A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Tuesday, December 3rd, 2024
Credential Guard and Kerberos delegation https://isc.sans.edu/diary/Credential%20Guard%20and%20Kerberos%20delegation/31488 The Day We Unveiled the Secret Rotation Illusion https://www.clutch.security/blog/the-day-we-unveiled-the-secret-rotation-illusion Corrupt Word Documents used in Phshing https://x.com/anyrun_app/status/1861024182210900357 IBM Security Verify Access Appliance Vulnerabilities https://www.ibm.com/support/pages/security-bulletin-multiple-security-vulnerabilities-were-found-ibm-security-verify-access-appliance-cve-2024-49803-cve-2024-49804-cve-2024-49805-cve-2024-49806
ISC StormCast for Monday, December 2nd, 2024
AWS DShield Sensor + DShield SIEM https://isc.sans.edu/diary/SANS%20ISC%20Internship%20Setup%3A%20AWS%20DShield%20Sensor%20%2B%20DShield%20SIEM%20%5BGuest%20Diary%5D/31480 From a Regular Infostealer to its Obfuscated Version https://isc.sans.edu/diary/From%20a%20Regular%20Infostealer%20to%20its%20Obfuscated%20Version/31484 Credit Card Skimmer Malware Targeting Magento Checkout Pages https://blog.sucuri.net/2024/11/credit-card-skimmer-malware-targeting-magento-checkout-pages.html LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux https://www.binarly.io/blog/logofail-exploited-to-deploy-bootkitty-the-first-uefi-bootkit-for-linux Stickers: https://isc.sans.edu/stickers.html (code PODCAST)
ISC StormCast for Wednesday, November 27th, 2024
Using Zeek, Snort, and Grafana to Detect Crypto Mining Malware https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Using%20Zeek%2C%20Snort%2C%20and%20Grafana%20to%20Detect%20Crypto%20Mining%20Malware/31472 The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/ Introducing NachoVPN: One VPN Server to Pwn Them All https://blog.amberwolf.com/blog/2024/november/introducing-nachovpn---one-vpn-server-to-pwn-them-all/ Keycloak Patches https://github.com/keycloak/keycloak/security/advisories/GHSA-93ww-43rr-79v3 Palo Alto Networks Global Protect App https://security.paloaltonetworks.com/CVE-2024-5921 PHP Updates https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff
ISC StormCast for Tuesday, November 26th, 2024
Quick & Dirty Obfuscated JavaScript Analysis https://isc.sans.edu/diary/Quick%20%26%20Dirty%20Obfuscated%20JavaScript%20Analysis/31468 Decrypting a PDF With a User Password https://isc.sans.edu/diary/Decrypting%20a%20PDF%20With%20a%20User%20Password/31466 The strange case of disappearing Russian servers https://isc.sans.edu/diary/The%20strange%20case%20of%20disappearing%20Russian%20servers/31476 QNAP Buggy Firmware Update https://community.qnap.com/t/firmware-qts-5-2-2-2950-build-20241114-released/254 7-ZIP Zstandard Decompression Integer Underflow https://www.zerodayinitiative.com/advisories/ZDI-24-1532/ https://7-zip.org/download.html
ISC StormCast for Friday, November 22nd, 2024
Increase In Phishing SVG Attachments https://isc.sans.edu/diary/Increase%20In%20Phishing%20SVG%20Attachments/31456 Logging blind spot revealed in FortiClient VPN https://pentera.io/blog/FortiClient-VPN_logging-blind-spot-revealed/ Needrestart Vulnerability https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
ISC StormCast for Thursday, November 21st, 2024
Apple Patches Two Exploited Vulnerabilities https://isc.sans.edu/diary/Apple%20Fixes%20Two%20Exploited%20Vulnerabilities/31452 Oracle Patch for Agile Product Lifecycle Management CVE-2024-21287 https://www.oracle.com/security-alerts/alert-cve-2024-21287.html OFBiz Patches CVE-2024-47208 CVE-2024-48962 https://nvd.nist.gov/vuln/detail/CVE-2024-47208 https://seclists.org/oss-sec/2024/q4/95 D-Link Warns of Vulnerability in EOL Devices https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10415
ISC StormCast for Wednesday, November 20th, 2024
Detecting the Presence of a Debugger in Linux https://isc.sans.edu/diary/Detecting%20the%20Presence%20of%20a%20Debugger%20in%20Linux/31450 Palo Alto Patches https://security.paloaltonetworks.com/CVE-2024-0012 https://security.paloaltonetworks.com/CVE-2024-9474 VMware vCenter Server Attacks https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968e Veritas Enterprise Vault Vulnerability https://www.veritas.com/support/en_US/security/VTS24-014
ISC StormCast for Tuesday, November 19th, 2024
Exploit attempts for unpatched Citrix vulnerability CVE-2024-8068/CVE-2024-8069 https://isc.sans.edu/diary/Exploit+attempts+for+unpatched+Citrix+vulnerability/31446 https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US Microsoft Power Pages: Data Exposure Reviewed https://appomni.com/ao-labs/microsoft-power-pages-data-exposure-reviewed/ Zohocorp ManageEngine ADAudit Plus Vulnerable To SQL Injection Attacks CVE-2024-49574 https://www.manageengine.com/products/active-directory-audit/cve-2024-49574.html
