 7th, 2026: Tailsnitch Review; D-Link DSL EoL Vuln; TOTOLINK Unpatched Vuln (#)
5:44
5:44
Mais Tarde
Mais Tarde
Listas
Like
Curtido
5:44
SANS Stormcast Wednesday, January 7th, 2026: Tailsnitch Review; D-Link DSL EoL Vuln; TOTOLINK Unpatched Vuln Tool Review: Tailsnitch Tailsnitch is a tool to audit your Tailscale configuration. It does a comprehensive analysis of your configuration and suggests (or even applies) fixes. https://isc.sans.edu/diary/Tool%20Review%3A%20Tailsnitch/32602 D…
…
continue reading
1
SANS Stormcast Tuesday, January 6th, 2026: IPKVM Risks; Tailsnitch; Net-SNMP Vuln;
6:08
6:08
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:08
Risks of OOB Access via IP KVM Devices Recently, cheap IP KVMs have become popular. But their deployment needs to be secured. https://isc.sans.edu/diary/Risks%20of%20OOB%20Access%20via%20IP%20KVM%20Devices/32598 Tailsnitch Tailsnitch is a tool to review your Tailscale configuration for vulnerabilities https://github.com/Adversis/tailsnitch Net-SNMP…
…
continue reading
1
SANS Stormcast Tuesday, January 6th, 2026: IPKVM Risks; Tailsnitch; Net-SNMP Vuln; (#)
6:08
6:08
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:08
SANS Stormcast Tuesday, January 6th, 2026: IPKVM Risks; Tailsnitch; Net-SNMP Vuln; Risks of OOB Access via IP KVM Devices Recently, cheap IP KVMs have become popular. But their deployment needs to be secured. https://isc.sans.edu/diary/Risks%20of%20OOB%20Access%20via%20IP%20KVM%20Devices/32598 Tailsnitch Tailsnitch is a tool to review your Tailscal…
…
continue reading
1
SANS Stormcast Monday, January 5th, 2026: MongoBleed/React2Shell Recap; Crypto Scams; DNS Stats; Old Fortinet Vulns
6:57
6:57
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:57
Cryptocurrency Scam Emails and Web Pages As We Enter 2026 Scam emails are directing victims to confidence scams attempting to steal cryptocurrencies. https://isc.sans.edu/diary/Cryptocurrency%20Scam%20Emails%20and%20Web%20Pages%20As%20We%20Enter%202026/32594 Debugging DNS response times with tshark tshark is a powerful tool to debug DNS timing issu…
…
continue reading
1
SANS Stormcast Monday, January 5th, 2026: MongoBleed/React2Shell Recap; Crypto Scams; DNS Stats; Old Fortinet Vulns (#)
6:57
6:57
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:57
SANS Stormcast Monday, January 5th, 2026: MongoBleed/React2Shell Recap; Crypto Scams; DNS Stats; Old Fortinet Vulns Cryptocurrency Scam Emails and Web Pages As We Enter 2026 Scam emails are directing victims to confidence scams attempting to steal cryptocurrencies. https://isc.sans.edu/diary/Cryptocurrency%20Scam%20Emails%20and%20Web%20Pages%20As%2…
…
continue reading
1
SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847
5:50
5:50
Mais Tarde
Mais Tarde
Listas
Like
Curtido
5:50
MongoDB Unauthenticated Attacker Sensitive Memory Leak CVE-2025-14847 Over the Christmas holiday, MongoDB patched a sensitive memory leak vulnerability that is now actively being exploited https://www.mongodb.com/community/forums/t/important-mongodb-patch-available/332977 https://github.com/mongodb/mongo/commit/505b660a14698bd2b5233bd94da3917b585c5…
…
continue reading
1
SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847 (#)
5:51
5:51
Mais Tarde
Mais Tarde
Listas
Like
Curtido
5:51
SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847 MongoDB Unauthenticated Attacker Sensitive Memory Leak CVE-2025-14847 Over the Christmas holiday, MongoDB patched a sensitive memory leak vulnerability that is now actively being exploited https://www.mongodb.com/community/forums/t/important-mongodb-patch…
…
continue reading
1
SANS Stormcast Monday, December 22nd, 2025: TLS Callbacks; FreeBSD RCE; NIST Time Server Issues
6:00
6:00
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:00
DLLs & TLS Callbacks As a follow-up to last week's diary about DLL Entrypoints, Didier is looking at TLS ( Thread Local Storage ) and how it can be abused. https://isc.sans.edu/diary/DLLs%20%26%20TLS%20Callbacks/32580 FreeBSD Remote code execution via ND6 Router Advertisements A critical vulnerability in FreeBSD allows for remote code execution. Bu…
…
continue reading
1
SANS Stormcast Monday, December 22nd, 2025: TLS Callbacks; FreeBSD RCE; NIST Time Server Issues (#)
6:01
6:01
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:01
SANS Stormcast Monday, December 22nd, 2025: TLS Callbacks; FreeBSD RCE; NIST Time Server Issues DLLs & TLS Callbacks As a follow-up to last week's diary about DLL Entrypoints, Didier is looking at TLS ("Thread Local Storage") and how it can be abused. https://isc.sans.edu/diary/DLLs%20%26%20TLS%20Callbacks/32580 FreeBSD Remote code execution via ND…
…
continue reading
1
SANS Stormcast Friday, December 19th, 2025: Less Vulnerabie Devices; Critical OneView Vulnerablity; Trufflehog finds JWTs
4:37
4:37
Mais Tarde
Mais Tarde
Listas
Like
Curtido
4:37
Positive trends related to public IP range from the year 2025 Fewer ICS systems, as well as fewer systems with outdated SSL versions, are exposed to the internet than before. The trend isn t quite clean for ISC, but SSL2 and SSL3 systems have been cut down by about half. https://isc.sans.edu/diary/Positive%20trends%20related%20to%20public%20IP%20ra…
…
continue reading
1
