SANS.edu Internet Storm Center
@sansisc.bsky.social
http://isc.sans.edu - Global Network Security Information Sharing Community - Daily blogs and cyber security news podcast.
ISC diary: #SmartApeSG campaign uses #ClickFix page to push #NetSupportRAT https://isc.sans.edu/diary/32474
November 12, 2025 at 9:51 PM
ISC diary: #SmartApeSG campaign uses #ClickFix page to push #NetSupportRAT https://isc.sans.edu/diary/32474
SANS Stormcast Wednesday, November 12th, 2025: Microsoft Patch Tuesday; Gladinet Triofox Vulnerability; SAP Patches
https://isc.sans.edu/podcastdetail/9696
https://isc.sans.edu/podcastdetail/9696
November 12, 2025 at 3:50 AM
SANS Stormcast Wednesday, November 12th, 2025: Microsoft Patch Tuesday; Gladinet Triofox Vulnerability; SAP Patches
https://isc.sans.edu/podcastdetail/9696
https://isc.sans.edu/podcastdetail/9696
Microsoft Patch Tuesday for November 2025 https://isc.sans.edu/diary/32468
November 11, 2025 at 7:26 PM
Microsoft Patch Tuesday for November 2025 https://isc.sans.edu/diary/32468
SANS Stormcast Tuesday, November 11th, 2025: 3CX Related Scans; Watchguard Default Password;
https://isc.sans.edu/podcastdetail/9694
https://isc.sans.edu/podcastdetail/9694
November 11, 2025 at 3:50 AM
SANS Stormcast Tuesday, November 11th, 2025: 3CX Related Scans; Watchguard Default Password;
https://isc.sans.edu/podcastdetail/9694
https://isc.sans.edu/podcastdetail/9694
It isn't always defaults: Scans for 3CX usernames https://isc.sans.edu/diary/32464
November 10, 2025 at 3:25 PM
It isn't always defaults: Scans for 3CX usernames https://isc.sans.edu/diary/32464
SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks
https://isc.sans.edu/podcastdetail/9692
https://isc.sans.edu/podcastdetail/9692
November 10, 2025 at 3:45 AM
SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks
https://isc.sans.edu/podcastdetail/9692
https://isc.sans.edu/podcastdetail/9692
Honeypot: Requests for (Code) Repositories https://isc.sans.edu/diary/32460
November 8, 2025 at 6:10 AM
Honeypot: Requests for (Code) Repositories https://isc.sans.edu/diary/32460
SANS Stormcast Friday, November 7th, 2025: PowerShell Log Correlation; RondoBox Disected; Google Chrome and Cisco Patches
https://isc.sans.edu/podcastdetail/9690
https://isc.sans.edu/podcastdetail/9690
November 7, 2025 at 3:35 AM
SANS Stormcast Friday, November 7th, 2025: PowerShell Log Correlation; RondoBox Disected; Google Chrome and Cisco Patches
https://isc.sans.edu/podcastdetail/9690
https://isc.sans.edu/podcastdetail/9690
Binary Breadcrumbs: Correlating Malware Samples with Honeypot Logs Using PowerShell [Guest Diary] https://isc.sans.edu/diary/32454
November 6, 2025 at 3:35 AM
Binary Breadcrumbs: Correlating Malware Samples with Honeypot Logs Using PowerShell [Guest Diary] https://isc.sans.edu/diary/32454
SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report
https://isc.sans.edu/podcastdetail/9688
https://isc.sans.edu/podcastdetail/9688
November 6, 2025 at 3:35 AM
SANS Stormcast Thursday, November 6th, 2025: Domain API Update; Teams Spoofing; VShell Report
https://isc.sans.edu/podcastdetail/9688
https://isc.sans.edu/podcastdetail/9688
Updates to Domainname API https://isc.sans.edu/diary/32452
November 5, 2025 at 4:21 PM
Updates to Domainname API https://isc.sans.edu/diary/32452
SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches
https://isc.sans.edu/podcastdetail/9686
https://isc.sans.edu/podcastdetail/9686
November 5, 2025 at 3:35 AM
SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches
https://isc.sans.edu/podcastdetail/9686
https://isc.sans.edu/podcastdetail/9686