ISC StormCast for Monday, November 18th, 2024
Ancient TP-Link Backdoor Discovered by Attackers https://isc.sans.edu/diary/Ancient%20TP-Link%20Backdoor%20Discovered%20by%20Attackers/31442 GitHub Projects Targeted with Malicious Commits To Frame Researchers https://www.bleepingcomputer.com/news/security/github-projects-targeted-with-malicious-commits-to-frame-researcher/ PaloAlto and Fortinet Vulnerabilities https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ https://security.paloaltonetworks.com/PAN-SA-2024-0015 https://www.volexity.com/blog/2024/11/15/brazenbamboo-weaponizes-forticlient-vulnerability-to-steal-vpn-credentials-via-deepdata/
ISC StormCast for Wednesday, November 13th, 2024
Microsoft November 2024 Patch Tuesday https://isc.sans.edu/diary/Microsoft%20November%202024%20Patch%20Tuesday/31438 CISA Top Routinely Exploited Vulnerabilities https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a APT Actors Embed Malware within macOS Flutter Applications https://www.jamf.com/blog/jamf-threat-labs-apt-actors-embed-malware-within-macos-flutter-applications/
ISC StormCast for Tuesday, November 12th, 2024
PDF Object Streams https://isc.sans.edu/diary/PDF%20Object%20Streams/31430 Mazda Infotainment Vulnerabilities https://www.zerodayinitiative.com/blog/2024/11/7/multiple-vulnerabilities-in-the-mazda-in-vehicle-infotainment-ivi-system Ruby SAML CVE-2024-45409: As bad as it gets and hiding in plain sight https://workos.com/blog/ruby-saml-cve-2024-45409 Veeam Backup Enterprise Manager Vulnerability https://www.veeam.com/kb4682 Security Update for Dell Enterprise SONiC Distribution Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000245655/dsa-2024-449-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities Easy Access to Information for Conducting Fraudulent Emergency Data Requests Impacts US-Based Companies and Law Enforcement Agencies https://www.ic3.gov/CSA/2024/241104.pdf
ISC StormCast for Monday, November 11th, 2024
zipdump and pkzip records https://isc.sans.edu/diary/zipdump%20%26%20PKZIP%20Records/31428 Am I Isolated https://github.com/edera-dev/am-i-isolated Locked iPhones Reboot https://www.404media.co/police-freak-out-at-iphones-mysteriously-rebooting-themselves-locking-cops-out/ https://x.com/naehrdine/status/1854896392797360484 Palo Alto Networks Bulletin https://security.paloaltonetworks.com/PAN-SA-2024-0015 D-Link Vulnerability https://netsecfish.notion.site/Command-Injection-Vulnerability-in-name-parameter-for-D-Link-NAS-12d6b683e67c80c49ffcc9214c239a07
ISC StormCast for Friday, November 8th, 2024
Steam Account Checker Poisoned with Infostealer https://isc.sans.edu/diary/Steam%20Account%20Checker%20Poisoned%20with%20Infostealer/31420 Cisco Ultra Reliable Wireless Backhaul Vulnerability https://www.cisco.com/site/us/en/products/networking/industrial-wireless/ultra-reliable-wireless-backhaul/index.html Breaking Down Multipart Parsers: File upload validation bypass https://blog.sicuranext.com/breaking-down-multipart-parsers-validation-bypass/ Evasive ZIP Concatenation: Trojan Targets Windows Users https://perception-point.io/blog/evasive-concatenated-zip-trojan-targets-windows-users/ Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40715) https://www.veeam.com/kb4682 SANS Holiday Hack Challenge https://www.sans.org/mlp/holiday-hack-challenge-2024
ISC StormCast for Thursday, November 7th, 2024
Insights from August Web Traffic Surge https://isc.sans.edu/forums/diary/%5BGuest%20Diary%5D%20Insights%20from%20August%20Web%20Traffic%20Surge/31408/ Talkative Air Fryer https://www.which.co.uk/policy-and-insight/article/why-is-my-air-fryer-spying-on-me-which-reveals-the-smart-devices-gathering-your-data-and-where-they-send-it-a9Fa24K6gY1c Pygmy Goat Malware Report https://www.ncsc.gov.uk/section/keep-up-to-date/malware-analysis-reports Apple CVE-2024-44258 PoC Exploit https://github.com/ifpdz/CVE-2024-44258 HPE Arruba vulnerabilities https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04722en_us&docLocale=en_US
ISC StormCast for Wednesday, November 6th, 2024
Python RAT with a Nice Screensharing Feature https://isc.sans.edu/diary/Python%20RAT%20with%20a%20Nice%20Screensharing%20Feature/31414 Android Security Bulletin November 2024 https://source.android.com/docs/security/bulletin/2024-11-01 Malware Delivered as Virtual Machine https://www.securonix.com/blog/crontrap-emulated-linux-environments-as-the-latest-tactic-in-malware-staging/ Fake Docusign Invoices https://lab.wallarm.com/attackers-abuse-docusign-api-to-send-authentic-looking-invoices-at-scale/