Endpoint Management Today is a podcast brought to you by Rhonda and James from the BigFix team. Listen in to understand how IT operations and security teams fully automate discovery, management and remediation of endpoints – whether on-premise, virtual, or cloud – regardless of operating system, location or connectivity. Hear from technical experts, customers, thought leaders and more as we bring you new episodes each month. FIND more. FIX more. DO more.
…
continue reading
Endpoint Protection Podcasts
Welcome to Perimeter Perspective, the podcast where we explore the strategies, challenges, and innovations shaping the future of cybersecurity and IT management. Hosted by the experts at Next Perimeter, this show dives into zero trust principles, cloud-first solutions, and the evolving role of technology in modern businesses. Whether you’re an IT leader, business owner, or tech enthusiast, Perimeter Perspective offers actionable insights and engaging discussions to help you secure your digit ...
…
continue reading
Join us on Proofpoint’s Insider Insight, the podcast where we delve deep into the intricate realm of Endpoint Data Loss Prevention (DLP) and Insider Threat Management (ITM). In each episode, we unravel the complexities of safeguarding your organization's sensitive information by adopting a people-centric approach to managing insider threats. From inadvertent mistakes to malicious intent, insider threats pose a significant risk to the confidentiality and integrity of your data. This podcast i ...
…
continue reading
This is the She Said Privacy / He Said Security podcast with Jodi and Justin Daniels. Like any good marriage, Jodi and Justin will debate, evaluate, and sometimes quarrel about how privacy and security impact business in the 21st century.
…
continue reading
Welcome to Act on Tech, the podcast that empowers you to harness technology to boost your productivity and simplify your life. Hosted by tech enthusiast and entrepreneur Alex, each episode dives into actionable tips, tools, and insights to help you stay ahead in the digital age. Discover practical advice, expert opinions, and cutting-edge trends, all while learning about Alex Custom Tech, a leading MSP dedicated to providing personalized IT solutions for business and residential customers. T ...
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Cyber security is dynamic and fast changing. Keep up-to-date with the latest news, vulnerabilities, threats and new research. For latest cyber security blogs, visit https://rasoolirfan.com and tweet @ → twitter.com/rasoolirfan
…
continue reading
Azure McFarlane, Ru Campbell, Femke Cornelissen, Peter Rising, & Kat Beedim talk about Microsoft 365 and Azure, and are joined each episode by a guest to talk about their journey in tech, and the challenges they have faced along the way.
…
continue reading
Nozomi Networks security experts discuss topics that are important to the OT and IoT security community. This includes current cybersecurity threat intelligence, trends, news, and challenges. If you work in security or operations, or if you are a researcher, you’ll find episodes of interest.
…
continue reading

1
Endpoints-on-Wheels: Protecting Company and Employee Data in Cars
39:04
39:04
Play later
Play later
Lists
Like
Liked
39:04Merry Marwig is the VP Global Communications & Advocacy at Privacy4Cars. Merry is a pro-consumer, pro-business privacy advocate who is optimistic about what data privacy rights mean for everyday people — and for the companies they do business with. At Privacy4Cars, she helps protect drivers’ and passengers’ personal data while creating business opp…
…
continue reading

1
Endpoint Security: Protecting Devices in a Hybrid World
25:36
25:36
Play later
Play later
Lists
Like
Liked
25:36In this episode of Act on Tech, Alex breaks down the essentials of endpoint security in today’s hybrid work environment. From laptops and smartphones to tablets and personal devices, every endpoint is a potential risk to your business. Learn what endpoint security really means, the most common threats, and the tools that every small business should…
…
continue reading

1
SANS Stormcast Monday, July 7th, 2025: interesting usernames; More sudo issues; CitrixBleed2 PoC; Short Lived Certs
5:48
5:48
Play later
Play later
Lists
Like
Liked
5:48Interesting ssh/telnet usernames Some interesting usernames observed in our honeypots https://isc.sans.edu/diary/A%20few%20interesting%20and%20notable%20ssh%20telnet%20usernames/32080 More sudo trouble The host option in Sudo can be exploited to execute commands on unauthorized hosts. https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-s…
…
continue reading

