SANS Stormcast Friday, January 23rd, 2026: Scanning AI Code; FortiGate Update; ISC BIND DoS; Trivial SmaterMail Vulnerability (#)

SANS Stormcast Friday, January 23rd, 2026: Scanning AI Code; FortiGate Update; ISC BIND DoS; Trivial SmaterMail Vulnerability (#)

Author: Johannes B. Ullrich January 23, 2026 Duration: 7:03
SANS Internet Storm Center's Daily Network Security News Podcast
NewsBusiness
SANS Stormcast Friday, January 23rd, 2026: Scanning AI Code; FortiGate Update; ISC BIND DoS; Trivial SmaterMail Vulnerability Is AI-Generated Code Secure? Xavier used the free static code analysis tool Bandit to review code he wrote with heavy AI support. https://isc.sans.edu/diary/Is%20AI-Generated%20Code%20Secure%3F/32648 Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts Arctic Wolf summarized some of the attacks it is seeing against FortiGate devices via the insufficiently patched SSL vulnerability. https://arcticwolf.com/resources/blog/arctic-wolf-observes-malicious-configuration-changes-fortinet-fortigate-devices-via-sso-accounts/ ISC BIND DoS vulnerability in Drone ID Records HHIT and BRID records, which are used as part of Drone ID, can be used to crash named if their length is 3 bytes. https://marlink.com/resources/knowledge-hub/isc-bind-vulnerability-discovered-and-disclosed-by-marlink-cyber/ SmarterTools SmarterMail Password Reset Vulnerability SmarterTools recently patched a trivial vulnerability in SmarterMail that would allow anybody without authentication to reset administrator passwords. https://labs.watchtowr.com/attackers-with-decompilers-strike-again-smartertools-smartermail-wt-2026-0001-auth-bypass/ keywords: smartermail, smartertools, isc; bind; dos; drone; drone id; fortinet; fortigate; bandit; python

Each weekday morning, Johannes B. Ullrich provides a concise, actionable briefing on the shifting landscape of digital threats and defenses with SANS Internet Storm Center's Daily Network Security News Podcast. Think of it as your first cup of coffee for cybersecurity awareness-a focused, five-minute update that cuts through the noise. The content is shaped by real-time data and analysis from the SANS Internet Storm Center, enriched by questions and experiences shared directly from the community of professionals in the field. You’ll hear about emerging vulnerabilities, active exploits, and practical insights that are both late-breaking and genuinely educational, all delivered in a straightforward, no-frills manner. This podcast serves as a reliable filter, turning the overwhelming flow of security news into a clear, digestible summary that helps you understand current risks and start your day informed. It’s built on a foundation of shared knowledge, where listener contributions actively guide the discussion, making each episode a collaborative reflection of what matters right now in network security.
Author: Language: English Episodes: 100

Official website RSS
youtubelinkedin
SANS Internet Storm Center's Daily Network Security News Podcast
Podcast Episodes

12345...10»