A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Monday, August 30th, 2021
ChaosDB: Azure Cosmos Database Vulnerability https://chaosdb.wiz.io Phishing via Open Redirects https://www.microsoft.com/security/blog/2021/08/26/widespread-credential-phishing-campaign-abuses-open-redirector-links/ Parallels Vulnerability https://exchange.xforce.ibmcloud.com/vulnerabilities/208188 https://www.zerodayinitiative.com/advisories/ZDI-21-1000/
ISC StormCast for Monday, August 30th, 2021
ChaosDB: Azure Cosmos Database Vulnerability https://chaosdb.wiz.io Phishing via Open Redirects https://www.microsoft.com/security/blog/2021/08/26/widespread-credential-phishing-campaign-abuses-open-redirector-links/ Parallels Vulnerability https://exchange.xforce.ibmcloud.com/vulnerabilities/208188 https://www.zerodayinitiative.com/advisories/ZDI-21-1000/
ISC StormCast for Friday, August 27th, 2021
Cisco Advisories https://tools.cisco.com/security/center/publicationListing.x GETH DoS Vulnerability https://github.com/ethereum/go-ethereum/releases/tag/v1.10.8 Confluence Security Advisory https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html VMWare Updates https://www.vmware.com/security/advisories.html
ISC StormCast for Friday, August 27th, 2021
Cisco Advisories https://tools.cisco.com/security/center/publicationListing.x GETH DoS Vulnerability https://github.com/ethereum/go-ethereum/releases/tag/v1.10.8 Confluence Security Advisory https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html VMWare Updates https://www.vmware.com/security/advisories.html
ISC StormCast for Thursday, August 26th, 2021
There May Be Many More SPF Records Than We Might Expect https://isc.sans.edu/forums/diary/There+may+be+many+more+SPF+records+than+we+might+expect/27786/ OpenSSL Update https://www.openssl.org/news/vulnerabilities.html F5 Update https://support.f5.com/csp/article/K50974556 https://support.f5.com/csp/article/K41351250 SideWalk Backdoor https://www.welivesecurity.com/2021/08/24/sidewalk-may-be-as-dangerous-as-crosswalk/
ISC StormCast for Thursday, August 26th, 2021
There May Be Many More SPF Records Than We Might Expect https://isc.sans.edu/forums/diary/There+may+be+many+more+SPF+records+than+we+might+expect/27786/ OpenSSL Update https://www.openssl.org/news/vulnerabilities.html F5 Update https://support.f5.com/csp/article/K50974556 https://support.f5.com/csp/article/K41351250 SideWalk Backdoor https://www.welivesecurity.com/2021/08/24/sidewalk-may-be-as-dangerous-as-crosswalk/
ISC StormCast for Wednesday, August 25th, 2021
Attackers Hunting for Twilio Credentials https://isc.sans.edu/forums/diary/Attackers+Hunting+For+Twilio+Credentials/27782/ Modified WhatsApp Spreading Malware https://securelist.com/triada-trojan-in-whatsapp-mod/103679/ Privilege Escalation without Pluggin in Device http://0xsp.com/security%20research%20&%20development%20(SRD)/local-administrator-is-not-just-with-razer-it-is-possible-for-all
ISC StormCast for Wednesday, August 25th, 2021
Attackers Hunting for Twilio Credentials https://isc.sans.edu/forums/diary/Attackers+Hunting+For+Twilio+Credentials/27782/ Modified WhatsApp Spreading Malware https://securelist.com/triada-trojan-in-whatsapp-mod/103679/ Privilege Escalation without Pluggin in Device http://0xsp.com/security%20research%20&%20development%20(SRD)/local-administrator-is-not-just-with-razer-it-is-possible-for-all
ISC StormCast for Tuesday, August 24th, 2021
