Johannes B. Ullrich
SANS Internet Storm Center Stormcast
Good podcast? Give it some love!
Johannes B. Ullrich
SANS Internet Storm Center StormcastEpisodes
Johannes B. Ullrich
SANS Internet Storm Center Stormcast
Good podcast? Give it some love!
Rate Podcast
Best Episodes of SANS Internet Storm Center Stormcast
Mark All
Search Episodes...
"Best Before" Malware; FBI Offers Lockbit Help; UK Asks for EoL data; FCC proposes RPKI rules for BPG Malicious Python Script with a "Best Before" Date https://isc.sans.edu/diary/Malicious%20Python%20Script%20with%20a%20%22Best%20Before%22%20Da
WatchGuard VPN Bruteforcing; TotalRecall; WebEx Flaw; #webex @cisco #recall WatchGuard VPN Brutefording https://isc.sans.edu/diary/Brute%20Force%20Attacks%20Against%20Watchguard%20VPN%20Endpoints/30984 TotalRecall Tool To Extract Data from Micr
No Defender Detection; Fake Job Ads; Zyxel NAS Patches No Defender Yes Defender https://isc.sans.edu/diary/No-Defender%2C%20Yes-Defender/30980 Fake Job Ads Lead to Stolen Crypto Currency https://www.ic3.gov/Media/Y2024/PSA240604 Zyxel NAS Vulne
Custom Wireshark LUA Dissectors; COX Cable Modem API; Malicious Stack Overflow Answers; A Wireshark Lua Dissector for Fixed Field Length Protocols https://isc.sans.edu/diary/A%20Wireshark%20Lua%20Dissector%20for%20Fixed%20Field%20Length%20Proto
K1W1 Infostealer; Linux Malware Scanner; Snowflake Incident; HuggingFace Space secrets leak; K1w1 Infostealer Uses gofile.io for Exfiltration https://isc.sans.edu/diary/%22K1w1%22%20InfoStealer%20Uses%20gofile.io%20for%20Exfiltration/30972 Kasp
OSSEC and MISP; Checkpoint VPN PoC Exploit; Massive October Windstream Outage; Cypher Injection; @sans_edu @watchtowrcyber @lumentechco Feeding MISP with OSSEC https://isc.sans.edu/diary/Feeding%20MISP%20with%20OSSEC/30968 Checkpoint VPN https:
DShield SIEM; Checkpoint 0-Day; Okta Credential Stuffing; Bitcoin Wallet Bruteforce; @okta @joegrand Is that It? Finding the Unknown: Correlations Between Honeypot Logs and PCAPs https://isc.sans.edu/diary/Is%20that%20It%3F%20%20Finding%20the%2
SQL Injection and Python; FortiSIEM RCE PoC; Bitlocker Ransomware; iconv (glibc) and MacOS PoC; @Horizon3ai @WangTielei Preventing SQL Injection with Python https://www.youtube.com/watch?v=1cQy9N1Xndk PoC Exploit for CVE-2024-23108 in Fortinet
TXZ Malspam; 4th Google 0-Day; Google no trust in Globaltrust; Checkpoint Password Bruteforcing; Files with TGZ Extension used as malspam attachements https://isc.sans.edu/diary/Files%20with%20TXZ%20extension%20used%20as%20malspam%20attachments
Redtail Miner; Veeam, Ivanti and Firepower Vulns; Justice AV Backdoor; C-Root Server Lack Analysis of 'redtail' file uploads to ISC Honeypot https://isc.sans.edu/diary/Analysis%20of%20%3Fredtail%3F%20File%20Uploads%20to%20ICS%20Honeypot%2C%20a%
Scripting ipinfo in nmap; Wifi BSSID Location Databases: risks and opting out NMAP Scanning Without Scanning - The ipinfo API https://isc.sans.edu/diary/NMAP%20Scanning%20without%20Scanning%20%28Part%202%29%20-%20The%20ipinfo%20API/30948 Why Yo
Shodan via nmap; iTerm2 Vulns; GitHub Enterprise Vuln; BitBucket Secret Leaks; MSFT Recall Privacy Scanning without Scanning with nmap https://isc.sans.edu/diary/Scanning%20without%20Scanning%20with%20NMAP%20%28APIs%20FTW%29/30944 iTerm2 Vulner
Analyzing MSG Files; Fluent Bit Vuln; Fortinet Vuln Details; Git and Google Chrome PoCs; Analyzing MSG Files https://isc.sans.edu/diary/Analyzing%20MSG%20Files/30940 Linguistic Lumberjack: Fluent Bit Vulnerability CVE-2024-4323 https://www.tena
