Podcast Detail

SANS Stormcast Tuesday, December 9th, 2025: nanoKVM Vulnerabilities; Ghostframe Phishing; WatchGuard Advisory

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9730.mp3

previous
Podcast Logo
nanoKVM Vulnerabilities; Ghostframe Phishing; WatchGuard Advisory
00:00

My Next Class

Network Monitoring and Threat Detection In-DepthOnline | Central European TimeDec 15th - Dec 20th 2025
Application Security: Securing Web Apps, APIs, and MicroservicesOrlandoMar 29th - Apr 3rd 2026

… more classes


nanoKVM Vulnerabilities
The nanoKVM device updates firmware insecurely; however, the microphone that the authors of the advisory referred to as “undocumented” may actually be documented in the underlying hardware description.
https://www.tomshardware.com/tech-industry/cyber-security/researcher-finds-undocumented-microphone-and-major-security-flaws-in-sipeed-nanokvm

Ghostframe Phishing Kit
The Ghostframe phishing kit uses iFrames and random subdomains to evade detection
https://blog.barracuda.com/2025/12/04/threat-spotlight-ghostframe-phishing-kit

WatchGuard Advisory
WatchGuard released an update for its Firebox appliance, fixing ten vulnerabilities. Five of these are rated as “High.”
https://www.watchguard.com/wgrd-psirt/advisories


Network Monitoring and Threat Detection In-DepthOnline | Central European TimeDec 15th - Dec 20th 2025
Application Security: Securing Web Apps, APIs, and MicroservicesOrlandoMar 29th - Apr 3rd 2026
Network Monitoring and Threat Detection In-DepthAmsterdamApr 20th - Apr 25th 2026
Application Security: Securing Web Apps, APIs, and MicroservicesSan DiegoMay 11th - May 16th 2026
Network Monitoring and Threat Detection In-DepthOnline | Arabian Standard TimeJun 20th - Jun 25th 2026
Network Monitoring and Threat Detection In-DepthRiyadhJun 20th - Jun 25th 2026
Application Security: Securing Web Apps, APIs, and MicroservicesWashingtonJul 13th - Jul 18th 2026
no transcript found