SANS.edu Internet Storm Center
@sansisc.bsky.social
http://isc.sans.edu - Global Network Security Information Sharing Community - Daily blogs and cyber security news podcast.
SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext.
https://isc.sans.edu/podcastdetail/9720
https://isc.sans.edu/podcastdetail/9720
December 2, 2025 at 4:20 AM
SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext.
https://isc.sans.edu/podcastdetail/9720
https://isc.sans.edu/podcastdetail/9720
[Guest Diary] Hunting for SharePoint In-Memory ToolShell Payloads https://isc.sans.edu/diary/32524
December 1, 2025 at 11:30 PM
[Guest Diary] Hunting for SharePoint In-Memory ToolShell Payloads https://isc.sans.edu/diary/32524
SANS Stormcast Monday, December 1st, 2025: More ClickFix; Teams Guest Access; Geoserver XXE Vulnerablity
https://isc.sans.edu/podcastdetail/9718
https://isc.sans.edu/podcastdetail/9718
December 1, 2025 at 4:20 AM
SANS Stormcast Monday, December 1st, 2025: More ClickFix; Teams Guest Access; Geoserver XXE Vulnerablity
https://isc.sans.edu/podcastdetail/9718
https://isc.sans.edu/podcastdetail/9718
SANS Stormcast Wednesday, November 26th, 2025: Attacks Against Messaging; Passwords in Random Websites; Fluentbit Vuln; #thanksgiving
https://isc.sans.edu/podcastdetail/9716
https://isc.sans.edu/podcastdetail/9716
November 26, 2025 at 4:10 AM
SANS Stormcast Wednesday, November 26th, 2025: Attacks Against Messaging; Passwords in Random Websites; Fluentbit Vuln; #thanksgiving
https://isc.sans.edu/podcastdetail/9716
https://isc.sans.edu/podcastdetail/9716
SANS Stormcast Tuesday, November 25th, 2025: URL Mapping and Authentication; SHA1-Hulud; Hacklore
https://isc.sans.edu/podcastdetail/9714
https://isc.sans.edu/podcastdetail/9714
November 25, 2025 at 4:05 AM
SANS Stormcast Tuesday, November 25th, 2025: URL Mapping and Authentication; SHA1-Hulud; Hacklore
https://isc.sans.edu/podcastdetail/9714
https://isc.sans.edu/podcastdetail/9714
Conflicts between URL mapping and URL based access control. https://isc.sans.edu/diary/32518
November 24, 2025 at 3:02 PM
Conflicts between URL mapping and URL based access control. https://isc.sans.edu/diary/32518
SANS Stormcast Monday, November 24th, 2025: CSS Padding in Phishing; Oracle Identity Manager Scans Update;
https://isc.sans.edu/podcastdetail/9712
https://isc.sans.edu/podcastdetail/9712
November 24, 2025 at 4:05 AM
SANS Stormcast Monday, November 24th, 2025: CSS Padding in Phishing; Oracle Identity Manager Scans Update;
https://isc.sans.edu/podcastdetail/9712
https://isc.sans.edu/podcastdetail/9712
YARA-X 1.10.0 Release: Fix Warnings https://isc.sans.edu/diary/32514
November 23, 2025 at 10:51 AM
YARA-X 1.10.0 Release: Fix Warnings https://isc.sans.edu/diary/32514
Wireshark 4.4.1 Released https://isc.sans.edu/diary/32512
November 23, 2025 at 10:40 AM
Wireshark 4.4.1 Released https://isc.sans.edu/diary/32512
Use of CSS stuffing as an obfuscation technique? https://isc.sans.edu/diary/32510
November 21, 2025 at 9:51 AM
Use of CSS stuffing as an obfuscation technique? https://isc.sans.edu/diary/32510
SANS Stormcast Friday, November 21st, 2025: Oracle Idendity Manager Scans; SonicWall DoS Vuln; Adam Wilson (@sans_edu) reducing prompt injection.
https://isc.sans.edu/podcastdetail/9710
https://isc.sans.edu/podcastdetail/9710
November 21, 2025 at 4:01 AM
SANS Stormcast Friday, November 21st, 2025: Oracle Idendity Manager Scans; SonicWall DoS Vuln; Adam Wilson (@sans_edu) reducing prompt injection.