Extrace JPEGs from PDFs; QNAP 0-Day PoC; Exploited D-Link Vulnerabilities; Ivanti PoC Another PDF Streams Example: Extracting JPEGs https://isc.sans.edu/diary/Another%20PDF%20Streams%20Example%3A%20Extracting%20JPEGs/30924 QNAP QTS QNAPping At
yq parser; Quick Assist Misuse; Chrome 0-Days; Android Theft Protection; Git Update Why yq? Adventurs in XML https://isc.sans.edu/diary/Why%20yq%3F%20%20Adventures%20in%20XML/30930 Black Basta Uses Quick Assist https://www.microsoft.com/en-us/s
VPNs need MFA; SSID Confusion; FIDO2 Session Hijacking Got MFA? If not, now is the time! https://isc.sans.edu/diary/Got%20MFA%3F%20%20If%20not%2C%20Now%20is%20the%20Time!/30926 SSID Confusion: Making Wi-Fi Clients Connect to the Wrong Network C
Microsoft Patches; Bluetooth Trackers; VMWare Updates; Revoking Windows UEFI Certs; Adobe Patches Microsoft Patches https://isc.sans.edu/diary/Microsoft%20May%202024%20Patch%20Tuesday/30920 Detecting Bluetooth Trackers https://security.googlebl
Apple Updates; JunOS OpenSSH Issues; Malicious Go in PyPi; Apple Updates Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20macOS%2C%20iOS%2C%20iPadOS%2C%20watchOS%2C%20tvOS%20updated./30916 Juniper OpenSSH Update https://s
Windows DNS Suffixes; Black Basta Ransomware; Arcserve UDP Exploits; Chrome 0-day; SolarWinds ARM Vuln; DNS Suffixes on Windows https://isc.sans.edu/diary/DNS%20Suffixes%20on%20Windows/30912 Black Basta Ransomware Advisory https://www.cisa.gov/
PDF Streams; F5 Central Manager Vuln; Veeam Patches; XenCenter Putty Update; Analyzing PDF Streams https://isc.sans.edu/diary/Analyzing%20PDF%20Streams/30908 F5 Next Central Manager Vulnerabilities https://eclypsium.com/blog/big-vulnerabilities
Analyzing Synology Disks; RSA Panel; SANS.edu Research Journal Analzying Synology Disks https://isc.sans.edu/diary/Analyzing%20Synology%20Disks%20on%20Linux/30904 RSA Panel https://www.rsaconference.com/usa/agenda/session/The%20Five%20Most%20Da
ISP DNS Spoofing; Weblogic PoC; PDF.js / React PDF Vuln; Tinyproxy Detecting XFinity/Comcast DNS Spoofing https://isc.sans.edu/diary/Detecting%20XFinity%20Comcast%20DNS%20Spoofing/30898 Weblogic PoC CVE-2024-21006 https://pwnull.github.io/2024/
VPN Routing Leaks; Mullvad VPN Traffic Leak; Tiny Proxy unpatches RCE Vuln; DHCP Based VPN Routing Leaks https://www.leviathansecurity.com/blog/tunnelvision Mullvad VPN DNS Traffic Leak https://mullvad.net/en/blog/dns-traffic-can-leak-outside-t
DNS Debugging; MSFT Zero Trust DNS; MSFT Graph API Abuse DNS Debugging with nslookup https://isc.sans.edu/diary/nslookups+Debug+Options/30894/ Microsoft Plans DNS Lockdown https://techcommunity.microsoft.com/t5/networking-blog/announcing-zero-t
Scans for Stupid Router Vuln; npm xml-crypt Vuln; Cuddlefish; ArubaOS Vuln; https://isc.sans.edu/diary/Scans%20Probing%20for%20LB-Link%20and%20Vinga%20WR-AC1200%20routers%20CVE-2023-24796/30890 Scans Probing for LB-Link and Vinga WR-AC1200 rout
Join Podchaser to...
- Rate podcasts and episodes
- Follow podcasts and creators
- Create podcast and episode lists
- & much more
Unlock more with Podchaser Pro
- Audience Insights
- Contact Information
- Demographics
- Charts
- Sponsor History
- and More!
- Account
- Register
- Log In
- Find Friends
- Resources
- Help Center
- Blog
- API
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More
- © 2024 Podchaser, Inc.
- Privacy Policy
- Terms of Service
- Contact Us