Melhores podcasts sobre Cyber Daily (2025)

1
SANS Stormcast Thursday Mar 27th: Classifying Malware with ML; Malicious NPM Packages; Google Chrome 0-day 7:11

10h ago7:11

7:11

Leveraging CNNs and Entropy-Based Feature Selection to Identify Potential Malware Artifacts of Interest This diary explores a novel methodology for classifying malware by integrating entropy-driven feature selection with a specialized Convolutional Neural Network (CNN). Motivated by the increasing obfuscation tactics used by modern malware authors,…

1
🔴 Mar 26’s Top Cyber News NOW! - Ep 842 1:32:27

21h ago1:32:27

1:32:27

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Wednesday Mar 26th: XWiki Exploit; File Converter Correction; VMWare Vulnerability; Draytek Router Reboots; MMC Exploit Details; 6:14

1d ago6:14

6:14

XWiki Search Vulnerablity Exploit Attempts (CVE-2024-3721) Our honeypot detected an increase in exploit attempts for an XWiki command injection vulnerablity. The vulnerability was patched last April, but appears to be exploited more these last couple days. The vulnerability affects the search feature and allows the attacker to inject Groovy code te…

1
🔴 Mar 25’s Top Cyber News NOW! - Ep 841 1:54:44

2d ago1:54:44

1:54:44

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Tuesday Mar 25th: Privacy Awware Bots; Ingress Nightmare; Malicious File Converters; VSCode Extension Leads to Ransomware 5:55

2d ago5:55

5:55

Privacy Aware Bots A botnet is using privacy as well as CSRF prevention headers to better blend in with normal browsers. However, in the process they may make it actually easier to spot them. https://isc.sans.edu/diary/Privacy%20Aware%20Bots/31796 Critical Ingress Nightmare Vulnerability ingress-nginx fixed four new vulnerabilities, one of which ma…

1
🔴 Mar 24’s Top Cyber News NOW! - Ep 840 1:39:01

3d ago1:39:01

1:39:01

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Monday Mar 24th: Critical Next.js Vulnerability; Microsoft Trust Signing Platform Abuse 7:10

3d ago7:10

7:10

Critical Next.js Vulnerability CVE-2025-29927 A critical vulnerability in how the x-middleware-subrequest header is verified may lead to bypassing authorization in Next.js applications. https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffw http…

1
🔴 Mar 21’s Top Cyber News NOW! - Ep 839 2:00:21

6d ago2:00:21

2:00:21

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Friday Mar 21st: New Data Feeds; SEO Spam; Veeam Deserialization; IBM AIX RCE; 8:24

6d ago8:24

8:24

Some New Data Feeds and Little Incident We started offering additional data feeds, and an SEO spamer attempted to make us change a link from an old podcast episode. https://isc.sans.edu/diary/Some%20new%20Data%20Feeds%2C%20and%20a%20little%20%22incident%22./31786 Veeam Deserialization Vulnerability Veeam released details regarding the latest vulner…

1
🔴 Mar 20’s Top Cyber News NOW! - Ep 838 1:48:06

7d ago1:48:06

1:48:06

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Thursday Mar 20th: Cisco Smart Licensing Attacks; Vulnerable Drivers again; Synology Advisories Updated 7:09

7d ago7:09

7:09

Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 CVE-2024-20440 Attackers added last September's Cisco Smart Licensing Utility vulnerability to their toolset. These attacks orginate most likely from botnets and the same attackers are scanning for a wide range of additional vulnerabilities. The vulnerability is a static credential i…

1
🔴 Mar 19’s Top Cyber News NOW! - Ep 837 1:33:08

8d ago1:33:08

1:33:08

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Wednesday Mar 19th 2025: Python DLL Side Loading; Tomcast RCE Correction; SAML Roulette; Windows Shortcut 0-Day 7:18

8d ago7:18

7:18

Python Bot Delivered Through DLL Side-Loading A "normal", but vulnerable to DLL side-loading PDF reader may be used to launch additional exploit code https://isc.sans.edu/diary/Python%20Bot%20Delivered%20Through%20DLL%20Side-Loading/31778 Tomcat RCE Correction To exploit the Tomcat RCE I mentioned yesterday, two non-default configuration options mu…

1
🔴 Mar 18’s Top Cyber News NOW! - Ep 836 1:55:39

9d ago1:55:39

1:55:39

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Tuesday Mar 18th 2025: Analyzing GUID Encoded Shellcode; Node.js SAML Vuln; Tomcat RCE in the Wild; CSS e-mail obfuscation 7:03

9d ago7:03

7:03

Static Analysis of GUID Encoded Shellcode Didier explains how to decode shell code embeded as GUIDs in malware, and how to feed the result to his tool 1768.py which will extract Cobal Strike configuration information from the code. https://isc.sans.edu/diary/Static%20Analysis%20of%20GUID%20Encoded%20Shellcode/31774 SAMLStorm: Critical Authenticatio…

1
🔴 Mar 17’s Top Cyber News NOW! - Ep 835 1:32:11

10d ago1:32:11

1:32:11

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Monday March 17th: Mirai Makes Mistakes; Compromised Github Action; ruby-saml vulnerability; Fake GitHub Security Alert Phishing 6:38

10d ago6:38

6:38

Mirai Bot Now Incorporating Malformed DrayTek Vigor Router Exploits One of the many versions of the Mirai botnet added some new exploit strings attempting to take advantage of an old DrayTek Vigor Router vulnerability, but they got the URL wrong. https://isc.sans.edu/diary/Mirai%20Bot%20now%20incroporating%20%28malformed%3F%29%20DrayTek%20Vigor%20R…

