SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
#news #technews #technology #news #dailynews

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Similar Podcasts

Elixir Outlaws

Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.

The Cynical Developer

The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career, through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.

ThunderCast

ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.

ISC StormCast for Tuesday, July 16th 2019

July 15, 2019 6:30 5.47 MB Downloads: 0

isodump.py and malicious ISO files https://isc.sans.edu/forums/diary/isodumppy+and+Malicious+ISO+Files/25134/ Atlassian Crowd Vulnerability Details https://www.corben.io/atlassian-crowd-rce/ Scrapy Vulnerabilities https://medium.com/alertot/web-scraping-considered-dangerous-leaking-files-from-the-spiders-host-bd508f81d498 iOS URL Scheme Susceptible to Hijacking https://blog.trendmicro.com/trendlabs-security-intelligence/ios-url-scheme-susceptible-to-hijacking/

ISC StormCast for Tuesday, July 16th 2019

July 15, 2019 6:30 5.47 MB Downloads: 0

isodump.py and malicious ISO files https://isc.sans.edu/forums/diary/isodumppy+and+Malicious+ISO+Files/25134/ Atlassian Crowd Vulnerability Details https://www.corben.io/atlassian-crowd-rce/ Scrapy Vulnerabilities https://medium.com/alertot/web-scraping-considered-dangerous-leaking-files-from-the-spiders-host-bd508f81d498 iOS URL Scheme Susceptible to Hijacking https://blog.trendmicro.com/trendlabs-security-intelligence/ios-url-scheme-susceptible-to-hijacking/

ISC StormCast for Monday, July 15th 2019

July 14, 2019 6:06 5.14 MB Downloads: 0

Magecart Targets S3 Buckets https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/ Atlassian Jira Vulnerability https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html Microsoft to Detect Phishing in Forms https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=52927 Tracking Anonymized Bluetooth Devices https://petsymposium.org/2019/files/papers/issue3/popets-2019-0036.pdf

ISC StormCast for Monday, July 15th 2019

July 14, 2019 6:06 5.14 MB Downloads: 0

Magecart Targets S3 Buckets https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/ Atlassian Jira Vulnerability https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html Microsoft to Detect Phishing in Forms https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=52927 Tracking Anonymized Bluetooth Devices https://petsymposium.org/2019/files/papers/issue3/popets-2019-0036.pdf

ISC StormCast for Friday, July 12th 2019

July 11, 2019 13:23 11.26 MB Downloads: 0

Analysis of a Recent AZORult Sample https://isc.sans.edu/forums/diary/Recent+AZORult+activity/25120/ Apple Delete Zoom Web Server https://www.macrumors.com/2019/07/10/apple-update-remove-zoom-server/ Apple Disables Walkie Talkie App https://techcrunch.com/2019/07/10/apple-disables-walkie-talkie-app-due-to-vulnerability-that-could-allow-iphone-eavesdropping/ Windows PXE Devices May Fail to Boot After Recent Update https://support.microsoft.com/en-in/help/4512816/devices-that-start-up-using-preboot-execution-environment-pxe-images-f Sean Goodwin: Attackers Inside the WAlls: Detecting Malicious Activity https://www.sans.org/reading-room/whitepapers/detection/paper/39055

ISC StormCast for Friday, July 12th 2019

July 11, 2019 13:23 11.26 MB Downloads: 0

Analysis of a Recent AZORult Sample https://isc.sans.edu/forums/diary/Recent+AZORult+activity/25120/ Apple Delete Zoom Web Server https://www.macrumors.com/2019/07/10/apple-update-remove-zoom-server/ Apple Disables Walkie Talkie App https://techcrunch.com/2019/07/10/apple-disables-walkie-talkie-app-due-to-vulnerability-that-could-allow-iphone-eavesdropping/ Windows PXE Devices May Fail to Boot After Recent Update https://support.microsoft.com/en-in/help/4512816/devices-that-start-up-using-preboot-execution-environment-pxe-images-f Sean Goodwin: Attackers Inside the WAlls: Detecting Malicious Activity https://www.sans.org/reading-room/whitepapers/detection/paper/39055

ISC StormCast for Thursday, July 11th 2019

July 10, 2019 5:03 4.26 MB Downloads: 0

Samba Project Disabling SMBv1 By Default https://isc.sans.edu/forums/diary/Samba+Project+tells+us+Whats+New+SMBv1+Disabled+by+Default+finally/25116/ GnuPG Will No Longer Import Signatures From Keyservers https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html eChOraix Ransomware https://www.anomali.com/blog/the-ech0raix-ransomware

