A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Monday, November 1st, 2021
Remote Desktop Protocol RDP Discovery https://isc.sans.edu/forums/diary/Remote+Desktop+Protocol+RDP+Discovery/27984/ Sysmon Update https://isc.sans.edu/forums/diary/Sysinternals+Autoruns+and+Sysmon+updates/27986/ Google Chrome Updates https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html AbstractEmu Malware Roots Android https://blog.lookout.com/lookout-discovers-global-rooting-malware-campaign Microsoft Defender For Endpoint Web Content Filtering https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/web-content-filtering-now-generally-available-on-windows/ba-p/2893357
ISC StormCast for Monday, November 1st, 2021
Remote Desktop Protocol RDP Discovery https://isc.sans.edu/forums/diary/Remote+Desktop+Protocol+RDP+Discovery/27984/ Sysmon Update https://isc.sans.edu/forums/diary/Sysinternals+Autoruns+and+Sysmon+updates/27986/ Google Chrome Updates https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html AbstractEmu Malware Roots Android https://blog.lookout.com/lookout-discovers-global-rooting-malware-campaign Microsoft Defender For Endpoint Web Content Filtering https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/web-content-filtering-now-generally-available-on-windows/ba-p/2893357
ISC StormCast for Friday, October 29th, 2021
Critical Hikvision Patch https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/ Shrootless Vulnerability in MacOS https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/ More Malicious NPM Libraries https://www.theregister.com/2021/10/27/npm_roblox_ransomware/
ISC StormCast for Friday, October 29th, 2021
Critical Hikvision Patch https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/ Shrootless Vulnerability in MacOS https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/ More Malicious NPM Libraries https://www.theregister.com/2021/10/27/npm_roblox_ransomware/
ISC StormCast for Thursday, October 28th, 2021
Outlook Web Access Phishing https://isc.sans.edu/forums/diary/Hunting+for+Phishing+Sites+Masquerading+as+Outlook+Web+Access/27974/ Apple Security Updates Details Available https://support.apple.com/en-us/HT201222 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html PinkBot Botnet Uses DoH https://blog.netlab.360.com/pinkbot/ Jira Insight Patch https://confluence.atlassian.com/adminjiraserver/jira-service-management-security-advisory-2021-10-20-1085186548.html
ISC StormCast for Thursday, October 28th, 2021
Outlook Web Access Phishing https://isc.sans.edu/forums/diary/Hunting+for+Phishing+Sites+Masquerading+as+Outlook+Web+Access/27974/ Apple Security Updates Details Available https://support.apple.com/en-us/HT201222 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html PinkBot Botnet Uses DoH https://blog.netlab.360.com/pinkbot/ Jira Insight Patch https://confluence.atlassian.com/adminjiraserver/jira-service-management-security-advisory-2021-10-20-1085186548.html
ISC StormCast for Wednesday, October 27th, 2021
Apple Updates Everything (but no details yet) https://support.apple.com/en-sa/HT201222 Craigslist E-Mail Hijack https://www.inky.com/blog/urgency-mail-relay-serve-phishers-well-on-craigslist UltimaSMS Android Malware https://blog.avast.com/premium-sms-scam-apps-on-play-store-avast Firefox Proxy Malware https://blog.mozilla.org/security/2021/10/25/securing-the-proxy-api-for-firefox-add-ons/
ISC StormCast for Wednesday, October 27th, 2021
Apple Updates Everything (but no details yet) https://support.apple.com/en-sa/HT201222 Craigslist E-Mail Hijack https://www.inky.com/blog/urgency-mail-relay-serve-phishers-well-on-craigslist UltimaSMS Android Malware https://blog.avast.com/premium-sms-scam-apps-on-play-store-avast Firefox Proxy Malware https://blog.mozilla.org/security/2021/10/25/securing-the-proxy-api-for-firefox-add-ons/
ISC StormCast for Tuesday, October 26th, 2021
