A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Monday, November 24th, 2025: CSS Padding in Phishing; Oracle Identity Manager Scans Update;
November 23, 2025
4:59
0.83 MB ( 3.36 MB less)
Downloads: 0
Use of CSS stuffing as an obfuscation technique?
Phishing sites stuff their HTML with benign CSS code. This is likely supposed to throw of simple detection engines
https://isc.sans.edu/diary/Use%20of%20CSS%20stuffing%20as%20an%20obfuscation%20technique%3F/32510
Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day
Early exploit attempts for the vulnerability were part of Searchlight Cyber s research effort
https://www.securityweek.com/critical-oracle-identity-manager-flaw-possibly-exploited-as-zero-day/
ClamAV Cleaning Signature Database
ClamAV will significantly clean up its signature database
https://blog.clamav.net/2025/11/clamav-signature-retirement-announcement.html