1
Where Strategy Meets Reality in AI Governance
29:22
29:22
Play later
Play later
Lists
Like
Liked
29:22Andrew Clearwater is a Partner at Dentons’ Privacy and Cybersecurity Team and a recognized authority in privacy and AI governance. Formerly a founding leader at OneTrust, he oversaw privacy and AI initiatives, contributed to key data protection standards, and holds over 20 patents. Andrew advises businesses on responsible tech implementation, helpi…
…
continue reading

1
SANS Stormcast Thursday July 3rd, 2025: sudo problems; polymorphic zip files; cisco vulnerablity
5:20
5:20
Play later
Play later
Lists
Like
Liked
5:20Sudo chroot Elevation of Privilege The sudo chroot option can be leveraged by any local user to elevate privileges to root, even if no sudo rules are defined for that user. https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot Polymorphic ZIP Files A zip file with a corrupt End of Central Directory Record may extract different …
…
continue reading

1
Cyber Insurance: What It Covers, What It Doesn’t, and If You Need It
27:04
27:04
Play later
Play later
Lists
Like
Liked
27:04Cyber insurance is becoming a must-have for small businesses—but do you really know what you're paying for? In this episode of Act on Tech, Alex breaks down the ins and outs of cyber insurance: what it actually covers, what it leaves out, and why some claims get denied. You'll learn how to qualify, what insurers are looking for, and how cyber insur…
…
continue reading

1
SANS Stormcast Monday June 30th, 2025: Scattered Spider; AMI BIOS Exploited; Secure Boot Certs Expiring; Microsoft Resliliency Initiative
7:29
7:29
Play later
Play later
Lists
Like
Liked
7:29Scattered Spider Update The threat actor known as Scattered Spider is in the news again, this time focusing on airlines. But the techniques used by Scattered Spider, social engineering, are still some of the most dangerous techniques used by various threat actors. https://cloud.google.com/blog/topics/threat-intelligence/unc3944-proactive-hardening-…
…
continue reading

1
SANS Stormcast Friday, June 27th, 2025: Open-VSX Flaw; Airoha Bluetooth Vulnerablity; Critical Cisco Identity Service Engine Vuln;
6:47
6:47
Play later
Play later
Lists
Like
Liked
6:47Open-VSX Flaw Puts Developers at Risk A flaw in the open-vsx extension marketplace could have let to the compromise of any extension offered by the marketplace. https://blog.koi.security/marketplace-takeover-how-we-couldve-taken-over-every-developer-using-a-vscode-fork-f0f8cf104d44 Bluetooth Vulnerability Could Allow Eavesdropping A vulnerability i…
…
continue reading

1
SANS Stormcast Thursday, June 26th, 2025: Another Netscaler Vuln; CentOS Web Panel Vuln; IP Based Certs
5:53
5:53
Play later
Play later
Lists
Like
Liked
5:53NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543 Citrix patched a memory overflow vulnerability leading to unintended control flow and denial of service. https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 Remote code execution in CentOS Web Panel - CVE-2025-48703 An arbitrary file upload vulnerab…
…
continue reading

1
The Human Firewall: Training Your Team to Defend Against Cyber Threats
30:13
30:13
Play later
Play later
Lists
Like
Liked
30:13Your employees are either your first line of defense—or your biggest vulnerability. In this episode of Act on Tech, Alex breaks down how to turn your team into a human firewall through smart training, strong habits, and a security-first culture. Learn how phishing, social engineering, and weak passwords lead to breaches—and what you can do to stop …
…
continue reading

1
SANS Stormcast Tuesday, June 24th, 2025: Telnet/SSH Scan Evolution; Fake Sonicwall Software; File-Fix vs Click-Fix
4:03
4:03
Play later
Play later
Lists
Like
Liked
4:03Quick Password Brute Forcing Evolution Statistics After collecting usernames and passwords from our ssh and telnet honeypots for about a decade, I took a look back at how scans changed. Attackers are attempting more passwords in each scans than they used to, but the average length of passwords did not change. https://isc.sans.edu/diary/Quick%20Pass…
…
continue reading

1
SANS Stormcast Tuesday, June 24th, 2025: Ichano ATHome IP Camera Scans; Netscaler Vulnerability; WinRar Vulnerability
5:04
5:04
Play later
Play later
Lists
Like
Liked
5:04Scans for Ichano AtHome IP Cameras A couple days ago, a few sources started scanning for the username super_yg and the password 123. This is associated with Ichano IP Camera software. https://isc.sans.edu/diary/Scans%20for%20Ichano%20AtHome%20IP%20Cameras/32062 Critical Netscaler Security Update CVE-2025-5777 CVE 2025-5777 is a critical severity vu…
…
continue reading

1
SANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials
5:36
5:36
Play later
Play later
Lists
Like
Liked
5:36ADS & Python Tools Didier explains how to use his tools cut-bytes.py and filescanner to extract information from alternate data streams. https://isc.sans.edu/diary/ADS%20%26%20Python%20Tools/32058 Enhanced security defaults for Windows 365 Cloud PCs Microsoft announced more secure default configurations for its Windows 365 Cloud PC offerings. https…
…
continue reading

1
SANS Stormcast Friday, June 20th, 2025: New Employee Phishing; Malicious Tech Support Links; Social Engineering App Sepecific Passwords
5:46
5:46
Play later
Play later
Lists
Like
Liked
5:46How Long Until the Phishing Starts? About Two Weeks After setting up a Google Workspace and adding a new user, it took only two weeks for the new employee to receive somewhat targeted phishing emails. https://isc.sans.edu/diary/How%20Long%20Until%20the%20Phishing%20Starts%3F%20About%20Two%20Weeks/32052 Scammers hijack websites of Bank of America, N…
…
continue reading

1
What Is a SOC—and Does Your Business Need One?
28:39
28:39
Play later
Play later
Lists
Like
Liked
28:39In this episode of Act on Tech, Alex breaks down the role of a Security Operations Center (SOC) and why it's no longer just for big corporations. Whether you're an MSP or a small business owner, a SOC can provide 24/7 monitoring, threat detection, and incident response that could save your business from major cyberattacks. Learn what a SOC actually…
…
continue reading

1
Agentic AI for Software Security: Eliminate More Vulnerabilities, Triage Less
29:17
29:17
Play later
Play later
Lists
Like
Liked
29:17Ian Riopel is the CEO and Co-founder of Root, applying agentic AI to fix vulnerabilities instantly. A US Army veteran and former Counterintelligence Agent, he’s held roles at Cisco, CloudLock, and Rapid7. Ian brings military-grade security expertise to software supply chains. John Amaral is the CTO and Co-founder of Root. Previously, he scaled Cisc…
…
continue reading

1
SANS Stormcast Monday, June 16th, 2025: Extracting Data from JPEG; Windows Recall Export; Anubis Wiper; Mitel Vuln and PoC
5:46
5:46
Play later
Play later
Lists
Like
Liked
5:46Extracting Data From JPEGs Didier shows how to efficiently extract data from JPEGs using his tool jpegdump.py https://isc.sans.edu/diary/A%20JPEG%20With%20A%20Payload/32048 Windows Recall Export in Europe In its latest insider build for Windows 11, Microsoft is testing an export feature for data stored by Recall. The feature is limited to European …
…
continue reading

1
SANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil
6:44
6:44
Play later
Play later
Lists
Like
Liked
6:44Katz Stealer in JPG Xavier found some multistage malware that uses an Excel Spreadsheet and an HTA file to load an image that includes embeded a copy of Katz stealer. https://isc.sans.edu/diary/More+Steganography/32044 https://unit42.paloaltonetworks.com/malicious-javascript-using-jsfiretruck-as-obfuscation/ JavaScript obfuscated with JSF*CK is bei…
…
continue reading

1
SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln;
5:43
5:43
Play later
Play later
Lists
Like
Liked
5:43Automated Tools to Assist with DShield Honeypot Investigations https://isc.sans.edu/diary/Automated%20Tools%20to%20Assist%20with%20DShield%20Honeypot%20Investigations%20%5BGuest%20Diary%5D/32038 EchoLeak: Zero-Click Microsoft 365 Copilot Data Leak Microsoft fixed a vulnerability in Copilot that could have been abused to exfiltrate data from Copilot…
…
continue reading

1
Operationalizing Privacy Across Teams, Tools, and Tech
27:47
27:47
Play later
Play later
Lists
Like
Liked
27:47Sarah Stalnecker is the Global Privacy Director at New Balance Athletics, Inc., where she leads the integration of privacy principles across the organization, driving awareness and compliance through education, streamlined processes, and technology solutions. In this episode… Operationalizing privacy programs starts with translating legal requireme…
…
continue reading

1
SANS Stormcast Thursday, June 12th, 2025: Quasar RAT; Windows 11 24H2 Delay; SMB Client Vuln PoC; Connectwise Signing Keys; KDE Telnet code exec
6:27
6:27
Play later
Play later
Lists
Like
Liked
6:27Quasar RAT Delivered Through Bat Files Xavier is walking you through a quick reverse analysis of a script that will injection code extracted from a PNG image to implement a Quasar RAT. https://isc.sans.edu/diary/Quasar%20RAT%20Delivered%20Through%20Bat%20Files/32036 Delayed Windows 11 24H2 Rollout Microsoft slightly throttled the rollout of windows…
…
continue reading

1
SANS Stormcast Wednesday, June 11th, 2025: Microsoft Patch Tuesday; Acrobat Patches
6:58
6:58
Play later
Play later
Lists
Like
Liked
6:58Microsoft Patch Tuesday Microsoft today released patches for 67 vulnerabilities. 10 of these vulnerabilities are rated critical. One vulnerability has already been exploited and another vulnerability has been publicly disclosed before today. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20June%202025/32032 Adobe Vulnerabilities Adobe relea…
…
continue reading

1
SANS Stormcast June, Tuesday, June 10th, 2025: Octosql; Mirai vs. Wazuh DNS4EU; Wordpress Fair Package Manager
6:09
6:09
Play later
Play later
Lists
Like
Liked
6:09OctoSQL & Vulnerability Data OctoSQL is a neat tool to query files in different formats using SQL. This can, for example, be used to query the JSON vulnerability files from CISA or NVD and create interesting joins between different files. https://isc.sans.edu/diary/OctoSQL+Vulnerability+Data/32026 Mirai vs. Wazuh The Mirai botnet has now been obser…
…
continue reading

1
SANS Stormcast June, June 9th, 2025: Extracting PNG Data; GlueStack Packages Backdoor; MacOS targeted by Clickfix; INETPUB restore script
5:43
5:43
Play later
Play later
Lists
Like
Liked
5:43Extracting With pngdump.py Didier extended his pngdump.py script to make it easier to extract additional data appended to the end of the image file. https://isc.sans.edu/diary/Extracting%20With%20pngdump.py/32022 16 React Native Packages for GlueStack Backdoored Overnight 16 npm packages with over a million weekly downloads between them were compro…
…
continue reading

1
SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch
5:01
5:01
Play later
Play later
Lists
Like
Liked
5:01Be Careful With Fake Zoom Client Downloads Miscreants are tricking victims into downloading fake Zoom clients (and likely other meeting software) by first sending them fake meeting invites that direct victims to a page that offers malware for download as an update to the Zoom client. https://isc.sans.edu/diary/Be%20Careful%20With%20Fake%20Zoom%20Cl…
…
continue reading

1
Outsmarting Threats: How AI is Changing the Cyber Game
21:32
21:32
Play later
Play later
Lists
Like
Liked
21:32Brett Ewing is the Founder and CEO of AXE.AI, a cutting-edge cybersecurity SaaS start-up, and the Chief Information Security Officer at 3DCloud. He has built a career in offensive cybersecurity, focusing on driving exponential improvement. Brett progressed from a Junior Penetration Tester to Chief Operating Officer at Strong Crypto, a provider of c…
…
continue reading

1
SANS Stormcast Thursday, June 5th, 2025: Phishing Comment Trick; AWS default logging mode change; Cisco Backdoor Fixed; Infoblox Vulnerability Details Released
5:26
5:26
Play later
Play later
Lists
Like
Liked
5:26Phishing e-mail that hides malicious links from Outlook users Jan found a phishing email that hides the malicious link from Outlook users. The email uses specific HTML comment clauses Outlook interprets to render or not render specific parts of the email s HTML code. Jan suggests that the phishing email is intented to not expose users of https://is…
…
continue reading

