meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Wednesday, September 24th, 2025: DoS against the Analyst; GitHub Improvements; Solarwinds and Supermicro BMC vulnerabilities

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

News, Tech News

4.9754 Ratings

🗓️ 24 September 2025

⏱️ 7 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. SANS Stormcast Wednesday, September 24th, 2025: DoS against the Analyst; GitHub Improvements; Solarwinds and Supermicro BMC vulnerabilities

Transcript

Click on a timestamp to play from that location

0:00.0

Hello and welcome to the Wednesday, September 24th, 2025 edition of the Sands and at Storm Center's Stormcast.

0:12.4

My name is Johannes Ulrich, recording day from Las Vegas, Nevada.

0:18.1

And this episode is brought you by the sands.edu graduate certificate program in

0:23.4

penetration testing and ethical hacking. And today's internet storm center diary comes from

0:29.4

one of our undercreated interns, Tyler House. These interns are looking well at honeypot

0:35.4

data. And in this particular case, Tyler looked at what kind of looks like a denial of service attack.

0:43.0

It certainly had a reasonably high volume, about 2.3 million packets from about 6,000 different hosts.

0:51.1

But, well, if it would have been a honeypot and it would have been a

0:54.8

weasel-sized web server, it probably wouldn't be enough to actually cause a denial of service

1:01.3

attack. So one of the things that Tyler was investigating is, well, maybe the denial of service

1:07.6

attack was more kind of a smokescreen to hide any other attacks that may

1:14.0

have been going on the same time. This is certainly not an unknown technique and has been done

1:20.3

in large and smaller attacks alike to essentially distract the analyst and also distract

1:27.4

resources that are then typically more focused on the more visible, the more obvious denial of service attack, and of course also has the more immediate impact, at least initially, in order to then distract these resources and have the actual attack slip underneath that particular

1:48.3

smokescreen. In this case, it wasn't quite that clear. There were some other scans for

1:54.0

Git configuration files and the like that happened around the same time. The denial of

1:59.4

service attack happened. It's possible that that was the attack.

2:03.2

They tried to cover up, but then again,

2:05.3

it wasn't really sort of an attack that was really worthwhile covering up

2:09.6

with any significant amount of resources.

2:14.1

You also have sometimes seen these type of small denial of service attacks being either launched

2:20.5

just by accident, where essentially an IP address was mistaken or maybe a host name, did still

...

Please login to see the full transcript.

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2026.