AddGitHub
All podcastsSuggest edits
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
4.9(676)

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

by Johannes B. Ullrich

2436 episodesLatest todayEN-US
NewsThreat IntelligenceVulnerability ManagementNetwork SecurityBlue Team
WebsiteYouTubeX
AppleSpotifyPocket CastsOvercastCastroRSS
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Hosts

  • Johannes B. Ullrich, Ph.D.

(c) SANS Institute 2026 This work is licensed under a Creative Commons License - Attribution-NonCommercial-ShareAlike - https://creativecommons.org/licenses/by-nc-sa/4.0/

Recent reviews on Apple Podcasts (5)

  • Best in Show!

    Johannes delivers just the right amount of daily relevant information to stay aware of threats and risks, as well as the occasional research/whitepaper topic. Bravo!

    1Flatlander ·

  • High quality info in a short amount of time. Listen very closely to what he puts out

    Johannes continues to point out trends and indicators I might otherwise have missed. I’ve seen a lot of crazy scenarios play out based on data he’s gathered and provided. Listen to a few episodes to hear what I mean. His podcast also serves as a convenient reminder for Patch Tuesday and iOS updates. Yet another great podcast the sociable Dave Bittner has led me to.

    TFWas ·

  • Required Professional Daily Use

    This is a requirement for my team as they start their day. The information is a great way to start the brain thinking into what is going on and what new things should we be looking for. We discuss it and volunteer topics for research and further discovery. 11/10 -highly recommended

    PowerBob ·

  • Your Daily Cyber Drive-Thru

    I’ll take a #1: top threats, quick context, and practical next steps—make it efficient. Storm Center is consistently satisfying and never wastes your time.

    JayJonahJameson ·

  • Great content

    I don’t always get to listen to this daily but I’m careful to go back at the end of the week to catch up.

    Ceszombie ·

View all reviews on Apple Podcasts

Episodes (2436)

  1. SANS Stormcast Wednesday, May 13th, 2026: Microsoft Patch Tuesday; Large npm/pypi Compromise; Rubygems Attack

    May 13, 20267m#9930

    Microsoft Patch Tuesday https://isc.sans.edu/diary/32980 Tanstack npm and others compromised https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack Ruby Gems Attack https://x.com/ma

  2. SANS Stormcast Tuesday, May 12th, 2026: Apple Patches; Encrypted RCS; CAPTCHAs; Checkmarx vs TeamPCP;

    May 12, 20265m#9928

    Apple Patches Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything/32976 End-to-End Encrypted RCS Messages https://www.apple.com/newsroom/2026/05/end-to-end-encrypted-rcs-messaging-begins-rolling-out-today-

  3. SANS Stormcast Monday, May 11th, 2026: New Linux Priv Escalation; PAM Backdoors; CPanel Updates; Let’s Encrypt

    May 11, 20266m#9926

    Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag https://isc.sans.edu/diary/Another%20Universal%20Linux%20Local%20Privilege%20Escalation%20%28LPE%29%20Vulnerability%3A%20Dirty%20Frag/329

  4. SANS Stormcast Friday, May 8th, 2026: AI Generated Dashboard; Ivanti Patches; Redis Vuln; @sans_edu Marcio Enriquez

    May 8, 202614m#9924

    An Adaptive Cyber Analytics UI for Web Honeypot Logs https://isc.sans.edu/diary/An%20Adaptive%20Cyber%20Analytics%20UI%20for%20Web%20Honeypot%20Logs%20%5BGuest%20Diary%5D/32962 Ivanti May Patchday https://hub.ivanti.com/

  5. SANS Stormcast Thursday, May 7th, 2026: .DE DNSEC Fail; PAN OS 0-Day Patched;

    May 7, 20266m#9922

    Technical issue with .de domains https://blog.denic.de/en/technical-issue-with-de-domains-resolved/ CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID Authentication Portal http

  6. SANS Stormcast Wednesday, May 6th, 2026: Cleartext Passwords in Edge; SSL.com Root Rotation; DAEMONTOOLS Backdoor;

    May 6, 20268m#9920

    Cleartext Passwords in MS Edge? In 2026? https://isc.sans.edu/diary/Cleartext%20Passwords%20in%20MS%20Edge%3F%20In%202026%3F/32954 SSL.com rotates its root certificate today https://isc.sans.edu/diary/SSL.com%20rotates%2

