A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Monday, August 12th, 2024
CORS/SameOrigin Video https://isc.sans.edu/forums/diary/Video%3A%20Same%20Origin%2C%20CORS%2C%20DNS%20Rebinding%20and%20Localhost/31158/ Splitting the email atom: exploiting parsers to bypass access controls https://portswigger.net/research/splitting-the-email-atom#parser-discrepancies Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server! https://blog.orange.tw/2024/08/confusion-attacks-en.html GL-Inet Patches https://www.gl-inet.com/security-updates/security-advisories-vulnerabilities-and-cves-aug-1-2024/ Microsoft Office Spoofing Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200
ISC StormCast for Monday, August 12th, 2024
CORS/SameOrigin Video https://isc.sans.edu/forums/diary/Video%3A%20Same%20Origin%2C%20CORS%2C%20DNS%20Rebinding%20and%20Localhost/31158/ Splitting the email atom: exploiting parsers to bypass access controls https://portswigger.net/research/splitting-the-email-atom#parser-discrepancies Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server! https://blog.orange.tw/2024/08/confusion-attacks-en.html GL-Inet Patches https://www.gl-inet.com/security-updates/security-advisories-vulnerabilities-and-cves-aug-1-2024/ Microsoft Office Spoofing Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200
ISC StormCast for Friday, August 9th, 2024
Exploring Anti-Phishing Measures in Microsoft 365 https://certitude.consulting/blog/en/o365-anti-phishing-measures/ SSHamble Security Testing Tool https://www.runzero.com/blog/sshamble-unexpected-exposures-in-the-secure-shell/ macOS Sequoia Weekly Permission Prompts https://9to5mac.com/2024/08/06/macos-sequoia-screen-recording-privacy-prompt/ .internal domain https://www.icann.org/en/public-comment/proceeding/proposed-top-level-domain-string-for-private-use-24-01-2024
ISC StormCast for Friday, August 9th, 2024
Exploring Anti-Phishing Measures in Microsoft 365 https://certitude.consulting/blog/en/o365-anti-phishing-measures/ SSHamble Security Testing Tool https://www.runzero.com/blog/sshamble-unexpected-exposures-in-the-secure-shell/ macOS Sequoia Weekly Permission Prompts https://9to5mac.com/2024/08/06/macos-sequoia-screen-recording-privacy-prompt/ .internal domain https://www.icann.org/en/public-comment/proceeding/proposed-top-level-domain-string-for-private-use-24-01-2024
ISC StormCast for Thursday, August 8th, 2024
0.0.0.0 Day Exploiting Localhost APIs from the Browser https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser Apple Hardens Gatekeeper https://developer.apple.com/news/?id=saqachfa Downgrade Attacks Using Windows Updates https://www.safebreach.com/blog/downgrade-attacks-using-windows-updates/
ISC StormCast for Thursday, August 8th, 2024
0.0.0.0 Day Exploiting Localhost APIs from the Browser https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser Apple Hardens Gatekeeper https://developer.apple.com/news/?id=saqachfa Downgrade Attacks Using Windows Updates https://www.safebreach.com/blog/downgrade-attacks-using-windows-updates/
ISC StormCast for Wednesday, August 7th, 2024
A Survey of Scans For GeoServer Vulnerabilities https://isc.sans.edu/diary/A%20Survey%20of%20Scans%20for%20GeoServer%20Vulnerabilities/31148 Crowdstrike Root Cause Analysis https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/ Kibana Vulnerability https://discuss.elastic.co/t/kibana-8-14-2-7-17-23-security-update-esa-2024-22/364424 Android August 2024 Bulletin https://source.android.com/docs/security/bulletin/2024-08-01 Ubiquity Amplication Attack Vulnerability Update https://blog.checkpoint.com/research/over-20000-ubiquiti-cameras-and-routers-are-vulnerable-to-amplification-attacks-and-privacy-risks/
ISC StormCast for Wednesday, August 7th, 2024
A Survey of Scans For GeoServer Vulnerabilities https://isc.sans.edu/diary/A%20Survey%20of%20Scans%20for%20GeoServer%20Vulnerabilities/31148 Crowdstrike Root Cause Analysis https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/ Kibana Vulnerability https://discuss.elastic.co/t/kibana-8-14-2-7-17-23-security-update-esa-2024-22/364424 Android August 2024 Bulletin https://source.android.com/docs/security/bulletin/2024-08-01 Ubiquity Amplication Attack Vulnerability Update https://blog.checkpoint.com/research/over-20000-ubiquiti-cameras-and-routers-are-vulnerable-to-amplification-attacks-and-privacy-risks/
