A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Monday, February 14th, 2022
CinaRAT Delivered Through HTML ID Attributes https://isc.sans.edu/forums/diary/CinaRAT+Delivered+Through+HTML+ID+Attributes/28330/ Windows Defender ASR Blocks LSASS Credential Stealing https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide#block-credential-stealing-from-the-windows-local-security-authority-subsystem Brave Blocking Credential Leaking Extension https://www.theregister.com/2022/02/12/facebook_god_mode/ Project Zero Summary of Zero Day Bugs https://googleprojectzero.blogspot.com/2022/02/a-walk-through-project-zero-metrics.html
ISC StormCast for Monday, February 14th, 2022
CinaRAT Delivered Through HTML ID Attributes https://isc.sans.edu/forums/diary/CinaRAT+Delivered+Through+HTML+ID+Attributes/28330/ Windows Defender ASR Blocks LSASS Credential Stealing https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide#block-credential-stealing-from-the-windows-local-security-authority-subsystem Brave Blocking Credential Leaking Extension https://www.theregister.com/2022/02/12/facebook_god_mode/ Project Zero Summary of Zero Day Bugs https://googleprojectzero.blogspot.com/2022/02/a-walk-through-project-zero-metrics.html
ISC StormCast for Friday, February 11th, 2022
iOS/iPadOS/macOS/Safari 0-Day Vulnerability in WebKit https://support.apple.com/en-us/HT213091 Zyxel Network Storage Devics Hunted By Mirai Variant https://isc.sans.edu/forums/diary/Zyxel+Network+Storage+Devices+Hunted+By+Mirai+Variant/28324/ WMIC Removal https://docs.microsoft.com/en-us/windows/deployment/planning/windows-10-deprecated-features Zoom Uses Microphone after Meeting is Over https://community.zoom.com/t5/Meetings/Why-is-the-Zoom-app-listening-on-my-microphone-when-not-in-a/td-p/29019 Evidence Planted to Implicate Innocent Activists https://www.sentinelone.com/labs/modifiedelephant-apt-and-a-decade-of-fabricating-evidence/
ISC StormCast for Friday, February 11th, 2022
iOS/iPadOS/macOS/Safari 0-Day Vulnerability in WebKit https://support.apple.com/en-us/HT213091 Zyxel Network Storage Devics Hunted By Mirai Variant https://isc.sans.edu/forums/diary/Zyxel+Network+Storage+Devices+Hunted+By+Mirai+Variant/28324/ WMIC Removal https://docs.microsoft.com/en-us/windows/deployment/planning/windows-10-deprecated-features Zoom Uses Microphone after Meeting is Over https://community.zoom.com/t5/Meetings/Why-is-the-Zoom-app-listening-on-my-microphone-when-not-in-a/td-p/29019 Evidence Planted to Implicate Innocent Activists https://www.sentinelone.com/labs/modifiedelephant-apt-and-a-decade-of-fabricating-evidence/
ISC StormCast for Thursday, February 10th, 2022
Example of Cobalt Strike form Emotet Infection https://isc.sans.edu/forums/diary/Example+of+Cobalt+Strike+from+Emotet+infection/28318/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html Intel Updates https://www.intel.com/content/www/us/en/security-center/default.html NaturalFreshMall: A Mass Store Attack https://sansec.io/research/naturalfreshmall-mass-hack
ISC StormCast for Thursday, February 10th, 2022
Example of Cobalt Strike form Emotet Infection https://isc.sans.edu/forums/diary/Example+of+Cobalt+Strike+from+Emotet+infection/28318/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html Intel Updates https://www.intel.com/content/www/us/en/security-center/default.html NaturalFreshMall: A Mass Store Attack https://sansec.io/research/naturalfreshmall-mass-hack
ISC StormCast for Wednesday, February 9th, 2022
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+February+2022+Patch+Tuesday/28316/ Google Cloud Virtual Machine Threat Detection https://cloud.google.com/security-command-center/docs/concepts-vm-threat-detection-overview Android Patches https://source.android.com/security/bulletin/2022-02-01 SAP Patches https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022 Podcast 13 Year Anniversary https://isc.sans.edu/podcastdetail.html?id=25
ISC StormCast for Wednesday, February 9th, 2022
