*SANS Internet Storm Center Stormcast Podcast Highlights Cybersecurity Risks, TelnetD Vulnerability, and Let’s Encrypt Updates*

The SANS Internet Storm Center Stormcast podcast from January 21, 2026, hosted by Johannes Ullrich in Jacksonville, Florida, covers three main topics. First, an alert about Internationalized Domain Names (IDNs) in DNS logs, which can spoof ASCII domains using the xn-- prefix in records. Browsers like Safari display these non-ASCII characters, increasing phishing risks, while Chrome converts them to Punycode. Next, a 10-year-old vulnerability (introduced in March 2015) affects the TelnetD daemon in inet utils versions, exploitable through an unsanitized user variable allowing privilege escalation to root. No CVE has been assigned, and Telnet usage is discouraged, especially in IoT environments. Finally, Let’s Encrypt now offers short-duration certificates (6 days) via a dedicated profile, including the ability to certify IP addresses (e.g., for DNS-over-HTTPS). Default certificates remain valid for 90 days and only support hostnames. Oracle released its first Critical Patch Update of 2026, fixing 337 vulnerabilities, including three critical (CVSS 10) flaws in Apache Tika within Oracle Fusion Middleware.