SmartApeSG campaign uses ClickFix page to push NetSupport RAT A detailed analysis of a recent SamtApeSG campaign taking advantage of ClickFix https://isc.sans.edu/diary/32474 Formbook Delivered Through Multiple Scripts An analysis of a recent version of Formbook showing how it takes advantage of multiple obfuscation tricks https://isc.sans.edu/diary/32480 sudo-rs vulnerabilities Two vulnerabilities were Read More
Amanda has been on a health journey that has led her to wanting to compete in heavy lifting comps. Join us as she shares her journey and how she is inspiring others. We also discuss social media and being a fitness influencer.Send us a textSupport the show
OWASP Top 10 2025 Release Candidate OWASP published a release candidate for the 2025 version of its Top 10 list https://owasp.org/Top10/2025/0x00_2025-Introduction/ Citrix/Cisco Exploitation Details Amazon detailed how Citrix and Cisco vulnerabilities were used by advanced actors to upload webshells https://aws.amazon.com/blogs/security/amazon-discovers-apt-exploiting-cisco-and-citrix-zero-days/ Testing Quantum Readyness A website tests your services for post-quantum Read More
In this compelling episode, we go deep into the transformative journey of trauma with clinical directors Bonnie Rumilly and Jennifer Spirito from the Fairfield County Trauma Response Team. Get ready to challenge your perceptions as we unravel how trauma isn't just a burden but a catalyst for profound change. Discover Read More
Send a textWe work through a brutal loss to Houston, where a 19-point fourth-quarter lead vanished and the same old issues—penalties, protection, and trench flaws—showed up again. We lay out how Jacksonville can still steer toward the playoffs with trench fixes and cleaner football.Below are the specific talking points we Read More
Send a textDr. Evan Loh joins Dr. Michael Koren to discuss Dr. Loh's journey through the medical profession. Dr. Loh moved from doing lab work in medical school to patient care in the academic sphere and into the pharmaceutical world of research. Dr. Loh and Dr. Koren discuss the core Read More
Microsoft Patch Tuesday for November 2025 https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+for+November+2025/32468/ Gladinet Triofox Vulnerability Triofox uses the host header in lieu of proper access control, allowing an attacker to access the page managing administrators by simply setting the host header to localhost. https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480/ SAP November 2025 Patch Day SAP fixed a critical vulnerability, fixed Read More
SPI Logistics CFO James Lemon joins to cut through the noise on agent and brokerage finances in a tough market. We cover the real signals your brokerage is in trouble, what healthy margins look like now, how to set up your money from day one as an agent, and where Read More
It isn t always defaults: Scans for 3CX Usernames Our honeypots detected scans for usernames that may be related to 3CX business phone systems https://isc.sans.edu/diary/It%20isn%27t%20always%20defaults%3A%20Scans%20for%203CX%20usernames/32464 Watchguard Default Password Controversy A CVE number was assigned to a default password commonly used in Watchguard products. This was a documented username and password Read More
Send a textDr. Koren joins Kevin Geddings to report live from the American Heart Association meeting in New Orleans with fresh results on LDL lowering, prevention, and the future of gene editing for cholesterol. They discuss the excitement of big meetings like the AHA and how results can even surprise Read More
Honeypot Requests for Code Repository Attackers continue to scan websites for source code repositories. Keep your repositories outside your document root and proactively scan your own sites. https://isc.sans.edu/diary/Honeypot%3A%20Requests%20for%20%28Code%29%20Repositories/32460 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads Newly discovered malicious .NET packages attempt to deliver a time-delayed attack targeting ICS systems. https://socket.dev/blog/9-malicious-nuget-packages-deliver-time-delayed-destructive-payloads Read More
Binary Breadcrumbs: Correlating Malware Samples with Honeypot Logs Using PowerShell [Guest Diary] Windows, with PowerShell, has a great scripting platform to match common Linux/Unix command line utilities. https://isc.sans.edu/diary/Binary%20Breadcrumbs%3A%20Correlating%20Malware%20Samples%20with%20Honeypot%20Logs%20Using%20PowerShell%20%5BGuest%20Diary%5D/32454 RondoDox v2 Increases Exploits The RondoDox (or RondoWorm) added a substantial amount of new exploits to its repertoire. https://beelzebub.ai/blog/rondo-dox-v2/ Google Chrome Updates Read More
Send a textWe gut out a 30–29 overtime win in Las Vegas, then break down why the Jakobi Myers trade fits our offense and our moment. A record 68-yard field goal lifts the locker room, the run game returns, and Trevor Lawrence settles in after a brutal mistake.The specific talking Read More
Welcome to Episode 414 of the Microsoft Cloud IT Pro Podcast.This episode covers the major cloud service disruptions that impacted both AWS and Azure in October 2025. Even the biggest cloud providers face operational challenges. Learn what happened, how it was resolved, and what IT pros should keep in mind Read More
Updates to Domainname API Some updates to our domainname API will make it more flexible and make it easier and faster to get the complete dataset. https://isc.sans.edu/diary/Updates%20to%20Domainname%20API/32452 Microsoft Teams Impersonation and Spoofing Vulnerabilities Checkpoint released details about recently patched spoofing and impersonation vulnerabilities in Microsoft Teams https://research.checkpoint.com/2025/microsoft-teams-impersonation-and-spoofing-vulnerabilities-exposed/ NViso Report: VSHELL Read More
In this episode, we sit down with Kwesi Millington—a former RCMP officer whose life changed forever after a high-profile incident and the mental health crisis that followed. Kwesi opens up about the pressures of policing in the public eye and what it really takes to rebuild after hitting rock bottom. Read More
Send a textPediatrician and environmental scientist Dr. Deborah Hendrickson joins Dr. Michael Koren to discuss how the environment affects our health. Dr. Hendrickson uses the example of poor air quality from sources such as wildfires and pollution to explain how this impacts children's breathing, from lung development to allergies and Read More
Apple Patches Everything, Again Apple released a minor OS upgrade across its lineup, fixing a number of security vulnerabilities. https://isc.sans.edu/diary/Apple%20Patches%20Everything%2C%20Again/32448 Remote Access Tools Used to Compromise Trucking and Logistics Attackers infect trucking and logistics companies with regular remote management tools to inject malware into other companies or learn about high-value Read More
Send a textDr. Michael Koren joins Kevin Geddings to discuss the current state of COVID vaccines and research. The cardiologist weighs the real risks and benefits of COVID vaccines, focusing on who may need protection the most and who might be able to skip this year's booster. Dr. Koren also Read More
In a special episode of Freight Friends, Grace and Blythe dress up in style to discuss the Halloween supply chain, conference ROI, and logistics podcasts along with diving deep into the rare earth mineral supply chain that impacts everyone, including Le Creuset cookware. Links from the show:Grace’s work at OrderfulCargorex’s creators Read More
