Hello and welcome to the Friday, August 15th,

2025 edition of the Sands Internet Storm Center's Stormcast.

My name is Johannes Ulrich, recording today from Jacksonville, Florida.

And this episode is brought you by the sands.edu bachelor's degree program in

Applied Cybersecurity. And talking about our bachelor's decree, we do have another guest

diary by one of our undergraduate interns. This time Joseph Noah is writing about how AI tools

help Joseph to better understand

some of the events during the internship where our students are typically analyzing

alerts that they see in their honeypots.

This particular case looks at some issues like, for example, analyzing logs or analyzing little scripts that were found by the honeypot.

So, for example, better understanding what certain commands mean do and how their impact may necessarily sort of affect the particular honeypot environment system.

Here we have a very typical example in this blog post about command injection attack

and details like the no hub command, for example, in Linux.

What this does is, it's well, yes, you could probably figure it out with Google as well,

but much easier to sort of get it explained in context by various AI engines.

As usual, in particular, as a beginner, be careful, verify your results,

that you are not sort of ending up with a very plausible but wrong

hallucination from the AI system. And Anlap is reporting about an interesting new way how

proxyware matter is being distributed. In this case, it's a YouTube video download site.

What's happening here is that you have websites that allow you to essentially quickly download

a YouTube video, the actual video file. One example here is YTMP4, basically YouTube MP4.

You provided with the YouTube link, and in turn, you'll be able to download an MP4 file with the video,

...