A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Friday, September 12th, 2025: DShield SIEM Update; Another Sonicwall Warning; Website Keystroke Logging
September 11, 2025
6:38
1.24 MB ( 4.33 MB less)
Downloads: 0
DShield SIEM Docker Updates
Guy updated the DShield SIEM which graphically summarizes what is happening inside your honeypot.
https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/32276
Again: Sonicwall SSL VPN Compromises
The Australian Government s Signals Directorate noted an increase in compromised Sonicwall devices.
https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/ongoing-active-exploitation-of-sonicwall-ssl-vpns-in-australia
Website Keystroke Logging
Many websites log every keystroke, not just data submitted in forms.
https://arxiv.org/pdf/2508.19825