1
🔴 Mar 14’s Top Cyber News NOW! - Ep 834 2:01:44

13d ago2:01:44

2:01:44

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast: File Hashes in MSFT BI; Apache Camel Vuln; Juniper Fixes Exploited Vuln; AMI Patches 10.0 Redfish BMC Vuln 6:07

13d ago6:07

6:07

File Hashes Analysis with Power BI Guy explains in this diary how to analyze Cowrie honeypot file hashes using Microsoft's BI tool and what you may be able to discover using this tool. https://isc.sans.edu/diary/File%20Hashes%20Analysis%20with%20Power%20BI%20from%20Data%20Stored%20in%20DShield%20SIEM/31764 Apache Camel Vulnerability Apache released…

1
🔴 Mar 13’s Top Cyber News NOW! - Ep 833 1:34:24

14d ago1:34:24

1:34:24

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Thursday Mar 13th: Exploiting Login Pages with Log4j; Patch Tuesday Fallout; Adobe Patches; Medusa Ransomware; Zoom and Font Library Updates; 5:56

14d ago5:56

5:56

Log4J Scans for VMWare Hyhbrid Cloud Extensions An attacker is scanning various login pages, including the authentication feature in the VMWare HCX REST API for Log4j vulnerabilities. The attack submits the exploit string as username, hoping to trigger the vulnerability as Log4j logs the username https://isc.sans.edu/diary/Scans%20for%20VMWare%20Hy…

1
🔴 Mar 12’s Top Cyber News NOW! - Ep 832 1:30:55

15d ago1:30:55

1:30:55

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Wednesday Mar 12th: Microsoft Patch Tuesday; Apple Patch; Espressif ESP32 Statement 7:54

15d ago7:54

7:54

Microsoft Patch Tuesday Microsoft Patched six already exploited vulnerabilities today. In addition, the patches included a critical patch for Microsoft's DNS server and about 50 additional patches. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%3A%20March%202025/31756 Apple Updates iOS/macOS Apple released an update to address a single, alr…

1
🔴 Mar 11’s Top Cyber News NOW! - Ep 831 2:01:15

16d ago2:01:15

2:01:15

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
🔴 Mar 10’s Top Cyber News NOW! - Ep 830 1:37:17

16d ago1:37:17

1:37:17

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Tuesday Mar 11th: Shellcode as UUIDs; Moxe Switch Vuln Updates; Opentext Vuln; Livewire Volt Vuln; 4:59

16d ago4:59

4:59

Shellcode Encoded in UUIDs Attackers are using UUIDs to encode Shellcode. The 128 Bit (or 16 Bytes) encoded in each UUID are converted to shell code to implement a cobalt strike beacon https://isc.sans.edu/diary/Shellcode%20Encoded%20in%20UUIDs/31752 Moxa CVE-2024-12297 Expanded to PT Switches Moxa in January first releast an update to address a fr…

1
SANS Stormcast: Webshells; Undocumented ESP32 Commands; Camera Used For Ransomware Distribution 6:45

17d ago6:45

6:45

Commonly Probed Webshell URLs Many attackers deploy web shells to gain a foothold on vulnerable web servers. These webshells can also be taken over by parasitic exploits. https://isc.sans.edu/diary/Commonly%20Probed%20Webshell%20URLs/31748 Undocumented ESP32 Commands A recent conference presentation by Tarlogic revealed several "backdoors" or undoc…

1
🔴 Mar 7’s Top Cyber News NOW! - Ep 829 2:00:15

20d ago2:00:15

2:00:15

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Friday Mar 7th: Chrome vs Extensions; Kibana Update; PrePw0n3d Android TV Sticks; Identifying APTs (@sans_edu, Eric LeBlanc) 13:53

20d ago13:53

13:53

Latest Google Chrome Update Encourages UBlock Origin Removal The latest update to Google Chrome not only disabled the UBlock Origin ad blocker, but also guides users to uninstall the extension instead of re-enabling it. https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html https://www.reddit.com/r/youtube/comments/1j2…

1
🔴 Mar 6’s Top Cyber News NOW! - Ep 828 1:29:20

21d ago1:29:20

1:29:20

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Thursday Mar 6th: DShield ELK Analysis; Jailbreaking AMD CPUs; VIM Vulnerability; Snail Mail Ransomware 6:45

21d ago6:45

6:45

DShield Traffic Analysis using ELK The "DShield SIEM" includes an ELK dashboard as part of the Honeypot. Learn how to find traffic of interest with this tool. https://isc.sans.edu/diary/DShield%20Traffic%20Analysis%20using%20ELK/31742 Zen and the Art of Microcode Hacking Google released details, including a proof of concept exploit, showing how to …

1
🔴 Mar 5’s Top Cyber News NOW! - Ep 827 1:38:26

22d ago1:38:26

1:38:26

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day. Check out Barricade Cyber for #incidentresponse, #ransomware protection, and business recovery services: https://barricadecyber.com Check out John Strand's Pay What You Can Antisyphon Training: https://simplycyber.io/antisyphon Allow what y…

1
SANS Stormcast Wednesday Mar 5th: SMTP Credential Hunt; mac-robber.py update; ADSelfService Plus Account Takeover; Android Patch Day; PayPal Scams; VMWare Escape Fix 6:11

22d ago6:11

6:11

Romanian Distillery Scanning for SMTP Credentials A particular attacker expanded the scope of their leaked credential file scans. In addition to the usual ".env" style files, it is not looking for specific SMTP related credential files. https://isc.sans.edu/diary/Romanian%20Distillery%20Scanning%20for%20SMTP%20Credentials/31736 Tool Updates: mac-ro…

Podcasts que valem a pena ouvir

Podcasts sobre Cyber Daily

Podcasts que valem a pena ouvir

Guia rápido de referências