A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Monday, September 29th, 2025: Convert Timestamps; Cisco Compromises; GitHub Notification Phishing
September 28, 2025
8:36
1.43 MB ( 5.78 MB less)
Downloads: 0
Converting Timestamps in .bash_history
Unix shells offer the ability to add timestamps to commands in the .bash_history file. This is often done in the form of Unix timestamps. This new tool converts these timestamps into a more readable format.
https://isc.sans.edu/diary/New%20tool%3A%20convert-ts-bash-history.py/32324
Cisco ASA/FRD Compromises
Exploitation of the vulnerabilities Cisco patched last week may have bone back about a year. Cisco and CISA have released advisories with help identifying affected devices.
https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks
https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices
Github Notification Phishing
Github notifications are used to impersonate YCombinator and trick victims into installing a crypto drainer.
https://www.bleepingcomputer.com/news/security/github-notifications-abused-to-impersonate-y-combinator-for-crypto-theft/