A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
CppCast
Every two weeks, or so, we sit down with guests from the C++ community to discuss the latest news and what they have been up to. Find us at cppcast.com
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Friday, July 19th, 2024
Oracle Quarterly Critical Patch Update https://www.oracle.com/security-alerts/cpujul2024.html Exchange Online Implementing Inbound SMTP DANE with DNSSEC https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-public-preview-of-inbound-smtp-dane-with-dnssec-for/ba-p/4155257 VPN Port Shadowing Vulnerability https://petsymposium.org/popets/2024/popets-2024-0070.pdf
ISC StormCast for Friday, July 19th, 2024
Oracle Quarterly Critical Patch Update https://www.oracle.com/security-alerts/cpujul2024.html Exchange Online Implementing Inbound SMTP DANE with DNSSEC https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-public-preview-of-inbound-smtp-dane-with-dnssec-for/ba-p/4155257 VPN Port Shadowing Vulnerability https://petsymposium.org/popets/2024/popets-2024-0070.pdf
ISC StormCast for Thursday, July 18th, 2024
Who You Gonna Call: Androx Gh0st Busters! https://isc.sans.edu/diary/Who%20You%20Gonna%20Call%3F%20AndroxGh0st%20Busters!%20%5BGuest%20Diary%5D/31086 Cisco Smart Software Manager Vulnerability CVE-2024-20419 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy Critical Security Flaw in Cisco Secure Email Gateway: CVE-2024-20401 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH Microsoft Introducing Checkpoint Updates https://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-windows-11-checkpoint-cumulative-updates/ba-p/4182552 GeoServer Patches https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv
ISC StormCast for Thursday, July 18th, 2024
Who You Gonna Call: Androx Gh0st Busters! https://isc.sans.edu/diary/Who%20You%20Gonna%20Call%3F%20AndroxGh0st%20Busters!%20%5BGuest%20Diary%5D/31086 Cisco Smart Software Manager Vulnerability CVE-2024-20419 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy Critical Security Flaw in Cisco Secure Email Gateway: CVE-2024-20401 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH Microsoft Introducing Checkpoint Updates https://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-windows-11-checkpoint-cumulative-updates/ba-p/4182552 GeoServer Patches https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv
ISC StormCast for Wednesday, July 17th, 2024
Reply Chain Phishing With a Twist https://isc.sans.edu/diary/%22Reply-chain%20phishing%22%20with%20a%20twist/31084 Claroty TP-Link and Synology IP Camera Exploits https://claroty.com/team82/research/pivoting-from-wan-to-lan-synology-bc500-ip-camera https://claroty.com/team82/research/pwn2own-wan-to-lan-exploit-showcase Cosmic Sting Hits Adobe Commerce Stores https://sansec.io/research/cosmicsting-hitting-major-stores
ISC StormCast for Wednesday, July 17th, 2024
Reply Chain Phishing With a Twist https://isc.sans.edu/diary/%22Reply-chain%20phishing%22%20with%20a%20twist/31084 Claroty TP-Link and Synology IP Camera Exploits https://claroty.com/team82/research/pivoting-from-wan-to-lan-synology-bc500-ip-camera https://claroty.com/team82/research/pwn2own-wan-to-lan-exploit-showcase Cosmic Sting Hits Adobe Commerce Stores https://sansec.io/research/cosmicsting-hitting-major-stores
ISC StormCast for Tuesday, July 16th, 2024
Protected OOXML Spreadsheets https://isc.sans.edu/diary/Protected%20OOXML%20Spreadsheets/31070 Leaked PyPi Secret Token Revealed in Binary https://jfrog.com/blog/leaked-pypi-secret-token-revealed-in-binary-preventing-suppy-chain-attack/ Microsoft 365 Defender Affected by June Update https://learn.microsoft.com/en-us/windows/release-health/status-windows-server-2022#network-data-reporting-from-microsoft-365-defender-may-be-interrupted
ISC StormCast for Tuesday, July 16th, 2024
Protected OOXML Spreadsheets https://isc.sans.edu/diary/Protected%20OOXML%20Spreadsheets/31070 Leaked PyPi Secret Token Revealed in Binary https://jfrog.com/blog/leaked-pypi-secret-token-revealed-in-binary-preventing-suppy-chain-attack/ Microsoft 365 Defender Affected by June Update https://learn.microsoft.com/en-us/windows/release-health/status-windows-server-2022#network-data-reporting-from-microsoft-365-defender-may-be-interrupted
ISC StormCast for Monday, July 15th, 2024