ISC StormCast for Tuesday, August 6th, 2024
Script Obfuscation Using Multiple Instances of the Same Function https://isc.sans.edu/diary/Script%20obfuscation%20using%20multiple%20instances%20of%20the%20same%20function/31144 Disclosure of key technical details of CrowdStrike's large-scale blue screen https://mp.weixin.qq.com/s/uD7mhzyRSX1dTW-TMg4UhQ New OFBiz Vulnerability https://issues.apache.org/jira/browse/OFBIZ-13128 https://www.youtube.com/watch?v=J_IxCBjd4Pw Roundcube XSS Vulnerabilities https://securityonline.info/roundcube-webmail-releases-security-updates-to-patch-multiple-vulnerabilities/
ISC StormCast for Tuesday, August 6th, 2024
Script Obfuscation Using Multiple Instances of the Same Function https://isc.sans.edu/diary/Script%20obfuscation%20using%20multiple%20instances%20of%20the%20same%20function/31144 Disclosure of key technical details of CrowdStrike's large-scale blue screen https://mp.weixin.qq.com/s/uD7mhzyRSX1dTW-TMg4UhQ New OFBiz Vulnerability https://issues.apache.org/jira/browse/OFBIZ-13128 https://www.youtube.com/watch?v=J_IxCBjd4Pw Roundcube XSS Vulnerabilities https://securityonline.info/roundcube-webmail-releases-security-updates-to-patch-multiple-vulnerabilities/
ISC StormCast for Monday, August 5th, 2024
Current Secure Boot Certifiate Authority Expires in 2026 https://isc.sans.edu/diary/Even+Linux+users+should+take+a+look+at+this+Microsoft+KB+article/31140 OOXML Spreadsheets Protected by Verifier Hashes https://isc.sans.edu/diary/OOXML%20Spreadsheets%20Protected%20By%20Verifier%20Hashes/31072 StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms https://www.volexity.com/blog/2024/08/02/stormbamboo-compromises-isp-to-abuse-insecure-software-update-mechanisms/ DARPA TRACTOR Program for Translating C to Rust https://www.darpa.mil/news-events/2024-07-31a
ISC StormCast for Monday, August 5th, 2024
Current Secure Boot Certifiate Authority Expires in 2026 https://isc.sans.edu/diary/Even+Linux+users+should+take+a+look+at+this+Microsoft+KB+article/31140 OOXML Spreadsheets Protected by Verifier Hashes https://isc.sans.edu/diary/OOXML%20Spreadsheets%20Protected%20By%20Verifier%20Hashes/31072 StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms https://www.volexity.com/blog/2024/08/02/stormbamboo-compromises-isp-to-abuse-insecure-software-update-mechanisms/ DARPA TRACTOR Program for Translating C to Rust https://www.darpa.mil/news-events/2024-07-31a
ISC StormCast for Friday, August 2nd, 2024
Tracking Proxy Scans with IPv4.Games https://isc.sans.edu/diary/Tracking%20Proxy%20Scans%20with%20IPv4.Games/31136 Threat Actor Impersonates Google via Fake Ad For Authenticator https://www.malwarebytes.com/blog/news/2024/07/threat-actor-impersonates-google-via-fake-ad-for-authenticator Who Knew? Domain Hijacking is so easy https://blogs.infoblox.com/threat-intelligence/who-knew-domain-hijacking-is-so-easy/
ISC StormCast for Friday, August 2nd, 2024
Tracking Proxy Scans with IPv4.Games https://isc.sans.edu/diary/Tracking%20Proxy%20Scans%20with%20IPv4.Games/31136 Threat Actor Impersonates Google via Fake Ad For Authenticator https://www.malwarebytes.com/blog/news/2024/07/threat-actor-impersonates-google-via-fake-ad-for-authenticator Who Knew? Domain Hijacking is so easy https://blogs.infoblox.com/threat-intelligence/who-knew-domain-hijacking-is-so-easy/
ISC StormCast for Thursday, August 1st, 2024
Increased Activity Against Apache OFBiz CVS-2024-32113 https://isc.sans.edu/diary/Increased%20Activity%20Against%20Apache%20OFBiz%20CVE-2024-32113/31132 Digicert Certificate Revocation Incident https://www.digicert.com/support/certificate-revocation-incident Microsoft Azure Outage https://azure.status.microsoft/en-us/status/history/ Improving Security of Chrome Cookies https://security.googleblog.com/2024/07/improving-security-of-chrome-cookies-on.html