ISC StormCast for Thursday, July 11th 2019

July 10, 2019 5:03 4.26 MB Downloads: 0

Samba Project Disabling SMBv1 By Default https://isc.sans.edu/forums/diary/Samba+Project+tells+us+Whats+New+SMBv1+Disabled+by+Default+finally/25116/ GnuPG Will No Longer Import Signatures From Keyservers https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html eChOraix Ransomware https://www.anomali.com/blog/the-ech0raix-ransomware

ISC StormCast for Wednesday, July 10th 2019

July 09, 2019 6:26 5.41 MB Downloads: 0

MSFT Patch Tuesday https://isc.sans.edu/forums/diary/MSFT+July+2019+Patch+Tuesday/25110/ Adobe Updates https://helpx.adobe.com/security.html Zoom Vulnerability https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5

ISC StormCast for Wednesday, July 10th 2019

July 09, 2019 6:26 5.41 MB Downloads: 0

MSFT Patch Tuesday https://isc.sans.edu/forums/diary/MSFT+July+2019+Patch+Tuesday/25110/ Adobe Updates https://helpx.adobe.com/security.html Zoom Vulnerability https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5

ISC StormCast for Tuesday, July 9th 2019

July 08, 2019 5:27 4.59 MB Downloads: 0

Canonical Github Hack https://news.ycombinator.com/item?id=20373009 New Wave of Magecart Attacks https://gist.github.com/gwillem/5d936f5a84837d5c1dcb488ce256294a Facebook's Libra Crpto Currency Already Impersonated https://www.digitalshadows.com/blog-and-research/facebooks-libra-cryptocurrency-cybercriminals-tipping-the-scales-in-their-favor/

ISC StormCast for Tuesday, July 9th 2019

July 08, 2019 5:27 4.59 MB Downloads: 0

Canonical Github Hack https://news.ycombinator.com/item?id=20373009 New Wave of Magecart Attacks https://gist.github.com/gwillem/5d936f5a84837d5c1dcb488ce256294a Facebook's Libra Crpto Currency Already Impersonated https://www.digitalshadows.com/blog-and-research/facebooks-libra-cryptocurrency-cybercriminals-tipping-the-scales-in-their-favor/

ISC StormCast for Monday, July 8th 2019

July 07, 2019 5:40 4.77 MB Downloads: 0

Does "Godlua" Use DNS over HTTPS or Not? https://www.golem.de/news/verschluesseltes-dns-falschmeldung-in-propagandaschlacht-um-dns-ueber-https-1907-142358.html https://blog.netlab.360.com/an-analysis-of-godlua-backdoor-en/ Exploit for Cisco Authentication Bypass and RCE https://raw.githubusercontent.com/pedrib/PoC/master/advisories/cisco-dcnm-rce.txt Magento RCE Exploit https://blog.ripstech.com/2019/magento-rce-via-xss/ Malicous XSL Files https://isc.sans.edu/forums/diary/Malicious+XSL+Files/25098/

ISC StormCast for Monday, July 8th 2019

July 07, 2019 5:40 4.77 MB Downloads: 0

Does "Godlua" Use DNS over HTTPS or Not? https://www.golem.de/news/verschluesseltes-dns-falschmeldung-in-propagandaschlacht-um-dns-ueber-https-1907-142358.html https://blog.netlab.360.com/an-analysis-of-godlua-backdoor-en/ Exploit for Cisco Authentication Bypass and RCE https://raw.githubusercontent.com/pedrib/PoC/master/advisories/cisco-dcnm-rce.txt Magento RCE Exploit https://blog.ripstech.com/2019/magento-rce-via-xss/ Malicous XSL Files https://isc.sans.edu/forums/diary/Malicious+XSL+Files/25098/

ISC StormCast for Wednesday, July 3rd 2019

July 02, 2019 6:09 5.18 MB Downloads: 0

Zipato SmartHub Vulnerabilities https://blackmarble.sh/zipato-smart-hub/ Blocking DNS over HTTPS https://github.com/bambenek/block-doh Cloudflare Outage https://www.cloudflarestatus.com/incidents/tx4pgxs6zxdr Android Update https://source.android.com/security/bulletin/2019-07-01 Powershell Kill Switch Commands https://isc.sans.edu/forums/diary/Using+Powershell+in+Basic+Incident+Response+A+Domain+Wide+KillSwitch/25088/