Apple Patches Everything, Again https://isc.sans.edu/diary/32448
November 4, 2025 at 12:10 PM
Apple Patches Everything, Again https://isc.sans.edu/diary/32448
SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensions
https://isc.sans.edu/podcastdetail/9684
https://isc.sans.edu/podcastdetail/9684
November 4, 2025 at 3:30 AM
SANS Stormcast Tuesday, November 4th, 2025: XWiki SolrSearch Exploits and Rapper Feud; AMD Zen 5 RDSEED Bug; More Malicious Open VSX Extensions
https://isc.sans.edu/podcastdetail/9684
https://isc.sans.edu/podcastdetail/9684
XWiki SolrSearch Exploit Attempts (CVE-2025-24893) with link to Chicago Gangs/Rappers https://isc.sans.edu/diary/32444
November 3, 2025 at 2:21 PM
XWiki SolrSearch Exploit Attempts (CVE-2025-24893) with link to Chicago Gangs/Rappers https://isc.sans.edu/diary/32444
SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements
https://isc.sans.edu/podcastdetail/9682
https://isc.sans.edu/podcastdetail/9682
November 3, 2025 at 3:30 AM
SANS Stormcast Monday, November 3rd, 2025: Port 8530/8531 Scans; BADCANDY Webshells; Open VSX Security Improvements
https://isc.sans.edu/podcastdetail/9682
https://isc.sans.edu/podcastdetail/9682
Scans for Port 8530/8531 (TCP). Likely related to WSUS Vulnerability CVE-2025-59287 https://isc.sans.edu/diary/32440
November 2, 2025 at 5:55 PM
Scans for Port 8530/8531 (TCP). Likely related to WSUS Vulnerability CVE-2025-59287 https://isc.sans.edu/diary/32440
SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability
https://isc.sans.edu/podcastdetail/9680
https://isc.sans.edu/podcastdetail/9680
October 31, 2025 at 3:25 AM
SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability
https://isc.sans.edu/podcastdetail/9680
https://isc.sans.edu/podcastdetail/9680
X-Request-Purpose: Identifying "research" and bug bounty related scans? https://isc.sans.edu/diary/32436
October 30, 2025 at 1:26 PM
X-Request-Purpose: Identifying "research" and bug bounty related scans? https://isc.sans.edu/diary/32436
SANS Stormcast Thursday, October 30th, 2025: Memory Only Filesystems Forensics; Azure Outage; docker-compose patch
https://isc.sans.edu/podcastdetail/9678
https://isc.sans.edu/podcastdetail/9678
October 30, 2025 at 3:20 AM
SANS Stormcast Thursday, October 30th, 2025: Memory Only Filesystems Forensics; Azure Outage; docker-compose patch
https://isc.sans.edu/podcastdetail/9678
https://isc.sans.edu/podcastdetail/9678
How to collect memory-only filesystems on Linux systems https://isc.sans.edu/diary/32432
October 29, 2025 at 4:56 AM
How to collect memory-only filesystems on Linux systems https://isc.sans.edu/diary/32432
SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC
https://isc.sans.edu/podcastdetail/9676
https://isc.sans.edu/podcastdetail/9676
October 29, 2025 at 3:20 AM
SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC
https://isc.sans.edu/podcastdetail/9676
https://isc.sans.edu/podcastdetail/9676
A phishing with invisible characters in the subject line https://isc.sans.edu/diary/32428
October 28, 2025 at 9:41 AM
A phishing with invisible characters in the subject line https://isc.sans.edu/diary/32428
SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection
https://isc.sans.edu/podcastdetail/9674
https://isc.sans.edu/podcastdetail/9674
October 28, 2025 at 3:15 AM
SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection
https://isc.sans.edu/podcastdetail/9674
https://isc.sans.edu/podcastdetail/9674
Bytes over DNS https://isc.sans.edu/diary/32420
October 27, 2025 at 9:10 AM
Bytes over DNS https://isc.sans.edu/diary/32420