A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Tuesday, May 12th 2020
Excel 4 Macro Analysis: XLMMacroDeobfuscator https://isc.sans.edu/forums/diary/Excel+4+Macro+Analysis+XLMMacroDeobfuscator/26110/ LinkedIn Phish https://youtu.be/g0WHz6rikoc ThunderSpy Thunderbolt Attack https://thunderspy.io/ vBulletin Vulnerability https://nvd.nist.gov/vuln/detail/CVE-2020-12720 Mini-Netwars https://www.sans.org/mini-netwars
ISC StormCast for Monday, May 11th 2020
YARA 4.0.0 Released https://isc.sans.edu/forums/diary/YARA+v400+BASE64+Strings/26106/ VMWare Patches vRealize to Address Saltstack Vulnerabilities https://www.vmware.com/security/advisories/VMSA-2020-0009.html Samsung Paches Android RCE Vulnerabilities https://bugs.chromium.org/p/project-zero/issues/detail?id=2002 https://security.samsungmobile.com/securityUpdate.smsb MacOS 2FA Application Trojan https://blog.malwarebytes.com/threat-analysis/2020/05/new-mac-variant-of-lazarus-dacls-rat-distributed-via-trojanized-2fa-app/
ISC StormCast for Monday, May 11th 2020
YARA 4.0.0 Released https://isc.sans.edu/forums/diary/YARA+v400+BASE64+Strings/26106/ VMWare Patches vRealize to Address Saltstack Vulnerabilities https://www.vmware.com/security/advisories/VMSA-2020-0009.html Samsung Paches Android RCE Vulnerabilities https://bugs.chromium.org/p/project-zero/issues/detail?id=2002 https://security.samsungmobile.com/securityUpdate.smsb MacOS 2FA Application Trojan https://blog.malwarebytes.com/threat-analysis/2020/05/new-mac-variant-of-lazarus-dacls-rat-distributed-via-trojanized-2fa-app/
ISC StormCast for Friday, May 8th 2020
Scanning With NMAP NSE Scripts https://isc.sans.edu/forums/diary/Scanning+with+nmaps+NSE+scripts/26096/ iOS Psychic Paper Vulerability https://siguza.github.io/psychicpaper/ World Password Day https://www.microsoft.com/security/blog/2020/05/07/protect-accounts-smarter-ways-sign-in-world-passwordless-day https://tails.boum.org/news/version_4.6/index.en.html Cisco Kerberos Bypass https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS
ISC StormCast for Friday, May 8th 2020
Scanning With NMAP NSE Scripts https://isc.sans.edu/forums/diary/Scanning+with+nmaps+NSE+scripts/26096/ iOS Psychic Paper Vulerability https://siguza.github.io/psychicpaper/ World Password Day https://www.microsoft.com/security/blog/2020/05/07/protect-accounts-smarter-ways-sign-in-world-passwordless-day https://tails.boum.org/news/version_4.6/index.en.html Cisco Kerberos Bypass https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS
ISC StormCast for Thursday, May 7th 2020
Keeping an Eye on Malicious Files Life Time https://isc.sans.edu/forums/diary/Keeping+an+Eye+on+Malicious+Files+Life+Time/26092/ Fake Crypto Wallet Chrome Extensions https://www.theregister.co.uk/2020/05/06/chrome_malicious_extensions/ Favicon Hides Credit Card Skimmer https://blog.malwarebytes.com/threat-analysis/2020/05/credit-card-skimmer-masquerades-as-favicon/ WebEx Phishing https://abnormalsecurity.com/blog/abnormal-attack-stories-cisco-webex-phishing/
ISC StormCast for Thursday, May 7th 2020
Keeping an Eye on Malicious Files Life Time https://isc.sans.edu/forums/diary/Keeping+an+Eye+on+Malicious+Files+Life+Time/26092/ Fake Crypto Wallet Chrome Extensions https://www.theregister.co.uk/2020/05/06/chrome_malicious_extensions/ Favicon Hides Credit Card Skimmer https://blog.malwarebytes.com/threat-analysis/2020/05/credit-card-skimmer-masquerades-as-favicon/ WebEx Phishing https://abnormalsecurity.com/blog/abnormal-attack-stories-cisco-webex-phishing/
ISC StormCast for Wednesday, May 6th 2020