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+February+2022+Patch+Tuesday/28316/ Google Cloud Virtual Machine Threat Detection https://cloud.google.com/security-command-center/docs/concepts-vm-threat-detection-overview Android Patches https://source.android.com/security/bulletin/2022-02-01 SAP Patches https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022 Podcast 13 Year Anniversary https://isc.sans.edu/podcastdetail.html?id=25
ISC StormCast for Tuesday, February 8th, 2022
web3 phishing via self-customizign landing pages https://isc.sans.edu/forums/diary/web3+phishing+via+selfcustomizing+landing+pages/28312/ MSFT Blocking Office VBA Malcros https://www.theverge.com/2022/2/7/22922032/microsoft-block-office-vba-macros-default-change https://techcommunity.microsoft.com/t5/microsoft-365-blog/helping-users-stay-safe-blocking-internet-macros-by-default-in/ba-p/3071805 Acronis True Image Update https://security-advisory.acronis.com/updates/UPD-2201-f76f-838c Lockbit 2 IoCs https://www.ic3.gov/Media/News/2022/220204.pdf
ISC StormCast for Tuesday, February 8th, 2022
web3 phishing via self-customizign landing pages https://isc.sans.edu/forums/diary/web3+phishing+via+selfcustomizing+landing+pages/28312/ MSFT Blocking Office VBA Malcros https://www.theverge.com/2022/2/7/22922032/microsoft-block-office-vba-macros-default-change https://techcommunity.microsoft.com/t5/microsoft-365-blog/helping-users-stay-safe-blocking-internet-macros-by-default-in/ba-p/3071805 Acronis True Image Update https://security-advisory.acronis.com/updates/UPD-2201-f76f-838c Lockbit 2 IoCs https://www.ic3.gov/Media/News/2022/220204.pdf
ISC StormCast for Monday, February 7th, 2022
Intuit warns of new phishing scams https://security.intuit.com/security-notices IRS working with ID.me https://www.irs.gov/newsroom/new-identity-verification-process-to-access-certain-irs-online-tools-and-services Argo CD Vulnerability https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/ https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7 Thermal Imaging of PoE Devices https://isc.sans.edu/forums/diary/Power+over+Ethernet+and+Thermal+Imaging/28308/
ISC StormCast for Monday, February 7th, 2022
Intuit warns of new phishing scams https://security.intuit.com/security-notices IRS working with ID.me https://www.irs.gov/newsroom/new-identity-verification-process-to-access-certain-irs-online-tools-and-services Argo CD Vulnerability https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/ https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7 Thermal Imaging of PoE Devices https://isc.sans.edu/forums/diary/Power+over+Ethernet+and+Thermal+Imaging/28308/
ISC StormCast for Friday, February 4th, 2022
Attack Surface Detection https://isc.sans.edu/forums/diary/Keeping+Track+of+Your+Attack+Surface+for+Cheap/28304/ MFA News https://www.proofpoint.com/us/blog/threat-insight/mfa-psa-oh-my https://news.microsoft.com/wp-content/uploads/prod/sites/626/2022/02/Cyber-Signals-E-1.pdf Zimbra Webmail 0-Day Exploited https://www.volexity.com/blog/2022/02/03/operation-emailthief-active-exploitation-of-zero-day-xss-vulnerability-in-zimbra/ Cisco RV Series Routers Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D
ISC StormCast for Friday, February 4th, 2022
Attack Surface Detection https://isc.sans.edu/forums/diary/Keeping+Track+of+Your+Attack+Surface+for+Cheap/28304/ MFA News https://www.proofpoint.com/us/blog/threat-insight/mfa-psa-oh-my https://news.microsoft.com/wp-content/uploads/prod/sites/626/2022/02/Cyber-Signals-E-1.pdf Zimbra Webmail 0-Day Exploited https://www.volexity.com/blog/2022/02/03/operation-emailthief-active-exploitation-of-zero-day-xss-vulnerability-in-zimbra/ Cisco RV Series Routers Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D
ISC StormCast for Thursday, February 3rd, 2022
Finding elFinder: Who is looking for your files? https://isc.sans.edu/forums/diary/Finding+elFinder+Who+is+looking+for+your+files/28300/ IBM Spectrum Protect Plus Container Backup Vulnerabilities https://www.ibm.com/support/pages/node/6540860 https://www.ibm.com/support/pages/node/6552188 Microsoft Update Connectivity https://techcommunity.microsoft.com/t5/windows-it-pro-blog/achieve-better-patch-compliance-with-update-connectivity-data/ba-p/3073356 UEFI Bios Vulnerabilities https://www.insyde.com/security-pledge