  7. SANS Stormcast Tuesday, May 5th, 2026: Honeypot Update; MOVEit Patches; Apache http2 Vuln;

    May 5, 20265m#9918

    DShield Honeypot Update https://isc.sans.edu/diary/DShield%20Honeypot%20Update/32948 MOVEit Automation Critical Security Alert Bulletin April 2026 (CVE-2026-4670, CVE-2026-5174) https://community.progress.com/s/article/M

  8. SANS Stormcast Monday, May 4th, 2026: Malicious Homebrew Ads; Wireshark Update; Digicert False Positive; cPanel Exploited

    May 4, 20267m#9916

    Malicious Ad for Homebrew Leads to MacSync Stealer https://isc.sans.edu/diary/Malicious%20Ad%20for%20Homebrew%20Leads%20to%20MacSync%20Stealer/32942 Wireshark Update https://www.wireshark.org/docs/relnotes/wireshark-4.6.

  9. SANS Stormcast Friday, May 1st, 2026: Libredtail; FreeBSD dhclient vuln; Linux Copy-Fail; @sans_edu Detecting AI Pickling

    May 1, 202614m#9914

    Danger of Libredtail https://isc.sans.edu/diary/Danger%20of%20Libredtail%20%5BGuest%20Diary%5D/32936 FreeBSD dhclient vulnerability https://www.freebsd.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc Linux Copy-Fai

  10. SANS Stormcast Thursday, April 30th, 2026: Odd Requests; MSFT LNK Bug Exploited; Secure Boot Fix; TLS Updates; SAP npm malware

    Apr 30, 20266m#9912

    Today's Odd Web Requests https://isc.sans.edu/diary/Today%27s%20Odd%20Web%20Requests/32934 Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202 https://www.akamai.com/blog/security-research/2026/apr/incomplete-pa

  11. SANS Stormcast Wednesday, April 29th, 2026: Odd Vercel Header Usage; GitHub Vuln Patches; MSFT RDP Notification Bug

    Apr 29, 20265m#9910

    HTTP Requests with X-Vercel-Set-Bypass-Cookie Header https://isc.sans.edu/diary/HTTP%20Requests%20with%20X-Vercel-Set-Bypass-Cookie%20Header/32930 GitHub Vulnerability CVE-2026-3854 https://www.wiz.io/blog/github-rce-vul

  12. SANS Stormcast Tuesday, April 28th, 2026: More TeamPCP; Citrix XenServer Unpatched Vulns; Phantom RPC;

    Apr 28, 20266m#9908

    TeamPCP Update https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20008%20-%2026-Day%20Pause%20Ends%20with%20Three%20Concurrent%20Compromises%20%28Checkmarx%20KICS%2C%20Bitwarden%20CLI%20Cascade%2

  13. SANS Stormcast Friday April 24rd, 2026: Apple Update; Bitwarden Compromise; ASP.NET Core Patch

    Apr 24, 20266m#9906

    Apple Patches Exploited Notification Flaw https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Notification%20Flaw/32922 Bitwarden CLI Compromised https://socket.dev/blog/bitwarden-cli-compromised https://community.b

  14. SANS Stormcast Thursday, April 23rd, 2026: Stealing Telegram Sessions; Oracle CPU; Firefox Patches

    Apr 23, 20268m#9904

    Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Beyond%20Cryptojacking%3A%20Telegram%20tdata%20as%20a%20Credential

  15. SANS Stormcast Wednesday, April 22nd, 2026: WAV Malware; GitHub OAUTH Phishing; Perforce Settings

    Apr 22, 20267m#9902

    A .WAV With A Payload https://isc.sans.edu/diary/A%20.WAV%20With%20A%20Payload/32910 The Phishy GitHub Issue Case https://blog.atsika.ninja/posts/the-phishy-github-issue-case/ P4WNED: How Insecure Defaults in Perforce Ex

  16. SANS Stormcast Tuesday, April 21st, 2026: CVE and EPSS; Windows Server 2025 OOB; QEMU Abuse;

    Apr 21, 20265m#9900

    Handling the CVE Flood With EPSS https://isc.sans.edu/diary/Handling%20the%20CVE%20Flood%20With%20EPSS/32914 Windows Server 2025 Out of Band Patch https://learn.microsoft.com/en-us/windows/release-health/windows-message-

