Handler on Duty: Guy Bruneau
Threat Level: green
Podcast Detail
SANS Stormcast Friday, September 12th, 2025: DShield SIEM Update; Another Sonicwall Warning; Website Keystroke Logging
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9610.mp3
My Next Class
| Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 22nd - Sep 27th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Denver | Oct 4th - Oct 9th 2025 |
DShield SIEM Docker Updates
Guy updated the “DShield SIEM” which graphically summarizes what is happening inside your honeypot.
https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/32276
Again: Sonicwall SSL VPN Compromises
The Australian Government’s Signals Directorate noted an increase in compromised Sonicwall devices.
https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/ongoing-active-exploitation-of-sonicwall-ssl-vpns-in-australia
Website Keystroke Logging
Many websites log every keystroke, not just data submitted in forms.
https://arxiv.org/pdf/2508.19825
iTunes
MP3 Download
RSS Feed
Google
Podbean
Amazon Echo
YouTube
Spreaker
Spotify
Discussion
Login here to join the discussion.
| Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 22nd - Sep 27th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Denver | Oct 4th - Oct 9th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Dallas | Dec 1st - Dec 6th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Mar 29th - Apr 3rd 2026 |
| Network Monitoring and Threat Detection In-Depth | Amsterdam | Apr 20th - Apr 25th 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 11th - May 16th 2026 |
Follow the Internet Storm Center on Twitter
© 2025 SANS™ Internet Storm Center
Developers: We have an API for you! 