Decrypting Cobalt Strike Traffic https://isc.sans.edu/forums/diary/Decrypting+Cobalt+Strike+Traffic+With+a+Leaked+Private+Key/27968/ Critical Discourse Vulnerability https://us-cert.cisa.gov/ncas/current-activity/2021/10/24/critical-rce-vulnerability-discourse Discourse Discussion Platform RCE https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-pvpc-qgwq https://0day.click/recipe/discourse-sns-rce/ ua-parser-js malware https://github.com/advisories/GHSA-pjwm-rvh2-c87w Vulnerable Billing Software BillQuick Web Used to Deploy Ransomware https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware
ISC StormCast for Tuesday, October 26th, 2021
Decrypting Cobalt Strike Traffic https://isc.sans.edu/forums/diary/Decrypting+Cobalt+Strike+Traffic+With+a+Leaked+Private+Key/27968/ Critical Discourse Vulnerability https://us-cert.cisa.gov/ncas/current-activity/2021/10/24/critical-rce-vulnerability-discourse Discourse Discussion Platform RCE https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-pvpc-qgwq https://0day.click/recipe/discourse-sns-rce/ ua-parser-js malware https://github.com/advisories/GHSA-pjwm-rvh2-c87w Vulnerable Billing Software BillQuick Web Used to Deploy Ransomware https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware
ISC StormCast for Monday, October 25th, 2021
Malware Quiz https://isc.sans.edu/forums/diary/October+2021+Contest+Forensic+Challenge/27960/ Odd Zip Files https://isc.sans.edu/forums/diary/Phishing+ZIP+With+Malformed+Filename/27966/ Decrypting Cobalt Strike Configurations Using Known Secret Keys https://blog.nviso.eu/2021/10/21/cobalt-strike-using-known-private-keys-to-decrypt-traffic-part-1/ Tracking BLE Fingerprints https://cseweb.ucsd.edu/~nibhaska/papers/sp22_paper.pdf GPS Software Bug https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/gps-daemon-gpsd-rollover-bug https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/
ISC StormCast for Monday, October 25th, 2021
Malware Quiz https://isc.sans.edu/forums/diary/October+2021+Contest+Forensic+Challenge/27960/ Odd Zip Files https://isc.sans.edu/forums/diary/Phishing+ZIP+With+Malformed+Filename/27966/ Decrypting Cobalt Strike Configurations Using Known Secret Keys https://blog.nviso.eu/2021/10/21/cobalt-strike-using-known-private-keys-to-decrypt-traffic-part-1/ Tracking BLE Fingerprints https://cseweb.ucsd.edu/~nibhaska/papers/sp22_paper.pdf GPS Software Bug https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/gps-daemon-gpsd-rollover-bug https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/
ISC StormCast for Friday, October 22nd, 2021
Stolen Images Evidence Campaign Pushes Sliver Based Malware https://isc.sans.edu/forums/diary/Stolen+Images+Evidence+campaign+pushes+Sliverbased+malware/27954/ FiveSys Rootkit Signed By Microsoft https://www.bitdefender.com/files/News/CaseStudies/study/405/Bitdefender-DT-Whitepaper-Fivesys-creat5699-en-EN.pdf Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpuoct2021.html WinRAR Vulnerability https://swarm.ptsecurity.com/winrars-vulnerable-trialware-when-free-software-isnt-free/ Crypto Mining npm Libraries https://blog.sonatype.com/newly-found-npm-malware-mines-cryptocurrency-on-windows-linux-macos-devices
ISC StormCast for Friday, October 22nd, 2021
Stolen Images Evidence Campaign Pushes Sliver Based Malware https://isc.sans.edu/forums/diary/Stolen+Images+Evidence+campaign+pushes+Sliverbased+malware/27954/ FiveSys Rootkit Signed By Microsoft https://www.bitdefender.com/files/News/CaseStudies/study/405/Bitdefender-DT-Whitepaper-Fivesys-creat5699-en-EN.pdf Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpuoct2021.html WinRAR Vulnerability https://swarm.ptsecurity.com/winrars-vulnerable-trialware-when-free-software-isnt-free/ Crypto Mining npm Libraries https://blog.sonatype.com/newly-found-npm-malware-mines-cryptocurrency-on-windows-linux-macos-devices
ISC StormCast for Thursday, October 21st, 2021
Thanks to Covid 19: New Types of Documents are Lost in the Wild https://isc.sans.edu/forums/diary/Thanks+to+COVID19+New+Types+of+Documents+are+Lost+in+The+Wild/27952/ Google Chrome 95 Released https://chromestatus.com/roadmap Squirrel VM Bug https://thehackernews.com/2021/10/squirrel-engine-bug-could-let-attackers.html BlackByte Decryptor Released https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/blackbyte-ransomware-pt-1-in-depth-analysis/ https://github.com/SpiderLabs/BlackByteDecryptor