A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Thursday, September 25th, 2025: Hikvision Exploits; Cisco Patches; Sonicawall Anit-Rootkit Patch; Windows 10 Support
September 24, 2025
5:33
4.66 MB
Downloads: 0
Exploit Attempts Against Older Hikvision Camera Vulnerability
Out honeypots observed an increase in attacks against some older Hikvision issues. A big part of the problem is weak passwords, and the ability to send credentials as part of the URL.
https://isc.sans.edu/diary/Exploit%20Attempts%20Against%20Older%20Hikvision%20Camera%20Vulnerability/32316
Cisco Patches Already Exploited SNMP Vulnerability
Cisco patched a stack-based buffer overflow in the SNMP subsystem. It is already exploited in the wild, but requires
admin privileges to achieve code execution.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte
SonicWall Anti-Rootkit Update
SonicWall released a firmware update for its SMA100 devices specifically designed to eradicate a commonly deployed rootkit.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0015
Extended Windows 10 Support
Microsoft will extend free Windows 10 essential support for US and European customers.
https://www.straitstimes.com/world/united-states/microsoft-offers-no-cost-windows-10-lifeline