Cybersecurity Podcast Highlights Critical Vulnerabilities, DNS Incident, and Malware Analysis Tools

The SANS Internet Storm Center Stormcast podcast from January 9, 2026, hosted in Jacksonville, Florida by Johannes Ullrich, covers several vulnerabilities and analysis tools. Gee published an article on using Gephi (a graph visualization tool based on Graphviz) to analyze honeypot logs, identifying relationships between IP addresses sharing malicious binaries, such as the Retail botnet.

A critical vulnerability affects the zlib compression library (specifically the untgz utility), caused by a classic buffer overflow when copying a filename into a 1 KB buffer without length verification. Its exploitability depends on the tool's usage.

At the Chaos Communication Congress (CCC) 2025, 14 vulnerabilities were disclosed in GnuPG, including flaws allowing signed messages to be altered or remote code execution via malicious files. Patches are underway.

A DNS incident involving Cloudflare caused Cisco switches to reboot in January 2026, due to a change in the order of CNAME and non-CNAME records in DNS responses, which did not comply with Cisco's implementation expectations.