  17. SANS Stormcast Monday, April 20th, 2026: Lumma Stealer and Sectop RAT; Windows 0-Day Exploited; NIST NVD Update; FortiSandbox PoC

    Apr 20, 20266m#9898

    Lumma Stealer infection with Sectop RAT (ArechClient2) https://isc.sans.edu/diary/Lumma%20Stealer%20infection%20with%20Sectop%20RAT%20%28ArechClient2%29/32904 Three Recent Windows Defender Vulnerabilities Exploited (one

  18. SANS Stormcast Friday, April 17th, 2026: DVRs Again; Cisco Again; Windows Defender Again; Sonatype

    Apr 17, 20265m#9896

    Compromised DVRs and Finding Them in the Wild https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Compromised%20DVRs%20and%20Finding%20Them%20in%20the%20Wild/32886 Cisco ISE RCE Vulnerability and WebEx Auth Bypass CVE-2026-

  19. SANS Stormcast Thursday, April 16th, 2026: AI Credential Scans; Microsoft Update Issues; RDP Warnings; GitHub Action Vulns;

    Apr 16, 20266m#9894

    Scanning for AI Models https://isc.sans.edu/diary/Scanning%20for%20AI%20Models/32896 Microsoft Update Problems https://support.microsoft.com/en-us/topic/april-14-2026-kb5082063-os-build-26100-32690-c57e289d-27c9-47cd-a18

  20. SANS Stormcast Wednesday, April 15th, 2026: Microsoft, Adobe, Fortinet and others Patches

    Apr 15, 20268m#9892

    Microsoft Patch Tuesday April 2026 https://isc.sans.edu/forums/diary/Microsoft%20Patch%20Tuesday%20April%202026./32898/ Adobe Patches https://helpx.adobe.com/security/Home.html Fortinet Patches https://fortiguard.fortine

  21. SANS Stormcast Tuesday, April 14th, 2026: EncystPHP Webshell; CPUID Compromise; OpenAI Mac Cert Issue; Axios Vulnerability

    Apr 14, 20266m#9890

    Scans for EncystPHP Webshell https://isc.sans.edu/diary/Scans%20for%20EncystPHP%20Webshell/32892 CPUID Compromise https://securelist.com/tr/cpu-z/119365/ https://x.com/d0cTB/status/2042520961824559150 OpenAI Mac Applicat

  22. SANS Stormcast Monday, April 13th, 2026: Obfuscated JavaScript; Numbers in Passwords; Adobe Patches 0-Day; ClickFix Fix Bypass

    Apr 13, 20266m#9888

    Obfuscated JavaScript or Nothing https://isc.sans.edu/diary/Obfuscated%20JavaScript%20or%20Nothing/32884 Numbers in Passwords https://isc.sans.edu/diary/Number%20Usage%20in%20Passwords%3A%20Take%20Two/32866 Adobe 0-Day P

  23. SANS Stormcast Thursday, April 9th, 2026: Honeypot Fingerprinting; Microsoft Locks Developer Accounts; ActiveMQ Vuln;

    Apr 9, 20267m#9886

    Honeypot Fingerprinting https://isc.sans.edu/diary/More%20Honeypot%20Fingerprinting%20Scans/32878 Microsoft Locks Accounts for Privacy/Encryption Related Developers https://sourceforge.net/p/veracrypt/discussion/general/

  24. SANS Stormcast Wednesday, April 8th, 2026: Pivoting for Webshells; WatchGuard Firebox Patch; Project Glasswing; Kubernetes Misconfigurations

    Apr 8, 20266m#9884

    A Little Bit Pivoting: What Web Shells are Attackers Looking for Today? https://isc.sans.edu/diary/A%20Little%20Bit%20Pivoting%3A%20What%20Web%20Shells%20are%20Attackers%20Looking%20for%3F/32874 WatchGuard Firebox Arbitr

  25. SANS Stormcast Tuesday, April 7th, 2026: Redirects in Phishing; Internet Bug Bounty Suspended; Bluehammer; Keycloak MFA Bypass

    Apr 7, 20266m#9882

    How often are redirects used in phishing in 2026? https://isc.sans.edu/diary/How%20often%20are%20redirects%20used%20in%20phishing%20in%202026%3F/32870 Hackerone Suspends Internet Bug Bounty https://hackerone.com/ibb?type