https://isc.sans.edu/podcastdetail/9710
https://isc.sans.edu/podcastdetail/9710
Oracle Identity Manager Exploit Observation from September (CVE-2025-61757) https://isc.sans.edu/diary/32506
November 20, 2025 at 4:56 PM
Oracle Identity Manager Exploit Observation from September (CVE-2025-61757) https://isc.sans.edu/diary/32506
SANS Stormcast Thursday, November 20th, 2025: Unicode Issues; FortiWeb More Vulns; DLink DIR-878 Vuln; Operation WrtHug and ASUS Routers
https://isc.sans.edu/podcastdetail/9708
https://isc.sans.edu/podcastdetail/9708
November 20, 2025 at 4:01 AM
SANS Stormcast Thursday, November 20th, 2025: Unicode Issues; FortiWeb More Vulns; DLink DIR-878 Vuln; Operation WrtHug and ASUS Routers
https://isc.sans.edu/podcastdetail/9708
https://isc.sans.edu/podcastdetail/9708
Unicode: It is more than funny domain names. https://isc.sans.edu/diary/32472
November 19, 2025 at 4:01 PM
Unicode: It is more than funny domain names. https://isc.sans.edu/diary/32472
SANS Stormcast Wednesday, November 19th, 2025: Kong Tuke; Cloudflare Outage
https://isc.sans.edu/podcastdetail/9706
https://isc.sans.edu/podcastdetail/9706
November 19, 2025 at 4:00 AM
SANS Stormcast Wednesday, November 19th, 2025: Kong Tuke; Cloudflare Outage
https://isc.sans.edu/podcastdetail/9706
https://isc.sans.edu/podcastdetail/9706
ISC diary: #KongTuke activity using #CAPTCHA style #ClickFix lure leads to malicious #Python script https://isc.sans.edu/diary/32498
November 18, 2025 at 7:11 AM
ISC diary: #KongTuke activity using #CAPTCHA style #ClickFix lure leads to malicious #Python script https://isc.sans.edu/diary/32498
SANS Stormcast Tuesday, November 18th, 2025: Binary Expression Decoding. Tea NPM Pollution; IBM AIX NIMSH Vulnerability
https://isc.sans.edu/podcastdetail/9704
https://isc.sans.edu/podcastdetail/9704
November 18, 2025 at 4:00 AM
SANS Stormcast Tuesday, November 18th, 2025: Binary Expression Decoding. Tea NPM Pollution; IBM AIX NIMSH Vulnerability
https://isc.sans.edu/podcastdetail/9704
https://isc.sans.edu/podcastdetail/9704
Decoding Binary Numeric Expressions https://isc.sans.edu/diary/32490
November 17, 2025 at 7:20 AM
Decoding Binary Numeric Expressions https://isc.sans.edu/diary/32490
SANS Stormcast Monday, November 17th, 2025: New(isch) Fortiweb Vulnerability; Finger and ClickFix
https://isc.sans.edu/podcastdetail/9702
https://isc.sans.edu/podcastdetail/9702
November 17, 2025 at 3:55 AM
SANS Stormcast Monday, November 17th, 2025: New(isch) Fortiweb Vulnerability; Finger and ClickFix
https://isc.sans.edu/podcastdetail/9702
https://isc.sans.edu/podcastdetail/9702
Finger.exe & ClickFix https://isc.sans.edu/diary/32492
November 16, 2025 at 7:31 AM
Finger.exe & ClickFix https://isc.sans.edu/diary/32492
SANS Holiday Hack Challenge 2025 https://isc.sans.edu/diary/32488
November 16, 2025 at 7:21 AM
SANS Holiday Hack Challenge 2025 https://isc.sans.edu/diary/32488
Honeypot: FortiWeb CVE-2025-64446 Exploits https://isc.sans.edu/diary/32486
November 15, 2025 at 9:46 AM
Honeypot: FortiWeb CVE-2025-64446 Exploits https://isc.sans.edu/diary/32486
Microsoft Office Russian Dolls https://isc.sans.edu/diary/32484
November 14, 2025 at 1:46 PM
Microsoft Office Russian Dolls https://isc.sans.edu/diary/32484
SANS Stormcast Friday, November 14th, 2025: SmartApeSG and ClickFix; Formbook Obfuscation Tricks; Sudo-rs Vulnerabilities; SANS Holiday Hack Challenge
https://isc.sans.edu/podcastdetail/9700
https://isc.sans.edu/podcastdetail/9700
November 14, 2025 at 3:50 AM
SANS Stormcast Friday, November 14th, 2025: SmartApeSG and ClickFix; Formbook Obfuscation Tricks; Sudo-rs Vulnerabilities; SANS Holiday Hack Challenge
https://isc.sans.edu/podcastdetail/9700
https://isc.sans.edu/podcastdetail/9700
Formbook Delivered Through Multiple Scripts https://isc.sans.edu/diary/32480
November 13, 2025 at 8:51 AM
Formbook Delivered Through Multiple Scripts https://isc.sans.edu/diary/32480