1
Cybersecurity for MSPs: Securing the Protectors
31:35
31:35
Play later
Play later
Lists
Like
Liked
31:35In this episode of Act on Tech, Alex dives into the critical role Managed Service Providers (MSPs) play in protecting businesses—and why MSPs themselves are now prime targets for cyberattacks. From weak internal practices to poor RMM configurations, one mistake can open the door to a supply chain disaster. Learn the essential cybersecurity strategi…
…
continue reading

1
SANS Stormcast Wednesday, June 4th, 2025: vBulletin Exploited; Chrome 0-Day Patch; Roundcube RCE Patch; Multiple HP StoreOnce Vulns Patched
7:25
7:25
Play later
Play later
Lists
Like
Liked
7:25vBulletin Exploits CVE-2025-48827, CVE-2025-48828 We do see exploit attempts for the vBulletin flaw disclosed about a week ago. The flaw is only exploitable if vBulltin is run on PHP 8.1, and was patched over a year ago. However, vBulltin never disclosed the type of vulnerability that was patched. https://isc.sans.edu/diary/vBulletin%20Exploits%20%…
…
continue reading

1
SANS Stormcast Tuesday, June 3rd, 2025: Windows SSH C2; Google Removes CAs from trusted list; MSFT issues Emergency Patch to fix Crash issue; Qualcom Adreno GPU 0-day
6:06
6:06
Play later
Play later
Lists
Like
Liked
6:06Simple SSH Backdoor Xavier came across a simple SSH backdoor taking advantage of the ssh client preinstalled on recent Windows systems. The backdoor is implemented via an SSH configuration file that instructs the SSH client to connect to a remote system and forward a shell on a random port. This will make the shell accessible to anybody able to con…
…
continue reading

1
SANS Stormcast Monday, June 2nd, 2025: PNG with RAT; Cisco IOS XE WLC Exploit; vBulletin Exploit
5:42
5:42
Play later
Play later
Lists
Like
Liked
5:42A PNG Image With an Embedded Gift Xavier shows how Python code attached to a PNG image can be used to implement a command and control channel or a complete remote admin kit. https://isc.sans.edu/diary/A+PNG+Image+With+an+Embedded+Gift/31998 Cisco IOS XE WLC Arbitrary File Upload Vulnerability (CVE-2025-20188) Analysis Horizon3 analyzed a recently p…
…
continue reading

1
SANS Stormcast Friday, May 30th 2025: Alternate Data Streams; Connectwise Breach; Google Calendar C2;
13:47
13:47
Play later
Play later
Lists
Like
Liked
13:47Alternate Data Streams: Adversary Defense Evasion and Detection Good Primer of alternate data streams and how they are abused, as well as how to detect and defend against ADS abuse. https://isc.sans.edu/diary/Alternate%20Data%20Streams%20%3F%20Adversary%20Defense%20Evasion%20and%20Detection%20%5BGuest%20Diary%5D/31990 Connectwise Breach Affects Scr…
…
continue reading

1
Privacy Reform Is Coming to Australia: What Businesses Need To Know
32:01
32:01
Play later
Play later
Lists
Like
Liked
32:01James Patto is the Partner of Helios Salinger. He is a leading voice in Australia’s tech law landscape, trusted by business and government on privacy, cybersecurity, and AI issues. With over a decade of experience as a digital lawyer, he helps organizations turn regulation into opportunity — bridging law, innovation, and strategy to build trust and…
…
continue reading

1
SANS Stormcast Thursday May 29th 2025: LLM Assisted Analysis; MSP Ransomware; Everetz Vulnerability
6:10
6:10
Play later
Play later
Lists
Like
Liked
6:10Exploring a Use Case of Artificial Intelligence Assistance with Understanding an Attack Jennifer Wilson took a weird string found in a recent honeypot sample and worked with ChatGPT to figure out what it is all about. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Exploring%20a%20Use%20Case%20of%20Artificial%20Intelligence%20Assistance%20with%20U…
…
continue reading

