Podcast Detail

SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9586.mp3

Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln

00:00

Application Security: Securing Web Apps, APIs, and Microservices	Las Vegas	Sep 22nd - Sep 27th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Denver	Oct 4th - Oct 9th 2025

Reading Location Position Value in Microsoft Word Documents
Jessy investigated how Word documents store the last visited document location in the registry.
https://isc.sans.edu/diary/Reading%20Location%20Position%20Value%20in%20Microsoft%20Word%20Documents/32224

Weaponizing image scaling against production AI systems
AI systems often downscale images before processing them. An attacker can create a harmless looking image that would reveal text after downscaling leading to prompt injection
https://blog.trailofbits.com/2025/08/21/weaponizing-image-scaling-against-production-ai-systems/

IBM Jazz Team Server Vulnerability CVE-2025-36157
IBM patched a critical vulnerability in its Jazz Team Server
https://www.ibm.com/support/pages/node/7242925

iTunes

MP3 Download

RSS Feed

Google

Podbean

Amazon Echo

YouTube

Spreaker

Spotify

Application Security: Securing Web Apps, APIs, and Microservices	Las Vegas	Sep 22nd - Sep 27th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Denver	Oct 4th - Oct 9th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Dallas	Dec 1st - Dec 6th 2025
Application Security: Securing Web Apps, APIs, and Microservices	Orlando	Mar 29th - Apr 3rd 2026
Network Monitoring and Threat Detection In-Depth	Amsterdam	Apr 20th - Apr 25th 2026

no transcript found