SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext. (#)

SANS Internet Storm Center's Daily Network Security News Podcast
02/12/2025 5 min
SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext. (#)

Listen "SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext. (#)"

Descargar episodio Ver en sitio original

Episode Synopsis

SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext. Hunting for SharePoint In-Memory ToolShell Payloads A walk-through showing how to analyze ToolShell payloads, starting with acquiring packets all the way to decoding embedded PowerShell commands. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Hunting%20for%20SharePoint%20In-Memory%20ToolShell%20Payloads/32524 Android Security Bulletin—December 2025 Google fixed numerous vulnerabilities with its December Android update. Two of these vulnerabilities are already being exploited. https://source.android.com/docs/security/bulletin/2025-12-01 4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign A group or individual released several browser extensions that worked fine for years until an update injected malicious code into the extension https://www.koi.ai/blog/4-million-browsers-infected-inside-shadypanda-7-year-malware-campaign keywords: browser; extension; long game; android; zero-day; sharepoint; toolshell

More episodes of the podcast SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Wednesday, December 3rd, 2025: SmartTube Compromise; NPM Malware Prompt Injection Attempt; Angular XSS Vulnerability (#) 03/12/2025
SANS Stormcast Monday, December 1st, 2025: More ClickFix; Teams Guest Access; Geoserver XXE Vulnerablity (#) 01/12/2025
SANS Stormcast Wednesday, November 26th, 2025: Attacks Against Messaging; Passwords in Random Websites; Fluentbit Vuln; #thanksgiving (#) 26/11/2025
SANS Stormcast Tuesday, November 25th, 2025: URL Mapping and Authentication; SHA1-Hulud; Hacklore (#) 25/11/2025
9712 24/11/2025
SANS Stormcast Friday, November 21st, 2025: Oracle Idendity Manager Scans; SonicWall DoS Vuln; Adam Wilson (@sans_edu) reducing prompt injection. (#) 20/11/2025
SANS Stormcast Thursday, November 20th, 2025: Unicode Issues; FortiWeb More Vulns; DLink DIR-878 Vuln; Operation WrtHug and ASUS Routers (#) 19/11/2025
SANS Stormcast Wednesday, November 19th, 2025: Kong Tuke; Cloudflare Outage (#) 19/11/2025
SANS Stormcast Tuesday, November 18th, 2025: Binary Expression Decoding. Tea NPM Pollution; IBM AIX NIMSH Vulnerability (#) 17/11/2025
SANS Stormcast Monday, November 17th, 2025: New(isch) Fortiweb Vulnerability; Finger and ClickFix (#) 16/11/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA