A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Monday, September 15th, 2025: More Archives; Salesforce Attacks; White Cobra; BSides Augusta
September 14, 2025
6:06
1.01 MB ( 4.1 MB less)
Downloads: 0
Web Searches For Archives
Didier observed additional file types being searched for as attackers continue to focus on archive files as they spider web pages
https://isc.sans.edu/diary/Web%20Searches%20For%20Archives/32282
FBI Flash Alert: Salesforce Attacks
The FBI is alerting users of Salesforce of two different threat actors targeting Salesforce. There are no new vulnerabilities disclosed, but the initial access usually takes advantage of social engineering or leaked data from the Salesdrift compromise.
https://www.ic3.gov/CSA/2025/250912.pdf
VSCode Cursor Extensions Malware
Koe Security unmasked details about a recent malicious cursor extension campaign they call White Cobra.
https://www.koi.security/blog/whitecobra-vscode-cursor-extensions-malware
BSides Augusta
https://bsidesaugusta.org/