RadioCSIRT - English Edition cover art

RadioCSIRT - English Edition

RadioCSIRT - English Edition

By: Marc Frédéric GOMEZ
Listen for free

About this listen

🎙 Marc Frédéric Gomez, cybersecurity expert, brings you daily insights into the latest threats, attacks, and defense strategies you need to know.

🔎 On the agenda:
✔️ Analysis of cyberattacks and critical vulnerabilities
✔️ Strategic intelligence for CSIRTs, CERTs, and cybersecurity professionals
✔️ Sources and references to dive deeper into each topic

💡 Why listen to RadioCSIRT?
🚀 Stay up to date in just a few minutes a day
🛡️ Anticipate threats with reliable, technical information
📢 An essential intelligence source for IT and security professionals

🔗 Listen, share, and secure your environment!
📲 Subscribe and leave a ⭐ rating on your favorite platform!

Marc Frédéric GOMEZ Politics & Government
Episodes
  • RadioCSIRT - Your Cybersecurity update for Thursday, November 13, 2025 (Ep. 485)

    RadioCSIRT - Your Cybersecurity update for Thursday, November 13, 2025 (Ep. 485)
    Nov 13 2025

    ⚡️Welcome to your daily cybersecurity podcast.

    🌐 Google TAG: Q3 2025 bulletin — over 18,000 YouTube channels, 120 domains, and multiple coordinated networks taken down. Massive activity originating from China, Russia, Azerbaijan, Iran, and Turkey, along with seven distinct operations targeting Moldova.

    🛡️ CISA reports ongoing cyber threats against Cisco ASA and Firepower devices. Active exploitation, confirmed compromises, and immediate mitigation and patching strongly recommended.

    📊 Nagios (CERT-FR): security advisory published on multiple vulnerabilities affecting Nagios XI and related components. Risks include compromise, remote code execution, and privilege escalation — urgent updates required across all monitoring environments.

    ⚡️ Don’t think — patch! 🚀

    📚 Sources:
    🔗 Google TAG – https://blog.google/threat-analysis-group/tag-bulletin-q3-2025/
    🔗 CISA – https://www.cisa.gov/news-events/news/cisa-identifies-ongoing-cyber-threats-cisco-asa-and-firepower-devices
    🔗 CERT-FR (Nagios) – https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-0989/

    📞 Share your feedback:
    📧 radiocsirt@gmail.com
    🌐 www.radiocsirt.com
    📰 radiocsirtintl.substack.com

    #CyberSecurity #GoogleTAG #CISA #Cisco #Nagios #CERTFR #ThreatIntel #Monitoring #RadioCSIRT 🎧🔥
    Show More Show Less
    9 mins
  • RadioCSIRT – Your Cybersecurity update for Wednesday, November 12, 2025 (Ep.484)