1
The True Cost of Downtime: Why Small Tech Problems Hurt Big
25:52
25:52
Play later
Play later
Lists
Like
Liked
25:52In this episode of Act on Tech, Alex breaks down what downtime really means for your business—and why it's more dangerous than you think. From lost revenue and broken customer trust to delayed projects and stressed-out teams, downtime isn’t just a nuisance—it’s a silent profit killer. Learn the most common causes, how to calculate the true cost, an…
…
continue reading

1
SANS Stormcast Wednesday May 28th 2025: Securing authorized_keys; ADAuditPlus SQL Injection; Dero Miner vs Docker API
6:37
6:37
Play later
Play later
Lists
Like
Liked
6:37SSH authorized_keys File One of the most common techniques used by many bots is to add rogue keys to the authorized_keys file, implementing an SSH backdoor. Managing these files and detecting unauthorized changes is not hard and should be done if you operate Unix systems. https://isc.sans.edu/diary/Securing%20Your%20SSH%20authorized_keys%20File/319…
…
continue reading

1
SANS Stormcast Tuesday, May 27th 2025: SVG Steganography; Fortinet PoC; GitLab Duo Prompt Injection
7:13
7:13
Play later
Play later
Lists
Like
Liked
7:13SVG Steganography Steganography is not only limited to pixel-based images but can be used to embed messages into vector-based formats like SVG. https://isc.sans.edu/diary/SVG%20Steganography/31978 Fortinet Vulnerability Details CVE-2025-32756 Horizon3.ai shows how it was able to find the vulnerability in Fortinet s products, and how to possibly exp…
…
continue reading

1
SANS Stormcast Friday, May 23rd 2025: Backup Connectivity; Windows 2025 dMSA Abuse; Samlify Vulnerability
7:54
7:54
Play later
Play later
Lists
Like
Liked
7:54Resilient Secure Backup Connectivity for SMB/Home Users Establishing resilient access to a home network via a second ISP may lead to unintended backdoors. Secure the access and make sure you have the visibility needed to detect abuse. https://isc.sans.edu/diary/Resilient%20Secure%20Backup%20Connectivity%20for%20SMB%20Home%20Users/31972 BadSuccessor…
…
continue reading

1
Terms, Tech & Trust: A Privacy Deep Dive With Harvey AI
30:13
30:13
Play later
Play later
Lists
Like
Liked
30:13Anita Gorney is the Head of Privacy and AI Legal at Harvey. Harvey is an AI tool for legal professionals and professional service providers. Before Harvey, she was Privacy Counsel at Stripe. Anita studied law in Sydney and began her career there before moving to London and then New York. In this episode… Legal professionals often spend time on manu…
…
continue reading

1
SANS Stormcast Thursday, May 22nd 2025: Crypto Confidence Scams; Extension Mayhem for VS Code and Chrome
6:21
6:21
Play later
Play later
Lists
Like
Liked
6:21New Variant of Crypto Confidence Scam Scammers are offering login credentials for what appears to be high value crypto coin accounts. However, the goal is to trick users into paying for expensive VIP memberships to withdraw the money. https://isc.sans.edu/diary/New%20Variant%20of%20Crypto%20Confidence%20Scam/31968 Malicious Chrome Extensions Malici…
…
continue reading
Running a small business is tough—but making the wrong tech moves can make it even harder. In this episode of Act on Tech, I’m breaking down the most common IT mistakes I see small businesses make, from weak passwords and bad backups to unprofessional email setups and poor cybersecurity. These slip-ups can cost you time, money, and customer trust. …
…
continue reading

1
SANS Stormcast Wednesday, May 21st 2025: Researchers Scanning the Internet; Forgotten DNS Records; openpgp.js Vulneraiblity
7:51
7:51
Play later
Play later
Lists
Like
Liked
7:51Researchers Scanning the Internet A newish RFC, RFC 9511, suggests researchers identify themselves by adding strings to the traffic they send, or by operating web servers on machines from which the scan originates. We do offer lists of researchers and just added three new groups today https://isc.sans.edu/diary/Researchers%20Scanning%20the%20Intern…
…
continue reading

