A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Friday, November 20th 2020
PowerShell Dropper Delivering Formbook https://isc.sans.edu/forums/diary/PowerShell+Dropper+Delivering+Formbook/26806/ Google Leading the Way in Phishing https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign Identifying Malicious Servers With JARM https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a Daniel Behrens: Industrial Traffic Collection: Understanding the Implications of Deploying Visibility Without Impacting Production https://www.sans.org/reading-room/whitepapers/ICS/industrial-traffic-collection-understanding-implications-deploying-visibility-impacting-production-39810
ISC StormCast for Thursday, November 19th 2020
When Security Controls Lead to Security Issues https://isc.sans.edu/forums/diary/When+Security+Controls+Lead+to+Security+Issues/26804/ Google Chrome Update https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html Firefox 83 HTTPS Only Mode https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/ OOB Windows Kerberos Update https://docs.microsoft.com/en-us/windows/release-information/windows-message-center Cisco WebEx Patch Fixes "Ghost Users" https://securityintelligence.com/posts/ibm-works-with-cisco-exorcise-ghosts-webex-meetings/ Ransomware Flooding Printers https://twitter.com/Irlenys/status/1327784305465188353
ISC StormCast for Thursday, November 19th 2020
When Security Controls Lead to Security Issues https://isc.sans.edu/forums/diary/When+Security+Controls+Lead+to+Security+Issues/26804/ Google Chrome Update https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html Firefox 83 HTTPS Only Mode https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/ OOB Windows Kerberos Update https://docs.microsoft.com/en-us/windows/release-information/windows-message-center Cisco WebEx Patch Fixes "Ghost Users" https://securityintelligence.com/posts/ibm-works-with-cisco-exorcise-ghosts-webex-meetings/ Ransomware Flooding Printers https://twitter.com/Irlenys/status/1327784305465188353
ISC StormCast for Wednesday, November 18th 2020
Apple Binaries Used to Bypass 3rd Party Security Products on MacOS 11 https://twitter.com/patrickwardle/status/1327726496203476992 Apple Improving Privacy on App Certificate Checks https://support.apple.com/en-us/HT202491 Cisco Security Manager Vulnerabilities https://gist.github.com/Frycos/8bf5c125d720b3504b4f28a1126e509e https://tools.cisco.com/security/center/publicationListing.x
ISC StormCast for Wednesday, November 18th 2020
Apple Binaries Used to Bypass 3rd Party Security Products on MacOS 11 https://twitter.com/patrickwardle/status/1327726496203476992 Apple Improving Privacy on App Certificate Checks https://support.apple.com/en-us/HT202491 Cisco Security Manager Vulnerabilities https://gist.github.com/Frycos/8bf5c125d720b3504b4f28a1126e509e https://tools.cisco.com/security/center/publicationListing.x
ISC StormCast for Tuesday, November 17th 2020
Old Vulnerbilities Don't Die https://isc.sans.edu/forums/diary/Heartbleed+BlueKeep+and+other+vulnerabilities+that+didnt+disappear+just+because+we+dont+talk+about+them+anymore/26798/ Citrix Virtual Apps and Desktops Security Update https://support.citrix.com/article/CTX285059 Zoom Security Improvements https://blog.zoom.us/new-ways-to-combat-zoom-meeting-disruptions/ Firefox File Read Vulnerability Details https://medium.com/@kanytu/firefox-and-how-a-website-could-steal-all-of-your-cookies-581fe4648e8d
ISC StormCast for Tuesday, November 17th 2020
Old Vulnerbilities Don't Die https://isc.sans.edu/forums/diary/Heartbleed+BlueKeep+and+other+vulnerabilities+that+didnt+disappear+just+because+we+dont+talk+about+them+anymore/26798/ Citrix Virtual Apps and Desktops Security Update https://support.citrix.com/article/CTX285059 Zoom Security Improvements https://blog.zoom.us/new-ways-to-combat-zoom-meeting-disruptions/ Firefox File Read Vulnerability Details https://medium.com/@kanytu/firefox-and-how-a-website-could-steal-all-of-your-cookies-581fe4648e8d
ISC StormCast for Monday, November 16th 2020
