In this episode, we pull back the curtain on the often-overlooked world of New York City’s Emergency Medical Services. Join us for an eye-opening conversation with Anthony Almojera, a 20-year veteran Lieutenant and passionate advocate for EMS, as he sheds light on the harsh realities of a profession that battles Read More
Send a textDermatologist and clinical researcher Dr. Michael Bernhardt joins Dr. Erich Schramm to unpack the rapidly evolving science of atopic dermatitis. The two doctors discuss the symptoms, science, and treatments for atopic dermatitis, including how much clinical research has changed the landscape and improved outcomes. The two get into Read More
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Spyware attacks messaging applications in part by triggering vulnerabilities in messaging applications but also by deploying tools like keystroke loggers and screenshot applications. https://www.cisa.gov/news-events/alerts/2025/11/24/spyware-allows-cyber-threat-actors-target-users-messaging-applications Stop Putting Your Passwords Into Random Websites Yes. Just Stop! https://labs.watchtowr.com/stop-putting-your-passwords-into-random-websites-yes-seriously-you-are-the-problem/ Fluentbit Vulnerability https://www.oligo.security/blog/critical-vulnerabilities-in-fluent-bit-expose-cloud-environments-to-remote-takeover Happy Read More
Conflicts between URL mapping and URL based access control. Mapping different URLs to the same script, and relying on URL based authentication at the same time, may lead to dangerous authentication and access control gaps. https://isc.sans.edu/diary/Conflicts%20between%20URL%20mapping%20and%20URL%20based%20access%20control./32518 Sha1-Hulud, The Second Coming A new, destructive variant of the Shai-Hulud worm is currently Read More
Send a textDr. Michael Koren joins Kevin Geddings to give thanks this week. The doctor gives gratitude to Kevin, his team, clinical research staff, MedEvidence staff, and most of all, patients. Dr. Koren expresses his heartfelt thanks to everyone who pushes science and research forward!Be a part of advancing science Read More
Use of CSS stuffing as an obfuscation technique? Phishing sites stuff their HTML with benign CSS code. This is likely supposed to throw of simple detection engines https://isc.sans.edu/diary/Use%20of%20CSS%20stuffing%20as%20an%20obfuscation%20technique%3F/32510 Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day Early exploit attempts for the vulnerability were part of Searchlight Cyber s research Read More
Oracle Identity Manager Exploit Observation from September (CVE-2025-61757) We observed some exploit attempts in September against an Oracle Identity Manager vulnerability that was patched in October, indicating that exploitation may have occurred prior to the patch being released. https://isc.sans.edu/diary/Oracle%20Identity%20Manager%20Exploit%20Observation%20from%20September%20%28CVE-2025-61757%29/32506 https://slcyber.io/research-center/breaking-oracles-identity-manager-pre-auth-rce/ DigitStealer: a JXA-based infostealer that leaves little footprint https://www.jamf.com/blog/jtl-digitstealer-macos-infostealer-analysis/ SonicWall Read More
Send us a textJaguars go to Houston and crapped the bed. Gave away a lead when they had the game in hand, WTF? Danika did travel for this game and shares her adventures in Houston. Shout out to the Nuff Said Tailgate for the hospitality. Also Houston....fix your roads.
Send us a textJaguars bounce back in a major way. With a 6-35 beat down of the LA Chargers. It wasn't even a competition. Herbert is 0-3 against Trevor. The ghost of that playoff game still haunts ole Herb.
Welcome to Episode 415 of the Microsoft Cloud IT Pro Podcast. Ben and Scott discuss the major announcements from Microsoft Ignite 2025, focusing on the dominant themes of AI agents and security. The conversation centers on three key areas: Security Copilot updates, Agent 365 for governance, and the broader security Read More
Connor and shannon are a couple that podcasts, and longtime friends! It is always great to sit down with them and catch up, as they are living life and crushing the podcast game here in jax. Go watch, or listen to “The Who are you podcast” located on any one Read More
Unicode: It is more than funny domain names. Unicode can cause a number of issues due to odd features like variance selectors and text direction issues. https://isc.sans.edu/diary/Unicode%3A%20It%20is%20more%20than%20funny%20domain%20names./32472 FortiWeb Multiple OS command injection in API and CLI A second silently patched vulnerability in FortiWeb is already being exploited in the wild. Read More
In this episode of Responder Resilience, we sit down with Erin Nugent, a former police officer turned First Responder Wellness Coach. Erin shares her journey from frontline service to civilian life, discussing the personal challenges she faced and the strategies that have worked for her. She aims to destigmatize mental Read More
Send a textWe bounce back from a brutal Texans collapse with a 35–6 statement over the Chargers, powered by clean football, a surging run game and a defense that set the tone on the first snap. One penalty, zero punts and a renewed Trevor Lawrence rhythm point to a clear Read More
Send a textCardiologist Dr. Michael Koren is joined by a 35-year-old patient "Tucker" to walk through his cardiovascular numbers and explain what it all means. The doctor explores a lipid profile and an advanced lipid profile from top to bottom, explaining everything from how LDL is calculated to what hs-CRP Read More
KongTuke Activity This diary investigates how a recent Kong Tuke infections evolved all the way from starting with a ClickFix attack. https://isc.sans.edu/diary/KongTuke%20activity/32498 Cloudflare Outage Cloudflare suffered a large outage today after an oversized configuration file was loaded into its bot protection service https://x.com/dok2001 Google Patches Chrome 0-Day Google patched two Read More
Building a logistics search engine sounded cute… right up until I was elbows-deep in dev tickets, spam signups, and 2,000+ business listings.In this behind-the-scenes episode of Everything is Logistics, I’m breaking down what we’ve actually shipped on CargoRex over the last six months, why the site has been such a Read More
Decoding Binary Numeric Expressions Didier updated his number to hex script to support simple arithmetic operations in the text. https://isc.sans.edu/diary/Decoding%20Binary%20Numeric%20Expressions/32490 Tea Token NPM Pollution The NPM repository was hit with around 150,000 submissions that did not contain any useful contributions, but instead attempted to fake contributions to earn a new Read More
Send a textDr. Michael Koren joins Kevin Geddings to discuss some of the pitfalls of traditional healthcare in America and how clinical research can bridge those gaps. The doctor and clinical researcher talks about a family member recieving care in a world-class medical facility, and that even in this setting Read More
Fortiweb Vulnerability Fortinet, with significant delay, acknowledged a recently patched vulnerability after exploit attempts were seen publicly. https://isc.sans.edu/diary/Honeypot+FortiWeb+CVE202564446+Exploits/32486 https://labs.watchtowr.com/when-the-impersonation-function-gets-used-to-impersonate-users-fortinet-fortiweb-auth-bypass/ https://fortiguard.fortinet.com/psirt/FG-IR-25-910?ref=labs.watchtowr.com Flnger.exe and ClickFix Attackers started to use the finger.exe binary to retrieve additional payload in ClickFix attacks https://isc.sans.edu/diary/Finger.exe%20%26%20ClickFix/32492
