A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Monday, January 12th, 2026: PEB Manipulation; YARA Update; VideoLAND and Apache NimBLE Patches
January 11, 2026
6:16
1.04 MB ( 4.22 MB less)
Downloads: 0
Malicious Process Environment Block Manipulation
The process environment block contains metadata about particular processes, but can be manipulated.
https://isc.sans.edu/diary/Malicious+Process+Environment+Block+Manipulation/32614/
YARA-X 1.11.0 Release: Hash Function Warnings
The latest version of YARA will warn users if a hash rule attempts to match an invalid hash.
https://isc.sans.edu/diary/YARA-X%201.11.0%20Release%3A%20Hash%20Function%20Warnings/32616
VideoLAN Security Bulletin VLC 3.0.22 CVE-2025-51602
VideoLAN fixed several vulnerabilities in its VLC software.
https://www.videolan.org/security/sb-vlc3022.html
Apache NimBLE Bluetooth vulnerabilities
NimBLE is a Bluetooth stack popular in IoT devices. An update fixes some eavesdropping and pairing vulnerabilities.
https://mynewt.apache.org/cve/