Hello and welcome to the Friday, April 17th,

2026 edition of the Sands Internet Storm centers.

Stormcast, my name is Johannes Ulrich,

recording today from Stockholm, Germany.

And this episode is brought you by the sands.edu credit certificate program

in Purple Team Operations. Before starting this podcast, I did a quick look to see when we first

talked about DVRs, digital video recorders getting compromised at scale. And this was about

12 years ago in 2014. One of the sad things

about, well, doing this kind of work for so long is that often the problem isn't off

the flashy new stuff, but what I often call the mosquitoes of the internet, they're around

everywhere. They're really annoying,

but sometimes deadly. And that's these IoT devices and these video devices that are still

being attacked. We do have a diary by one of our interns, Alighiafi, just dissecting one

of these attacks yet again. And yes, there are still thousands of

these devices exposed and the same number pretty much being attached to Alex Botnet here that

he found. Well, take a look at his work. It is evolving. There are ever so often some little tweaks they're making

to their software, but ultimately the old thing still applies if you're connecting a system to the

internet with a well-known password. Well, it's going to get compromised within probably less than a minute.

So let's talk about something new and exciting. Well, imagine that. We do have still Cisco

vulnerabilities. First one, WebEx. WebEx apparently doesn't care. What certificate was

used to sign your single sign-on assertion, so anybody is let in and you're

easily able to impersonate arbitrary users. But it's not just WebEx, wherever you have problems,

...