Out of Band Phishing Using SMS Messages to Evade Network Detection https://isc.sans.edu/forums/diary/Out+of+Band+Phishing+Using+SMS+messages+to+Evade+Network+Detection/27768/ Elevate Priviledges with Razer Mouse https://twitter.com/j0nh4t/status/1429049506021138437 Realtek Vulnerabilites Exploited https://securingsam.com/realtek-vulnerabilities-weaponized/ Exposed Microsoft Power Apps https://www.upguard.com/breaches/power-apps
ISC StormCast for Tuesday, August 24th, 2021
Out of Band Phishing Using SMS Messages to Evade Network Detection https://isc.sans.edu/forums/diary/Out+of+Band+Phishing+Using+SMS+messages+to+Evade+Network+Detection/27768/ Elevate Priviledges with Razer Mouse https://twitter.com/j0nh4t/status/1429049506021138437 Realtek Vulnerabilites Exploited https://securingsam.com/realtek-vulnerabilities-weaponized/ Exposed Microsoft Power Apps https://www.upguard.com/breaches/power-apps
ISC StormCast for Monday, August 23rd, 2021
Waiting for the C2 to Show Up https://isc.sans.edu/forums/diary/Waiting+for+the+C2+to+Show+Up/27772/ DOCX with Embdedded EXE https://isc.sans.edu/forums/diary/docx+With+Embedded+EXE/27776/ Securing Your Windows 365 Cloud PCs https://techcommunity.microsoft.com/t5/windows-it-pro-blog/securing-your-windows-365-cloud-pcs/ba-p/2663129 Pegasus Fraud Scam https://www.ehackingnews.com/2021/08/pegasus-iphone-hacks-used-as-bait-in.html Proper Audit Logging for Office 365 https://zolder.io/office-365-audit-logging/
ISC StormCast for Monday, August 23rd, 2021
Waiting for the C2 to Show Up https://isc.sans.edu/forums/diary/Waiting+for+the+C2+to+Show+Up/27772/ DOCX with Embdedded EXE https://isc.sans.edu/forums/diary/docx+With+Embedded+EXE/27776/ Securing Your Windows 365 Cloud PCs https://techcommunity.microsoft.com/t5/windows-it-pro-blog/securing-your-windows-365-cloud-pcs/ba-p/2663129 Pegasus Fraud Scam https://www.ehackingnews.com/2021/08/pegasus-iphone-hacks-used-as-bait-in.html Proper Audit Logging for Office 365 https://zolder.io/office-365-audit-logging/
ISC StormCast for Friday, August 20th, 2021
When Lightning Strikes: What works and doesn't work https://isc.sans.edu/forums/diary/When+Lightning+Strikes+What+works+and+doesnt+work/27766/ Cisco Small Business Router Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-sb-rv-overflow-htpymMB5 Blackberry QNX Products Vulnerability https://support.blackberry.com/kb/articleDetail?articleNumber=000082334 SANS.edu Student: Mark Morowcynzski; Decreasing Attacker Dwell Time in Azure Active Directory https://www.sans.org/white-papers/40390/
ISC StormCast for Friday, August 20th, 2021
When Lightning Strikes: What works and doesn't work https://isc.sans.edu/forums/diary/When+Lightning+Strikes+What+works+and+doesnt+work/27766/ Cisco Small Business Router Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-sb-rv-overflow-htpymMB5 Blackberry QNX Products Vulnerability https://support.blackberry.com/kb/articleDetail?articleNumber=000082334 SANS.edu Student: Mark Morowcynzski; Decreasing Attacker Dwell Time in Azure Active Directory https://www.sans.org/white-papers/40390/
ISC StormCast for Thursday, August 19th, 2021
5 Things to Consider Before Moving Back to the Office https://isc.sans.edu/forums/diary/5+Things+to+Consider+Before+Moving+Back+to+the+Office/27762/ Adobe Patches https://helpx.adobe.com/security.html Several Web Sites Infected with Chinese Spyware https://imp0rtp3.wordpress.com/2021/08/12/tetris/ Trickbot Tricks Users with 1Password https://www.ehackingnews.com/2021/08/trickbot-employs-bogus-1password.html