A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Tuesday, September 29th 2020
Some Tyler Technologies Customers Targeted after Breach https://isc.sans.edu/forums/diary/Some+Tyler+Technologies+Customers+Targeted+with+The+Installation+of+a+Bomgar+Client/26610/ Obfuscated PowerShell Backdoor https://isc.sans.edu/forums/diary/PowerShell+Backdoor+Launched+from+a+ShellCode/26602/ QNAP Fixes AgeLocker Vulnerability in Photo Station https://www.qnap.com/de-de/security-advisory/qsa-20-06 TrendMicro Apex One Vulnerablity https://success.trendmicro.com/product-support/apex-one
ISC StormCast for Tuesday, September 29th 2020
Some Tyler Technologies Customers Targeted after Breach https://isc.sans.edu/forums/diary/Some+Tyler+Technologies+Customers+Targeted+with+The+Installation+of+a+Bomgar+Client/26610/ Obfuscated PowerShell Backdoor https://isc.sans.edu/forums/diary/PowerShell+Backdoor+Launched+from+a+ShellCode/26602/ QNAP Fixes AgeLocker Vulnerability in Photo Station https://www.qnap.com/de-de/security-advisory/qsa-20-06 TrendMicro Apex One Vulnerablity https://success.trendmicro.com/product-support/apex-one
ISC StormCast for Monday, September 28th 2020
Securing Exchange Online https://isc.sans.edu/forums/diary/Securing+Exchange+Online+Guest+Diary/26600/ Decoding Corrupt BASE64 https://isc.sans.edu/forums/diary/Decoding+Corrupt+BASE64+Strings/26606/ Fortinet VPN Default Setting Problem https://securingsam.com/breaching-the-fort/ Single Use Credit Cards Numbers https://www.helpnetsecurity.com/2020/09/25/privacy-cards/
ISC StormCast for Monday, September 28th 2020
Securing Exchange Online https://isc.sans.edu/forums/diary/Securing+Exchange+Online+Guest+Diary/26600/ Decoding Corrupt BASE64 https://isc.sans.edu/forums/diary/Decoding+Corrupt+BASE64+Strings/26606/ Fortinet VPN Default Setting Problem https://securingsam.com/breaching-the-fort/ Single Use Credit Cards Numbers https://www.helpnetsecurity.com/2020/09/25/privacy-cards/
ISC StormCast for Friday, September 25th 2020
Party in Ibiza with PowerShell https://isc.sans.edu/forums/diary/Party+in+Ibiza+with+PowerShell/26594/ Microsoft Tracking Zerologon Exploits https://twitter.com/MsftSecIntel/status/1308941504707063808 Apple Patches https://support.apple.com/en-us/HT201222 Instagram for Android Vulnerability https://blog.checkpoint.com/2020/09/24/instahack-how-researchers-were-able-to-take-over-the-instagram-app-using-a-malicious-image/
ISC StormCast for Friday, September 25th 2020
Party in Ibiza with PowerShell https://isc.sans.edu/forums/diary/Party+in+Ibiza+with+PowerShell/26594/ Microsoft Tracking Zerologon Exploits https://twitter.com/MsftSecIntel/status/1308941504707063808 Apple Patches https://support.apple.com/en-us/HT201222 Instagram for Android Vulnerability https://blog.checkpoint.com/2020/09/24/instahack-how-researchers-were-able-to-take-over-the-instagram-app-using-a-malicious-image/
ISC StormCast for Thursday, September 24th 2020
Dynamic Malicious Word Document https://isc.sans.edu/forums/diary/Malicious+Word+Document+with+Dynamic+Content/26590/ Old Versions of SAMBA Affected by ZeroLogon Vulnerability https://www.samba.org/samba/security/CVE-2020-1472.html Google Chrome Update https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html QNAP Devices hit by AgeLocker Ransomware https://www.bleepingcomputer.com/news/security/agelocker-ransomware-targets-qnap-nas-devices-steals-data/
ISC StormCast for Thursday, September 24th 2020
Dynamic Malicious Word Document https://isc.sans.edu/forums/diary/Malicious+Word+Document+with+Dynamic+Content/26590/ Old Versions of SAMBA Affected by ZeroLogon Vulnerability https://www.samba.org/samba/security/CVE-2020-1472.html Google Chrome Update https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html QNAP Devices hit by AgeLocker Ransomware https://www.bleepingcomputer.com/news/security/agelocker-ransomware-targets-qnap-nas-devices-steals-data/