16-Bit Hash Collisions in XLS Spreadsheets https://isc.sans.edu/diary/16-bit%20Hash%20Collisions%20in%20.xls%20Spreadsheets/31066 Attacks against the "Nette" PHP framework CVE-2020-15227 https://isc.sans.edu/forums/diary/Attacks+against+the+Nette+PHP+framework+CVE202015227/31076/ Squarespace Hijacked Domains https://github.com/security-alliance/advisories/blob/main/2024-07-squarespace.pdf
ISC StormCast for Monday, July 15th, 2024
16-Bit Hash Collisions in XLS Spreadsheets https://isc.sans.edu/diary/16-bit%20Hash%20Collisions%20in%20.xls%20Spreadsheets/31066 Attacks against the "Nette" PHP framework CVE-2020-15227 https://isc.sans.edu/forums/diary/Attacks+against+the+Nette+PHP+framework+CVE202015227/31076/ Squarespace Hijacked Domains https://github.com/security-alliance/advisories/blob/main/2024-07-squarespace.pdf
ISC StormCast for Friday, July 12th, 2024
Understanding SSH Honeypot Logs: Attackers Fingerprinting Honeypots https://isc.sans.edu/diary/Understanding%20SSH%20Honeypot%20Logs%3A%20Attackers%20Fingerprinting%20Honeypots/31064 Patch or Peril: A Veeam Vulnerability Incident https://www.group-ib.com/blog/estate-ransomware/ Juniper Patches https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=%40sfcec_community_publish_date_formula__c%20descending&f:ctype=[Security%20Advisories] VMWare Aria Automation SQL Injection Vuln; https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598 Leaked SMS Messages https://www.ccc.de/de/updates/2024/2fa-sms
ISC StormCast for Friday, July 12th, 2024
Understanding SSH Honeypot Logs: Attackers Fingerprinting Honeypots https://isc.sans.edu/diary/Understanding%20SSH%20Honeypot%20Logs%3A%20Attackers%20Fingerprinting%20Honeypots/31064 Patch or Peril: A Veeam Vulnerability Incident https://www.group-ib.com/blog/estate-ransomware/ Juniper Patches https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=%40sfcec_community_publish_date_formula__c%20descending&f:ctype=[Security%20Advisories] VMWare Aria Automation SQL Injection Vuln; https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598 Leaked SMS Messages https://www.ccc.de/de/updates/2024/2fa-sms
ISC StormCast for Thursday, July 11th, 2024
Finding Honeypot Data Clusters Using DBSCAN Part 1 https://isc.sans.edu/diary/Finding%20Honeypot%20Data%20Clusters%20Using%20DBSCAN%3A%20Part%201/31050 Second RegreSSHion Like OpenSSH Vulnerability https://lwn.net/ml/all/20240708162106.GA4920@openwall.com/ Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks in Internet Shortcut File CVE-2024-38112 https://research.checkpoint.com/2024/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112/ SharePoint Proof of Concept Exploit CVE-2024-38094 CVE-2024-38024 CVE-2024-38023 https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC/blob/main/poc_filtered.py Citrix Netscaler, Agent and SDX Security Bulletin CVE-2024-6235 CVE-2024-6236 https://support.citrix.com/article/CTX677998/netscaler-console-agent-and-sdx-security-bulletin-for-cve20246235-and-cve20246236 OpenVPN Updates https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/
ISC StormCast for Thursday, July 11th, 2024
Finding Honeypot Data Clusters Using DBSCAN Part 1 https://isc.sans.edu/diary/Finding%20Honeypot%20Data%20Clusters%20Using%20DBSCAN%3A%20Part%201/31050 Second RegreSSHion Like OpenSSH Vulnerability https://lwn.net/ml/all/20240708162106.GA4920@openwall.com/ Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks in Internet Shortcut File CVE-2024-38112 https://research.checkpoint.com/2024/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112/ SharePoint Proof of Concept Exploit CVE-2024-38094 CVE-2024-38024 CVE-2024-38023 https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC/blob/main/poc_filtered.py Citrix Netscaler, Agent and SDX Security Bulletin CVE-2024-6235 CVE-2024-6236 https://support.citrix.com/article/CTX677998/netscaler-console-agent-and-sdx-security-bulletin-for-cve20246235-and-cve20246236 OpenVPN Updates https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/
ISC StormCast for Wednesday, July 10th, 2024
Microsoft Patch Tuesday July 2024 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20July%202024/31058 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html RADIUS protocol susceptible to forgery attacks https://kb.cert.org/vuls/id/456537 https://www.inkbridgenetworks.com/blastradius/faq