1
SANS Stormcast Tuesday, May 20th 2025: AutoIT Code RAT; Fake Keepass Download; Procolored Printer Software Compromise
6:41
6:41
Play later
Play later
Lists
Like
Liked
6:41RAT Dropped By Two Layers of AutoIT Code Xavier explains how AutoIT was used to install a remote admin tool (RAT) and how to analyse such a tool https://isc.sans.edu/diary/RAT%20Dropped%20By%20Two%20Layers%20of%20AutoIT%20Code/31960 RVTools compromise confirmed Robware.net, the site behind the popular tool RVTools now confirmed that it was compromi…
…
continue reading

1
SANS Stormcast Monday, May 18th 2025: xorsearch python functions; pwn2own Berlin; senior govt official impersonation; dynamic domain risk
6:30
6:30
Play later
Play later
Lists
Like
Liked
6:30xorsearch.py: Python Functions Didier s xorsearch tool now supports python functions to filter output https://isc.sans.edu/diary/xorsearch.py%3A%20Python%20Functions/31858 Pwn2Own Berlin 2025 Last weeks Pwn2Own contest in Berlin allowed researchers to demonstrate a number of new exploits with a large focus on privilege escalation and virtual machin…
…
continue reading

1
SANS Stormcast Friday, May 16th: Increase in Sonicwall Scans; RVTools Compromised?; RountPress
6:26
6:26
Play later
Play later
Lists
Like
Liked
6:26Web Scanning SonicWall for CVE-2021-20016 - Update Scans for SonicWall increased by an order of magnitude over the last couple of weeks. Many of the attacks appear to originate from Global Host , a low-cost virtual hosting provider. https://isc.sans.edu/diary/Web%20Scanning%20SonicWall%20for%20CVE-2021-20016%20-%20Update/31952 Google Update Patches…
…
continue reading

1
Silent Threats Lurking in Your Child’s Devices and How To Avoid Them
31:09
31:09
Play later
Play later
Lists
Like
Liked
31:09Ben Halpert is a cybersecurity leader, educator, and advocate dedicated to empowering digital citizens. As a Fractional CISO, author, and the founder of Savvy Cyber Kids, he advances cyber safety and ethics. A sought-after speaker, Ben shares insights globally, shaping secure digital futures at work, school, and home. In this episode… Many parents …
…
continue reading

1
SANS Stormcast Thursday, May 15th: Google Open Redirects; Adobe, Ivanti, and Samsung patches
6:16
6:16
Play later
Play later
Lists
Like
Liked
6:16Another day, another phishing campaign abusing google.com open redirects Google s links from it s maps page to hotel listings do suffer from an open redirect vulnerability that is actively exploited to direct users to phishing pages. https://isc.sans.edu/diary/Another%20day%2C%20another%20phishing%20campaign%20abusing%20google.com%20open%20redirect…
…
continue reading

1
Prosumer Routers: The Networking Upgrade You Didn’t Know You Needed
29:28
29:28
Play later
Play later
Lists
Like
Liked
29:28Tired of slow Wi-Fi, dropped Zoom calls, or unreliable smart devices? In this episode of Act on Tech, we’re diving into the world of prosumer router gear—what it is, why it matters, and how it can transform your home or small business network. I’ll break down the key features that set prosumer routers apart from the stuff you get at big-box stores,…
…
continue reading

1
SANS Stormcast Wednesday, May 14th: Microsoft Patch Tuesday; 0-Days patched for Ivanti Endpoint Manager and Fortinet Products
6:38
6:38
Play later
Play later
Lists
Like
Liked
6:38Microsoft Patch Tuesday Microsoft patched 70-78 vulnerabilities (depending on how you count them). Five of these vulnerabilities are already being exploited. In particular, a remote code execution vulnerability in the scripting engine should be taken seriously. It requires the Microsoft Edge browser to run in Internet Explorer mode. https://isc.san…
…
continue reading

1
SANS Stormcast Tuesday, May 12th: Apple Patches; Unipi Technologies Scans;
6:29
6:29
Play later
Play later
Lists
Like
Liked
6:29Apple Updates Everything Apple patched all of its operating systems. This update ports a patch for a recently exploited vulnerability to older versions of iOS and macOS. https://isc.sans.edu/diary/31942 It Is 2025, And We Are Still Dealing With Default IoT Passwords And Stupid 2013 Router Vulnerabilities Versions of the Mirai botnet are attacking d…
…
continue reading