Do Cloud Security Features Replace Pesonnel Security Capabilities? https://isc.sans.edu/forums/diary/Cloud+Security+Features+Dont+Replace+the+Need+for+Personnel+Security+Capabilities/26088/ Citrix ShareFile Storage Zones Controller Update https://support.citrix.com/article/CTX269106 Android Update https://source.android.com/security/bulletin/2020-05-01 Firefox Update https://www.mozilla.org/en-US/firefox/76.0/releasenotes/ Dell OS Recovery Image Insecure Inherited Permissions https://www.dell.com/support/article/de-de/sln321036/dsa-2020-059-dell-os-recovery-image-insecure-inherited-permissions-vulnerability?lang=en WordPress Update https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
ISC StormCast for Wednesday, May 6th 2020
Do Cloud Security Features Replace Pesonnel Security Capabilities? https://isc.sans.edu/forums/diary/Cloud+Security+Features+Dont+Replace+the+Need+for+Personnel+Security+Capabilities/26088/ Citrix ShareFile Storage Zones Controller Update https://support.citrix.com/article/CTX269106 Android Update https://source.android.com/security/bulletin/2020-05-01 Firefox Update https://www.mozilla.org/en-US/firefox/76.0/releasenotes/ Dell OS Recovery Image Insecure Inherited Permissions https://www.dell.com/support/article/de-de/sln321036/dsa-2020-059-dell-os-recovery-image-insecure-inherited-permissions-vulnerability?lang=en WordPress Update https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
ISC StormCast for Tuesday, May 5th 2020
Exploring the Sysmon 11 File Deletion Protection https://isc.sans.edu/forums/diary/Sysmon+and+File+Deletion/26084/ Digicert CT Compromise https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/aKNbZuJzwfM WebLogic Flaw (new one..) Exploited in the Wild https://blogs.oracle.com/security/apply-april-2020-cpu
ISC StormCast for Tuesday, May 5th 2020
Exploring the Sysmon 11 File Deletion Protection https://isc.sans.edu/forums/diary/Sysmon+and+File+Deletion/26084/ Digicert CT Compromise https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/aKNbZuJzwfM WebLogic Flaw (new one..) Exploited in the Wild https://blogs.oracle.com/security/apply-april-2020-cpu
ISC StormCast for Monday, May 4th 2020
ZIP Files and AES https://isc.sans.edu/forums/diary/ZIP+AES/26080/ Saltstack Vulnerability Exploited in the Wild https://status.ghost.org/ Mobile Device Manager Compromise https://research.checkpoint.com/2020/first-seen-in-the-wild-mobile-as-attack-vector-using-mdm/
ISC StormCast for Monday, May 4th 2020
ZIP Files and AES https://isc.sans.edu/forums/diary/ZIP+AES/26080/ Saltstack Vulnerability Exploited in the Wild https://status.ghost.org/ Mobile Device Manager Compromise https://research.checkpoint.com/2020/first-seen-in-the-wild-mobile-as-attack-vector-using-mdm/
ISC StormCast for Friday, May 1st 2020
Collecting IOCs from IMAP Folder https://isc.sans.edu/forums/diary/Collecting+IOCs+from+IMAP+Folder/26070/ Attack Traffic on TCP Port 9673 https://isc.sans.edu/forums/diary/Attack+traffic+on+TCP+port+9673/26074/ Saltstack Authorization Bypass https://labs.f-secure.com/advisories/saltstack-authorization-bypass Mac Sandbox Escape https://lapcatsoftware.com/articles/sandbox-escape.html
ISC StormCast for Friday, May 1st 2020
Collecting IOCs from IMAP Folder https://isc.sans.edu/forums/diary/Collecting+IOCs+from+IMAP+Folder/26070/ Attack Traffic on TCP Port 9673 https://isc.sans.edu/forums/diary/Attack+traffic+on+TCP+port+9673/26074/ Saltstack Authorization Bypass https://labs.f-secure.com/advisories/saltstack-authorization-bypass Mac Sandbox Escape https://lapcatsoftware.com/articles/sandbox-escape.html