SANS Stormcast Friday, December 19th, 2025: Less Vulnerabie Devices; Critical OneView Vulnerablity; Trufflehog finds JWTs (#)
4:38
4:38
Mais Tarde
Mais Tarde
Listas
Like
Curtido
4:38
SANS Stormcast Friday, December 19th, 2025: Less Vulnerabie Devices; Critical OneView Vulnerablity; Trufflehog finds JWTs Positive trends related to public IP range from the year 2025 Fewer ICS systems, as well as fewer systems with outdated SSL versions, are exposed to the internet than before. The trend isn't quite clean for ISC, but SSL2 and SSL…
…
continue reading
1
SANS Stormcast Thursday, December 18th, 2025: More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory
6:10
6:10
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:10
Maybe a Little Bit More Interesting React2Shell Exploit Attackers are branching out to attack applications that initial exploits may have missed. The latest wave of attacks is going after less common endpoints and attempting to exploit applications that do not have Next.js exposed. https://isc.sans.edu/diary/Maybe%20a%20Little%20Bit%20More%20Intere…
…
continue reading
1
SANS Stormcast Thursday, December 18th, 2025: More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory (#)
6:11
6:11
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:11
SANS Stormcast Thursday, December 18th, 2025: More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory Maybe a Little Bit More Interesting React2Shell Exploit Attackers are branching out to attack applications that initial exploits may have missed. The latest wave of attacks is going after less common endpoints and attempting to exploit…
…
continue reading
1
SANS Stormcast Wednesday, December 17th, 2025: Beyond RC4; Forticloud SSO Vuln Exploited; FortiGate SSO Exploited;
6:38
6:38
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:38
Beyond RC4 for Windows authentication Microsoft outlined its transition plan to move away from RC4 for authentication and published guidance and tools to facilitate this change. https://www.microsoft.com/en-us/windows-server/blog/2025/12/03/beyond-rc4-for-windows-authentication FortiCloud SSO Login Vuln Exploited Arctic Wolf observed exploit attemp…
…
continue reading
1
SANS Stormcast Wednesday, December 17th, 2025: Beyond RC4; Forticloud SSO Vuln Exploited; FortiGate SSO Exploited; (#)
6:38
6:38
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:38
SANS Stormcast Wednesday, December 17th, 2025: Beyond RC4; Forticloud SSO Vuln Exploited; FortiGate SSO Exploited; Beyond RC4 for Windows authentication Microsoft outlined its transition plan to move away from RC4 for authentication and published guidance and tools to facilitate this change. https://www.microsoft.com/en-us/windows-server/blog/2025/…
…
continue reading
1
SANS Stormcast Tuesday, December 16th, 2025: Current React2Shell Example; SAML woes; MSMQ issues after patch;
5:45
5:45
Mais Tarde
Mais Tarde
Listas
Like
Curtido
5:45
More React2Shell Exploits CVE-2025-55182 Our honeypots continue to detect numerous React2Shell variants. Some using slightly modified exploits https://isc.sans.edu/diary/More%20React2Shell%20Exploits%20CVE-2025-55182/32572 The Fragile Lock: Novel Bypasses For SAML Authentication SAML is a tricky protocol to implement correctly, in particular if dif…
…
continue reading
1
SANS Stormcast Tuesday, December 16th, 2025: Current React2Shell Example; SAML woes; MSMQ issues after patch; (#)
5:46
5:46
Mais Tarde
Mais Tarde
Listas
Like
Curtido
5:46
SANS Stormcast Tuesday, December 16th, 2025: Current React2Shell Example; SAML woes; MSMQ issues after patch; More React2Shell Exploits CVE-2025-55182 Our honeypots continue to detect numerous React2Shell variants. Some using slightly modified exploits https://isc.sans.edu/diary/More%20React2Shell%20Exploits%20CVE-2025-55182/32572 The Fragile Lock:…
…
continue reading
1
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches
6:45
6:45
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:45
Abusing DLLs EntryPoint for the Fun DLLs will not just execute code when some of their functions are called, but also as they are loaded. https://isc.sans.edu/diary/Abusing%20DLLs%20EntryPoint%20for%20the%20Fun/32562 Apple Patches Everything: December 2025 Edition Apple released patches for all of its operating systems, fixing two already exploited…
…
continue reading
1
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches (#)
6:45
6:45
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:45
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches Abusing DLLs EntryPoint for the Fun DLLs will not just execute code when some of their functions are called, but also as they are loaded. https://isc.sans.edu/diary/Abusing%20DLLs%20EntryPoint%20for%20the%20Fun/32562 Apple Patches Everything: December 2…
…
continue reading
1
SANS Stormcast Friday, December 12th, 2025: Local AI Models; Mystery Chrome 0-Day; SOAPwn Attack
6:56
6:56
Mais Tarde
Mais Tarde
Listas
Like
Curtido
6:56
Using AI Gemma 3 Locally with a Single CPU Installing AI models on modes hardware is possible and can be useful to experiment with these models on premise https://isc.sans.edu/diary/Using%20AI%20Gemma%203%20Locally%20with%20a%20Single%20CPU%20/32556 Mystery Google Chrome 0-Day Vulnerability Google released an update for Google Chrome fixing a vulne…
…
continue reading
