Handler on Duty: Jesse La Grew
Threat Level: green
Podcast Detail
SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln;
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9492.mp3
My Next Class
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Jul 14th - Jul 19th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 22nd - Sep 27th 2025 |
Automated Tools to Assist with DShield Honeypot Investigations
https://isc.sans.edu/diary/Automated%20Tools%20to%20Assist%20with%20DShield%20Honeypot%20Investigations%20%5BGuest%20Diary%5D/32038
EchoLeak: Zero-Click Microsoft 365 Copilot Data Leak
Microsoft fixed a vulnerability in Copilot that could have been abused to exfiltrate data from Copilot users. Copilot mishandled instructions an attacker included in documents inspected by Copilot and executed them.
https://www.aim.security/lp/aim-labs-echoleak-blogpost
Thunderbolt Vulnerability
Thunderbolt users may be tricked into downloading arbitrary files if an email includes a mailbox:/// URL.
https://www.mozilla.org/en-US/security/advisories/mfsa2025-49/
iTunes
MP3 Download
RSS Feed
Google
Podbean
Amazon Echo
YouTube
Spreaker
Spotify
Discussion
Login here to join the discussion.
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Jul 14th - Jul 19th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 22nd - Sep 27th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Denver | Oct 4th - Oct 9th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Dallas | Dec 1st - Dec 6th 2025 |
Learn about the Internet Storm Center and our volunteer InfoSec handlers
© 2025 SANS™ Internet Storm Center
Developers: We have an API for you! 