Cybersecurity Podcast Covers Windows PEB Manipulation, Yara Updates, and Critical Software Patches

The January 12, 2026 episode of the Sans Internet Storm Center Stormcast podcast, hosted by Johannes Ullrich from Jacksonville, Florida, discusses several vulnerabilities and security updates. One analysis focuses on Process Environment Block (PEB) manipulation techniques in Windows, exploited by malware to falsify process metadata, including a proof-of-concept (PoC) code demonstrating how to modify or conceal these structures. The Yara 1.11.0 update introduces warnings for misconfigured hashing functions, preventing errors such as typos in detection rules.

The patched version of VLC (VideoLAN project) resolves 16 memory corruption issues, with only one assigned CVE but no confirmation of potential remote code execution. The Apache Foundation releases an update for its NimBLE stack (Bluetooth Low Energy) in IoT devices, fixing two vulnerabilities: one allowing takeover of a paired connection and another due to flawed encryption implementation.

Finally, Red Hat reports a flaw in Undertow (an HTTP server for Java applications), where the Host header is not validated, affecting products like WildFly and JBoss EAP. Developers are urged to verify this data at the application level.