News

Google Presentation Abuse https://isc.sans.edu/diary/Google+Presentations+Abused+for+Phishing/32668/ Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US Microsoft NTLM Strategy https://techcommunity.microsoft.com/blog/windows-itpro-blog/advancing-windows-security-disabling-ntlm-by-default/4489526

No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network Google dismantled the IPIDEA network that used residential proxies to route malicious traffic. https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network Fake Clawdbot VS Code Extension Installs ScreenConnect RAT The news about Clawdbot (now Moltbot) is used to distribute malware, in particular malicious VS Code Read More

Welcome to Episode 420 of the Microsoft Cloud IT Pro Podcast. In this episode, Scott is back for a lighthearted discussion on some of the new tech and toys and that Ben and Scott picked up over the holidays. Listen in as Ben tries to convince Scott he needs a Read More

Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop? We are seeing attempts to attack CVE-2026-21962, a recent weblog vulnerability, using a non-working AI slop exploit https://isc.sans.edu/diary/Odd%20WebLogic%20Request.%20Possible%20CVE-2026-21962%20Exploit%20Attempt%20or%20AI%20Slop%3F/32662 Fortinet Patches are Rolling Out Fortinet is starting to roll out patches for the recent SSO vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-060 SolarWinds Web Helpdesk Vulnerability Read More

In this episode, we speak with retired Lt. Randy Sutton, a man whose own life is a testament to the trials faced by those in blue. Founder of The Wounded Blue, Randy sheds light on the stark reality of physical and emotional injuries sustained on the job, illuminating the journeys Read More

Send a textThe Jacksonville Jaguars’ season comes to a tough end, and we’re breaking it all down on “Touchdown Jaguars!”. In this episode, we recap the wildcard round loss to the Buffalo Bills, dig into getting through the tough loss, and look ahead to what’s next for Jacksonville. This week we Read More

Send a textDr. Mitchell Rothstein goes over the FibroScan, a liver scanning technology that produces fast and cheap measurements of liver fat content and fibrosis. Dr. Rothstein reviews what the FibroScan is, how it works, the process of getting a FibroScan, and what the results mean. The doctor explains when Read More

Initial Stages of Romance Scams [Guest Diary] Romance scams often start with random text messages that appear to be misrouted . This guest diary by Faris Azhari is following some of the initial stages of such a scam. https://isc.sans.edu/diary/Initial%20Stages%20of%20Romance%20Scams%20%5BGuest%20Diary%5D/32650 Denial of Service Vulnerabilities in React Server Components Another folowup fix Read More

Scanning Webserver with pwd as a Starting Path Attackers are adding the output of the pwd command to their web scans. https://isc.sans.edu/diary/x/32654 Microsoft Office Security Feature Bypass Vulnerability CVE-2026-21509 Microsoft released an out-of-band patch for Office fixing a currently exploited vulnerability. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509 Exposed Clawdbot Instances Many users of the AI Read More

Send a textDr. Michael Koren joins Kevin Geddings to offer the solace of taking control of your medical future in these uncertain times. The doctor reminds listeners that when news is stressful and chaotic, doing things that impact you and your life can help reduce anxiety. He suggests that taking Read More

Analysis of Single Sign-On Abuse on FortiOS Fortinet released an advisory. FortiOS devices are vulnerable if configured with any SAML integration, not just FortiCloud https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios Outlook OOB Update Microsoft released a non-security OOB Update for Outlook, fixing an issue introduced with this months security patches. https://support.microsoft.com/en-us/topic/january-24-2026-kb5078127-os-builds-26200-7628-and-26100-7628-out-of-band-cf5777f6-bb4e-4adb-b9cd-2b64df577491 VMware vCenter Server Vulnerabilities Read More

I won employee of the month at work! also BIG NEWS i am leaving austin next month! Thanks for listening ! sub to the youtube! Support the show

Send a textDr. Erich Schramm joins Kevin Geddings to discuss a new study which aims to lower the incidence of childhood obesity. Somewhere around 1 in 3 children are overweight or obese, and this condition greatly increases the risks of serious health consequences later in life, including diabetes, high blood Read More

Is AI-Generated Code Secure? Xavier used the free static code analysis tool Bandit to review code he wrote with heavy AI support. https://isc.sans.edu/diary/Is%20AI-Generated%20Code%20Secure%3F/32648 Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts Arctic Wolf summarized some of the attacks it is seeing against FortiGate devices via the insufficiently patched Read More

Automatic Script Execution In Visual Studio Code Visual Studio Code will read configuration files within the source code that may lead to code execution. https://isc.sans.edu/diary/Automatic%20Script%20Execution%20In%20Visual%20Studio%20Code/32644 Cisco Unified Communications Products Remote Code Execution Vulnerability A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified Read More

Join us as we confront the critical issue of first responder mental health and explore the vital role of chaplaincy in emergency services. We learn about the GY6 Initiative a powerful movement led by Chaplain John Revell, born from heart-wrenching loss yet driven by an unyielding mission: to save lives. What Read More

Send a textDr. A. Mark Fendrick joins Dr. Michael Koren to discuss his life and legacy promoting value-based insurance design (VBID). VBID is the idea is that procedures which are neccecary should cost patients less than thsoe that are optional, and is seen in the US with many insurance plans Read More

Add Punycode to your Threat Hunting Routine Punycode patterns in DNS queries make excellent hunting opportunities. https://isc.sans.edu/diary/Add%20Punycode%20to%20your%20Threat%20Hunting%20Routine/32640 GNU InetUtils Security Advisory: remote authentication by-pass intelnetd telnetd shipping with InetUtils suffers from a critical authentication by-pass vulnerability. https://www.openwall.com/lists/oss-security/2026/01/20/2 6-day and IP Address Certificates are Generally Available Let s Encrypt will now Read More

Send a textDr. Michael Koren joins Kevin Geddings to explain what "Phase 1" means in the context of clinical research. The doctor talks about how phase 1 is the first time a new investigational treatment is used in a person, but that there is an enormous amount of work that Read More

"How many states are there in the United States?" Attackers are actively scanning for LLMs, fingerprinting them using the query How many states are there in the United States? . https://isc.sans.edu/diary/%22How%20many%20states%20are%20there%20in%20the%20United%20States%3F%22/32618 Closing the Door on Net-NTLMv1: Releasing Rainbow Tables to Accelerate Protocol Deprecation Mandiant is publicly releasing a comprehensive dataset Read More