ISC StormCast for Wednesday, September 23rd 2020
Citrix ADC Udpates https://support.citrix.com/article/CTX281474 Firefox Version 81 Released https://www.mozilla.org/en-US/firefox/81.0/releasenotes/ Simple Scan Drops Ransomware Risk https://www.accesswire.com/607018/Corvus-Updates-Scan-Technology-with-RDP-Detection-Slashes-Ransomware-Claims-by-65 iOS 14 Jailbreak https://checkra.in/news/2020/09/iOS-14-announcement
ISC StormCast for Wednesday, September 23rd 2020
Citrix ADC Udpates https://support.citrix.com/article/CTX281474 Firefox Version 81 Released https://www.mozilla.org/en-US/firefox/81.0/releasenotes/ Simple Scan Drops Ransomware Risk https://www.accesswire.com/607018/Corvus-Updates-Scan-Technology-with-RDP-Detection-Slashes-Ransomware-Claims-by-65 iOS 14 Jailbreak https://checkra.in/news/2020/09/iOS-14-announcement
ISC StormCast for Tuesday, September 22nd 2020
Slightly Broken Overlay Phishing https://isc.sans.edu/forums/diary/Slightly+broken+overlay+phishing/26586/ MacOS Code Injection via Third Party Frameworks https://www.trustedsec.com/blog/macos-injection-via-third-party-frameworks Snort/ClamAV Cobalt Strike Detection https://blog.talosintelligence.com/2020/09/coverage-strikes-back-cobalt-strike-paper.html#more
ISC StormCast for Tuesday, September 22nd 2020
Slightly Broken Overlay Phishing https://isc.sans.edu/forums/diary/Slightly+broken+overlay+phishing/26586/ MacOS Code Injection via Third Party Frameworks https://www.trustedsec.com/blog/macos-injection-via-third-party-frameworks Snort/ClamAV Cobalt Strike Detection https://blog.talosintelligence.com/2020/09/coverage-strikes-back-cobalt-strike-paper.html#more
ISC StormCast for Monday, September 21st 2020
A Mix of Python and VBA in a Malicious Word Document https://isc.sans.edu/forums/diary/A+Mix+of+Python+VBA+in+a+Malicious+Word+Document/26578/ Salesforce Phish https://isc.sans.edu/forums/diary/Analysis+of+a+Salesforce+Phishing+Emails/26582/ Google App Engine Used in Phishing Attacks https://medium.com/@marcelx/attackers-are-abusing-googles-app-engine-to-circumvent-enterprise-security-solutions-again-eda8345d531d Sysmon Adds Clipboard Monitoring https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon Windows Defender No Longer Able to Download Files https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-windows-defender-ability-after-security-concerns/
ISC StormCast for Monday, September 21st 2020
A Mix of Python and VBA in a Malicious Word Document https://isc.sans.edu/forums/diary/A+Mix+of+Python+VBA+in+a+Malicious+Word+Document/26578/ Salesforce Phish https://isc.sans.edu/forums/diary/Analysis+of+a+Salesforce+Phishing+Emails/26582/ Google App Engine Used in Phishing Attacks https://medium.com/@marcelx/attackers-are-abusing-googles-app-engine-to-circumvent-enterprise-security-solutions-again-eda8345d531d Sysmon Adds Clipboard Monitoring https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon Windows Defender No Longer Able to Download Files https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-windows-defender-ability-after-security-concerns/
ISC StormCast for Friday, September 18th 2020
OSSEC Active Response https://isc.sans.edu/forums/diary/Suspicious+Endpoint+Containment+with+OSSEC/26576/ Microsoft Patch for Office for Mac https://docs.microsoft.com/en-us/officeupdates/release-notes-office-for-mac VMWare Fusion Vulnerablity https://www.vmware.com/security/advisories/VMSA-2020-0020.html NSA Secure Boot Configuration Guide https://media.defense.gov/2020/Sep/15/2002497594/-1/-1/0/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDF/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDF Microsoft Edge Warns Users of Adobe Flash End of Support https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/