A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Wednesday, July 23rd, 2025: Sharepoint 2016 Patch; MotW Privacy and WinZip; Interlock Ransomware; Sophos Patches
July 22, 2025
6:17
1.18 MB ( 4.1 MB less)
Downloads: 0
Microsoft Updates SharePoint Vulnerability Guidance CVE-2025-53770 and CVE-2025-53771
Microsoft released its update for SharePoint 2016, completing the updates across all currently supported versions.
https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/
WinZip MotW Privacy
Starting with version 7.10, WinZip introduced an option to no longer include the download URL in zip files as part of the Mark of the Web (MotW).
https://isc.sans.edu/diary/WinRAR%20MoTW%20Propagation%20Privacy/32130
Interlock Ransomware
Several government agencies collaborated to create an informative and comprehensive overview of the Interlock ransomware. Just like prior writeups, this writeup is very informative, including many technical details useful to detect and block this ransomware.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a
Sophos Firewall Updates
Sophos patched five different vulnerabilities in its firewalls. Two of them are critical, but these only affect a small percentage of users.
https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce