A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Thursday, December 3rd 2020
Prevelance of DNS Spoofing https://arxiv.org/abs/2011.12978 New npm Malware Includes Bladabindi Trojan https://blog.sonatype.com/bladabindi-njrat-rat-in-jdb.js-npm-malware DarkIRC Bot Exploits Recent Oracle WebLogic Vulnerablity https://blogs.juniper.net/en-us/threat-research/darkirc-bot-exploits-oracle-weblogic-vulnerability
ISC StormCast for Thursday, December 3rd 2020
Prevelance of DNS Spoofing https://arxiv.org/abs/2011.12978 New npm Malware Includes Bladabindi Trojan https://blog.sonatype.com/bladabindi-njrat-rat-in-jdb.js-npm-malware DarkIRC Bot Exploits Recent Oracle WebLogic Vulnerablity https://blogs.juniper.net/en-us/threat-research/darkirc-bot-exploits-oracle-weblogic-vulnerability
ISC StormCast for Wednesday, December 2nd 2020
Xanthe Docker Aware Miner https://blog.talosintelligence.com/2020/12/xanthe-docker-aware-miner.html#more Ocean Lotus Mac Backdoor https://www.trendmicro.com/en_us/research/20/k/new-macos-backdoor-connected-to-oceanlotus-surfaces.html OpenClinic vs OpenClinic GA https://labs.bishopfox.com/advisories/openclinic-version-0.8.2 https://us-cert.cisa.gov/ics/advisories/icsma-20-184-01 https://sourceforge.net/p/open-clinic/discussion/1231980/thread/a2e8909fc5/ Register For Cyberstart https://www.cyberstartamerica.org
ISC StormCast for Wednesday, December 2nd 2020
Xanthe Docker Aware Miner https://blog.talosintelligence.com/2020/12/xanthe-docker-aware-miner.html#more Ocean Lotus Mac Backdoor https://www.trendmicro.com/en_us/research/20/k/new-macos-backdoor-connected-to-oceanlotus-surfaces.html OpenClinic vs OpenClinic GA https://labs.bishopfox.com/advisories/openclinic-version-0.8.2 https://us-cert.cisa.gov/ics/advisories/icsma-20-184-01 https://sourceforge.net/p/open-clinic/discussion/1231980/thread/a2e8909fc5/ Register For Cyberstart https://www.cyberstartamerica.org
ISC StormCast for Tuesday, December 1st 2020
Decrypting PowerShell Payloads https://isc.sans.edu/forums/diary/Decrypting+PowerShell+Payloads+video/26838/ Trend Micro ServerProtect for Linux https://success.trendmicro.com/solution/000281950 WebKit Vulnerabilities https://blog.talosintelligence.com/2020/11/vuln-spotlight-webkit-use-after-free-nov-2020.html New Skimmer JS https://twitter.com/AffableKraut/status/1333258498910588928
ISC StormCast for Tuesday, December 1st 2020
Decrypting PowerShell Payloads https://isc.sans.edu/forums/diary/Decrypting+PowerShell+Payloads+video/26838/ Trend Micro ServerProtect for Linux https://success.trendmicro.com/solution/000281950 WebKit Vulnerabilities https://blog.talosintelligence.com/2020/11/vuln-spotlight-webkit-use-after-free-nov-2020.html New Skimmer JS https://twitter.com/AffableKraut/status/1333258498910588928
ISC StormCast for Monday, November 30th 2020
Live Patching Windows API Calls Using PowerShell https://isc.sans.edu/forums/diary/Live+Patching+Windows+API+Calls+Using+PowerShell/26826/ Threat Hunting with JARM https://isc.sans.edu/forums/diary/Threat+Hunting+with+JARM/26832/ https://isc.sans.edu/forums/diary/Quick+Tip+Using+JARM+With+a+SOCKS+Proxy/26834/ Be Careful With IoT Gifts https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/ https://www.cyberscoop.com/smart-doorbells-amazon-ebay-ncc-vulnerabilities/ Active Exploitation of Mobile Iron Vulnerabilities https://www.ncsc.gov.uk/news/alert-multiple-actors-attempt-exploit-mobileiron-vulnerability
ISC StormCast for Monday, November 30th 2020
Live Patching Windows API Calls Using PowerShell https://isc.sans.edu/forums/diary/Live+Patching+Windows+API+Calls+Using+PowerShell/26826/ Threat Hunting with JARM https://isc.sans.edu/forums/diary/Threat+Hunting+with+JARM/26832/ https://isc.sans.edu/forums/diary/Quick+Tip+Using+JARM+With+a+SOCKS+Proxy/26834/ Be Careful With IoT Gifts https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/ https://www.cyberscoop.com/smart-doorbells-amazon-ebay-ncc-vulnerabilities/ Active Exploitation of Mobile Iron Vulnerabilities https://www.ncsc.gov.uk/news/alert-multiple-actors-attempt-exploit-mobileiron-vulnerability
ISC StormCast for Wednesday, November 25th 2020
The Special Case of TCP Resets https://isc.sans.edu/forums/diary/The+special+case+of+TCP+RST/26824/ VMWare Workspace Vulnerability https://www.theregister.com/2020/11/24/vmware_urges_sysadmins_to_implement/ Holiday Hack Challenge 2020 https://holidayhackchallenge.com/2020/
ISC StormCast for Wednesday, November 25th 2020
The Special Case of TCP Resets https://isc.sans.edu/forums/diary/The+special+case+of+TCP+RST/26824/ VMWare Workspace Vulnerability https://www.theregister.com/2020/11/24/vmware_urges_sysadmins_to_implement/ Holiday Hack Challenge 2020 https://holidayhackchallenge.com/2020/
ISC StormCast for Tuesday, November 24th 2020
Quick Tip: Cobalt Strike Beacon Analysis https://isc.sans.edu/forums/diary/Quick+Tip+Cobalt+Strike+Beacon+Analysis/26818/ Godaddy Social Engineering Used to Compromise Bitcoin Exchange Domains https://blog.liquid.com/security-incident-november-13-2020 Spoofed FBI Domains https://www.ic3.gov/Media/Y2020/PSA201123
ISC StormCast for Tuesday, November 24th 2020
Quick Tip: Cobalt Strike Beacon Analysis https://isc.sans.edu/forums/diary/Quick+Tip+Cobalt+Strike+Beacon+Analysis/26818/ Godaddy Social Engineering Used to Compromise Bitcoin Exchange Domains https://blog.liquid.com/security-incident-november-13-2020 Spoofed FBI Domains https://www.ic3.gov/Media/Y2020/PSA201123
ISC StormCast for Monday, November 23rd 2020
Updates for VMWare ESXi; Fusion and Workstation https://www.vmware.com/security/advisories/VMSA-2020-0026.html IBM DB2 Vulnerability https://www.ibm.com/support/pages/node/6370025 https://www.ibm.com/support/pages/node/6370023 Fortinet SSL VPN Exploit Used to Collect Credentials https://twitter.com/Bank_Security/status/1329426020647243778
ISC StormCast for Monday, November 23rd 2020
Updates for VMWare ESXi; Fusion and Workstation https://www.vmware.com/security/advisories/VMSA-2020-0026.html IBM DB2 Vulnerability https://www.ibm.com/support/pages/node/6370025 https://www.ibm.com/support/pages/node/6370023 Fortinet SSL VPN Exploit Used to Collect Credentials https://twitter.com/Bank_Security/status/1329426020647243778
ISC StormCast for Friday, November 20th 2020
PowerShell Dropper Delivering Formbook https://isc.sans.edu/forums/diary/PowerShell+Dropper+Delivering+Formbook/26806/ Google Leading the Way in Phishing https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign Identifying Malicious Servers With JARM https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a Daniel Behrens: Industrial Traffic Collection: Understanding the Implications of Deploying Visibility Without Impacting Production https://www.sans.org/reading-room/whitepapers/ICS/industrial-traffic-collection-understanding-implications-deploying-visibility-impacting-production-39810