A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability
October 30, 2025
6:19
1.05 MB ( 4.26 MB less)
Downloads: 0
X-Request-Purpose: Identifying "research" and bug bounty related scans?
Our honeypots captured a few requests with bug bounty specific headers. These headers are meant to make it easier to identify requests related to bug bounty, and they are supposed to identify the researcher conducting the scans
https://isc.sans.edu/diary/X-Request-Purpose%3A%20Identifying%20%22research%22%20and%20bug%20bounty%20related%20scans%3F/32436
Proton Breach Observatory
Proton opened up its breach observatory. This website will collect information about breaches affecting companies that have not yet made the breach public.
https://proton.me/blog/introducing-breach-observatory
Microsoft Exchange Server Security Best Practices
A new document published by a collaboration of national cyber security agencies summarizes steps that should be taken to harden Exchange Server.
https://www.nsa.gov/Portals/75/documents/resources/cybersecurity-professionals/CSI_Microsoft_Exchange_Server_Security_Best_Practices.pdf?ver=9mpKKyUrwfpb9b9r4drVMg%3d%3d
MOVEit Vulnerability
Progress published an advisory for its file transfer program MOVEIt . This software has had heavily exploited vulnerabilities in the past.
https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-CVE-2025-10932-October-29-2025