Handler on Duty: Jesse La Grew
Threat Level: green
Podcast Detail
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9650.mp3
RedTail Defenses; SonicWall Breach; Crowdstrike “Issues”; Ivanti 0-days; Mapping Agentic Attack Surface (@sans_edu paper)
00:00
My Next Class
| Application Security: Securing Web Apps, APIs, and Microservices | Dallas | Dec 1st - Dec 6th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Mar 29th - Apr 3rd 2026 |
Building Better Defenses: RedTail Observations
Defending against attacks like RedTail is more then blocking IoCs, but instead one must focus on the techniques and tactics attackers use.
https://isc.sans.edu/diary/Guest+Diary+Building+Better+Defenses+RedTail+Observations+from+a+Honeypot/32312
Sonicwall: It wasn’t the user’s fault
Sonicwall admits to a breach resulting in the loss of user configurations stored in its cloud service
https://www.sonicwall.com/support/knowledge-base/mysonicwall-cloud-backup-file-incident/250915160910330
Crowdstrike has Issues
Crowdstrike fixes two vulnerabilities in the Windows version of its Falcon sensor.
https://www.crowdstrike.com/en-us/security-advisories/issues-affecting-crowdstrike-falcon-sensor-for-windows/
Interrogators: Attack Surface Mapping in an Agentic World
A SANS.edu master’s degree student research paper by Michael Samson
https://isc.sans.edu/researchpapers/pdfs/michael_samson.pdf
keywords: ai; agentic; attack surface; crowdstrike; sonicwall; ivanti; zero day; initiative; redline
Defending against attacks like RedTail is more then blocking IoCs, but instead one must focus on the techniques and tactics attackers use.
https://isc.sans.edu/diary/Guest+Diary+Building+Better+Defenses+RedTail+Observations+from+a+Honeypot/32312
Sonicwall: It wasn’t the user’s fault
Sonicwall admits to a breach resulting in the loss of user configurations stored in its cloud service
https://www.sonicwall.com/support/knowledge-base/mysonicwall-cloud-backup-file-incident/250915160910330
Crowdstrike has Issues
Crowdstrike fixes two vulnerabilities in the Windows version of its Falcon sensor.
https://www.crowdstrike.com/en-us/security-advisories/issues-affecting-crowdstrike-falcon-sensor-for-windows/
Interrogators: Attack Surface Mapping in an Agentic World
A SANS.edu master’s degree student research paper by Michael Samson
https://isc.sans.edu/researchpapers/pdfs/michael_samson.pdf
keywords: ai; agentic; attack surface; crowdstrike; sonicwall; ivanti; zero day; initiative; redline
iTunes
MP3 Download
RSS Feed
Google
Podbean
Amazon Echo
YouTube
Spreaker
Spotify
Discussion
Login here to join the discussion.
| Application Security: Securing Web Apps, APIs, and Microservices | Dallas | Dec 1st - Dec 6th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Mar 29th - Apr 3rd 2026 |
| Network Monitoring and Threat Detection In-Depth | Amsterdam | Apr 20th - Apr 25th 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 11th - May 16th 2026 |
Learn about the Internet Storm Center and our volunteer InfoSec handlers
© 2025 SANS™ Internet Storm Center
Developers: We have an API for you! 