    RadioCSIRT – Your Cybersecurity update for Wednesday, November 12, 2025 (Ep.484)
    Nov 12 2025
    🧩 Welcome Everyone –Today 8 essential stories you can’t miss! 🐧 Curly COMrade: a Russian group abuses Hyper-V to hide Linux malware inside an Alpine VM, effectively bypassing EDR detection. 🇦🇺 ASIO Warning: Australia’s spy chief warns of high-impact cyber sabotage as authoritarian states prepare attacks on power, telecom, and water systems. 💻 OWASP Top 10 (2025): Broken Access Control remains the top web app risk, followed by security misconfiguration and software supply-chain failures. ☁️ Google Private AI Compute: secure AI processing in the cloud with hardware-level encryption, offering on-device privacy and Gemini-scale power. 🧰 Synology BeeStation (CVE-2025-12686): critical RCE flaw patched after its Pwn2Own Ireland 2025 demo — users urged to update immediately. 🧩 SAP SQL Anywhere Monitor (CVE-2025-42890): hard-coded credentials rated CVSS 10/10 — SAP advises disabling the module and deleting existing instances. 📶 TP-Link Ban Proposal: U.S. authorities consider banning TP-Link over national security concerns tied to Chinese influence and device vulnerabilities. 🕵️ Rhadamanthys Infostealer: operation disrupted, with cybercriminals losing server access — likely linked to Operation Endgame takedowns. 💻 Windows 11: Microsoft fixes Task Manager bug in KB5068861 update — background instances caused severe performance slowdowns. ⚡️ Don’t think twice — just patch! 🚀 📚 Sources: 🔗 Linux Magazine – https://www.linux-magazine.com/Online/News/Another-Linux-Malware-Discovered 🔗 The Register (ASIO) – https://www.theregister.com/2025/11/12/asio_cyber_sabotage_warnings/ 🔗 The Register (OWASP) – https://www.theregister.com/2025/11/11/new_owasp_top_ten_broken/ 🔗 The Hacker News (Google) – https://thehackernews.com/2025/11/google-launches-private-ai-compute.html 🔗 Security Affairs (Synology) – https://securityaffairs.com/184528/security/synology-patches-critical-beestation-rce-flaw-shown-at-pwn2own-ireland-2025.html 🔗 Security Affairs (SAP) – https://securityaffairs.com/184500/security/sap-fixed-a-maximum-severity-flaw-in-sql-anywhere-monitor.html 🔗 KrebsOnSecurity – https://krebsonsecurity.com/2025/11/drilling-down-on-uncle-sams-proposed-tp-link-ban/ 🔗 BleepingComputer (Rhadamanthys) – https://www.bleepingcomputer.com/news/security/rhadamanthys-infostealer-disrupted-as-cybercriminals-lose-server-access/ 🔗 BleepingComputer (Microsoft) – https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-task-manager-bug-affecting-performance/ 📞 Share your feedback: 📧 radiocsirt@gmail.com 🌐 www.radiocsirt.com 📰 radiocsirtintl.substack.com #CyberSecurity #Samsung #LinkedIn #Clop #Allianz #NSO #Pegasus #RadioCSIRT 🎧🔥
    Show More Show Less
    11 mins
  • RadioCSIRT — November Patch Tuesday update (Ep. 483)

    RadioCSIRT — November Patch Tuesday update (Ep. 483)
    Nov 12 2025

    Welcome to your special edition Patch Tuesday briefing 🕵️‍♂️🔥

    📌 Microsoft – November 2025 Patch Tuesday: 63 flaws fixed including 1 zero-day
    Microsoft has released patches for 63 vulnerabilities this month, including one zero-day actively exploited (CVE-2025-62215) affecting the Windows Kernel. Critical issues include RCE in GDI+ (CVE-2025-60724), Office (CVE-2025-62199), and Visual Studio (CVE-2025-62214), as well as an EoP in DirectX Graphics Kernel (CVE-2025-60716). Key “Exploitation More Likely” issues affect CEIP (CVE-2025-59512), CSC service (CVE-2025-60705) and multiple WinSock driver flaws (CVE-2025-60719, CVE-2025-62217, CVE-2025-62213).
    Prioritise: patch the zero-day immediately, deploy the critical updates without delay, and address the Important but high-risk EoPs. Also incorporate updates from Adobe, Cisco, SAP, QNAP, Google/Android and others into your patch window.

    📚 Sources:
    🔗 Marc Frederic GOMEZ Blog’s: https://blog.marcfredericgomez.com/microsoft-patch-tuesday-november-2025/
    🔗 Bleeping Computer – Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws: https://www.bleepingcomputer.com/news/microsoft/microsoft-november-2025-patch-tuesday-fixes-1-zero-day-63-flaws/
    🔗 Talos Intelligence Blog – Microsoft Patch Tuesday November 2025: https://blog.talosintelligence.com/microsoft-patch-tuesday-november-2025/
    🔗 Microsoft Security Update Guide – November 2025: https://msrc.microsoft.com/update-guide

    📞 Share your feedback:
    📧 radiocsirt@gmail.com
    🌐 www.radiocsirt.com
    📰 radiocsirtintl.substack.com

    #CyberSecurity #Microsoft #PatchTuesday #CVE202562215 #CERT #SOC #CSIRT #CISO #VulnerabilityManagement #BlueTeam #RadioCSIRT 🎧🔥
    Show More Show Less
    8 mins
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.