Cybersecurity Podcast Highlights Vulnerabilities and Network Analysis

The podcast SANS Internet Storm Center Stormcast from Monday, January 5, 2026, hosted by Johannes Ullrich from Jacksonville (Florida), covers several topics in cybersecurity. Regarding CVE-2025-55182 (known as React to Shell), botnets continue to exploit it without any major developments. For Pleet (a MongoDB vulnerability), an update is recommended, along with restricting Internet access to MongoDB. A recent article details a cryptocurrency scam of the advanced fee scam type, promising fictitious gains (e.g., 1 BTC) in exchange for the payment of withdrawal fees. The episode mentions the use of TShark (the CLI version of Wireshark) to analyze DNS performance, particularly the response time of servers. Four public resolvers (including Comcast and Quad9) showed similar performance. A latency issue was identified through PTR (reverse DNS) queries from an NTP server, which was resolved by disabling this feature. Finally, Shadowserver has recorded approximately 10,000 Fortinet devices that are not patched against CVE-2020-12812, a vulnerability that is five years old. The podcast emphasizes the importance of regular updates and checking the end-of-support dates for equipment. https://www.youtube.com/watch?v=zhaGuaKRyOs