Oledump Removed Macro Indicator https://isc.sans.edu/forums/diary/oledumps+Indicator/26794/ Old Worm But New Obfuscation Technique https://isc.sans.edu/forums/diary/Old+Worm+But+New+Obfuscation+Technique/26792/ MacOS OCSP Disaster https://blog.cryptohack.org/macos-ocsp-disaster VoltPillager: Hardware-base fault injection attacks against Instel SGX Enclaves using the SVID voltage scaling interface https://www.usenix.org/system/files/sec21summer_chen-zitai.pdf
ISC StormCast for Monday, November 16th 2020
Oledump Removed Macro Indicator https://isc.sans.edu/forums/diary/oledumps+Indicator/26794/ Old Worm But New Obfuscation Technique https://isc.sans.edu/forums/diary/Old+Worm+But+New+Obfuscation+Technique/26792/ MacOS OCSP Disaster https://blog.cryptohack.org/macos-ocsp-disaster VoltPillager: Hardware-base fault injection attacks against Instel SGX Enclaves using the SVID voltage scaling interface https://www.usenix.org/system/files/sec21summer_chen-zitai.pdf
ISC StormCast for Friday, November 13th 2020
Preventing Exposed Azure Blob Storage https://isc.sans.edu/forums/diary/Preventing+Exposed+Azure+Blob+Storage/26786/ Apple Security Updates https://support.apple.com/en-us/HT201222 DNS Cache Poisoning Attack Reloaded https://dl.acm.org/doi/pdf/10.1145/3372297.3417280 Rebel Powell: Poisoned Postman; Detecting Manipulation of Compliance Features in a Microsoft Exchange Online Environment https://www.sans.org/reading-room/whitepapers/cloud/poisoned-postman-detecting-manipulation-compliance-features-microsoft-exchange-online-environment-39850
ISC StormCast for Friday, November 13th 2020
Preventing Exposed Azure Blob Storage https://isc.sans.edu/forums/diary/Preventing+Exposed+Azure+Blob+Storage/26786/ Apple Security Updates https://support.apple.com/en-us/HT201222 DNS Cache Poisoning Attack Reloaded https://dl.acm.org/doi/pdf/10.1145/3372297.3417280 Rebel Powell: Poisoned Postman; Detecting Manipulation of Compliance Features in a Microsoft Exchange Online Environment https://www.sans.org/reading-room/whitepapers/cloud/poisoned-postman-detecting-manipulation-compliance-features-microsoft-exchange-online-environment-39850
ISC StormCast for Thursday, November 12th 2020
Traffic Analysis Quiz https://isc.sans.edu/forums/diary/Traffic+Analysis+Quiz+DESKTOPFX23IK5/26780/ Open Source Security Scorecards https://github.com/ossf/scorecard Bitdefender: UPX Unpacking Featuring Ten Memory Corruptions https://landave.io/2020/11/bitdefender-upx-unpacking-featuring-ten-memory-corruptions/ Ubuntu 20.04 Privilege Escalation https://securitylab.github.com/research/Ubuntu-gdm3-accountsservice-LPE
ISC StormCast for Thursday, November 12th 2020
Traffic Analysis Quiz https://isc.sans.edu/forums/diary/Traffic+Analysis+Quiz+DESKTOPFX23IK5/26780/ Open Source Security Scorecards https://github.com/ossf/scorecard Bitdefender: UPX Unpacking Featuring Ten Memory Corruptions https://landave.io/2020/11/bitdefender-upx-unpacking-featuring-ten-memory-corruptions/ Ubuntu 20.04 Privilege Escalation https://securitylab.github.com/research/Ubuntu-gdm3-accountsservice-LPE
ISC StormCast for Wednesday, November 11th 2020
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+November+2020+Patch+Tuesday/26778/ "Platypus" Attack against Intel SGX https://platypusattack.com/ Adobe Updates https://helpx.adobe.com/security.html Firefox Updates https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/#CVE-2020-26950 Fingerprinting ADS-B Signals https://icnp20.cs.ucr.edu/proceedings/aimcom2/Real-World%20ADS-B%20signal%20recognition%20based%20on%20Radio%20Frequency%20Fingerprinting.pdf
ISC StormCast for Wednesday, November 11th 2020
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+November+2020+Patch+Tuesday/26778/ "Platypus" Attack against Intel SGX https://platypusattack.com/ Adobe Updates https://helpx.adobe.com/security.html Firefox Updates https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/#CVE-2020-26950 Fingerprinting ADS-B Signals https://icnp20.cs.ucr.edu/proceedings/aimcom2/Real-World%20ADS-B%20signal%20recognition%20based%20on%20Radio%20Frequency%20Fingerprinting.pdf