A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS ISC Stormcast Feb 5ht 2025: Feed Updates and Rosti; Resurrecting Dead S3 Buckets; Let's Encrypt Changes; Edge Device Security
February 04, 2025
7:21
6.45 MB
Downloads: 0
Some Updates to Our Data Feeds
We made some updates to the documentation for our data feeds, and added the neat Rosti Feed to our list as well as to our ipinfo page.
https://isc.sans.edu/diary/Some%20updates%20to%20our%20data%20feeds/31650
8 Million Request Later We Meade the Solarwindws Supply Chain Attack Look Amateur
While the title is a bit of watchTowr hyperbole, the problem of resurrecting dead S3 buckets back to live is real and needs to be addressed. Boring solutions will help not becoming an exciting headline.
https://labs.watchtowr.com/8-million-requests-later-we-made-the-solarwinds-supply-chain-attack-look-amateur/
Let's Encrypt Ending Expiration Emails
Let's Encrypt will no longer send emails for expiring certificates. They suggest other free services to send these emails for you
https://letsencrypt.org/2025/01/22/ending-expiration-emails/
Guidance and Strategies Protect Network Edge Edvices
CISA and other agencies created a guidance document outlining how to protect edge devices like firewalls, vpn concentrators and other similar devices.
https://www.cisa.gov/resources-tools/resources/guidance-and-strategies-protect-network-edge-devices