A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Thursday, June 20th 2019
Critical Patch For WebLogic https://isc.sans.edu/forums/diary/Critical+Actively+Exploited+WebLogic+Flaw+Patched+CVE20192729/25050/ Exim Exploits Against Other Mail Servers https://isc.sans.edu/forums/diary/Quick+Detect+Exim+Return+of+the+Wizard+Attack/25052/ SANS Fire Presentations (to be published soon) https://isc.sans.edu/presentations
ISC StormCast for Thursday, June 20th 2019
Critical Patch For WebLogic https://isc.sans.edu/forums/diary/Critical+Actively+Exploited+WebLogic+Flaw+Patched+CVE20192729/25050/ Exim Exploits Against Other Mail Servers https://isc.sans.edu/forums/diary/Quick+Detect+Exim+Return+of+the+Wizard+Attack/25052/ SANS Fire Presentations (to be published soon) https://isc.sans.edu/presentations
ISC StormCast for Wednesday, June 19th 2019
Critical Firefox Update https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707 Bitdefender Releases GandCrap Decryptor https://labs.bitdefender.com/2019/06/good-riddance-gandcrab-were-still-fixing-the-mess-you-left-behind/ Google Launches New Deceptive Site Protections in Chrome https://blog.chromium.org/2019/06/new-chrome-protections-from-deception.html
ISC StormCast for Wednesday, June 19th 2019
Critical Firefox Update https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707 Bitdefender Releases GandCrap Decryptor https://labs.bitdefender.com/2019/06/good-riddance-gandcrab-were-still-fixing-the-mess-you-left-behind/ Google Launches New Deceptive Site Protections in Chrome https://blog.chromium.org/2019/06/new-chrome-protections-from-deception.html
ISC StormCast for Tuesday, June 18th 2019
TCP SACK Panic DoS in Linux https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md https://tools.ietf.org/html/rfc879 Logitech Pointer Recall https://www.heise.de/security/meldung/Angreifbare-Logitech-Presenter-Hersteller-tauscht-gefaehrliche-USB-Empfaenger-aus-4423627.html An Infection from the Rig Exploit Kit https://isc.sans.edu/forums/diary/An+infection+from+Rig+exploit+kit/25040/
ISC StormCast for Tuesday, June 18th 2019
TCP SACK Panic DoS in Linux https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md https://tools.ietf.org/html/rfc879 Logitech Pointer Recall https://www.heise.de/security/meldung/Angreifbare-Logitech-Presenter-Hersteller-tauscht-gefaehrliche-USB-Empfaenger-aus-4423627.html An Infection from the Rig Exploit Kit https://isc.sans.edu/forums/diary/An+infection+from+Rig+exploit+kit/25040/
ISC StormCast for Monday, June 17th 2019
Whats App Phishing https://www.heise.de/newsticker/meldung/Phishing-Mails-gaukeln-Ende-von-WhatsApp-Abonnement-vor-4447165.html Encrypted EMail Phishing https://www.bleepingcomputer.com/news/security/phishing-scam-asks-you-to-login-to-read-encrypted-message/ Android Apps Link to Fake Sites https://news.drweb.com/show/?i=13313&lng=en&c=5 Precomputed Hash Tables https://a.ndronic.us/pre-computed-hash-table-v-1-0/
ISC StormCast for Monday, June 17th 2019
Whats App Phishing https://www.heise.de/newsticker/meldung/Phishing-Mails-gaukeln-Ende-von-WhatsApp-Abonnement-vor-4447165.html Encrypted EMail Phishing https://www.bleepingcomputer.com/news/security/phishing-scam-asks-you-to-login-to-read-encrypted-message/ Android Apps Link to Fake Sites https://news.drweb.com/show/?i=13313&lng=en&c=5 Precomputed Hash Tables https://a.ndronic.us/pre-computed-hash-table-v-1-0/
ISC StormCast for Friday, June 14th 2019
Exim Flaw Exploited https://www.cybereason.com/blog/new-pervasive-worm-exploiting-linux-exim-server-vulnerability Yubico Recalling FIPS Certified Yubikeys https://www.yubico.com/support/security-advisories/ysa-2019-02/ Vulnerable Infusion Pumps https://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletins/alaris-gateway-workstation-unauthorized-firmware Telegram DDoS Attack https://twitter.com/telegram/status/1138768124914929664 Ghidra Tips for IDA Users: Function Call Graphs https://isc.sans.edu/forums/diary/A+few+Ghidra+tips+for+IDA+users+part+4+function+call+graphs/25032/ Joel Chapman: Security Consideration for Voice over Wifi (VoWifi) Systems https://www.sans.org/reading-room/whitepapers/telephone/paper/38945
ISC StormCast for Friday, June 14th 2019
Exim Flaw Exploited https://www.cybereason.com/blog/new-pervasive-worm-exploiting-linux-exim-server-vulnerability Yubico Recalling FIPS Certified Yubikeys https://www.yubico.com/support/security-advisories/ysa-2019-02/ Vulnerable Infusion Pumps https://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletins/alaris-gateway-workstation-unauthorized-firmware Telegram DDoS Attack https://twitter.com/telegram/status/1138768124914929664 Ghidra Tips for IDA Users: Function Call Graphs https://isc.sans.edu/forums/diary/A+few+Ghidra+tips+for+IDA+users+part+4+function+call+graphs/25032/ Joel Chapman: Security Consideration for Voice over Wifi (VoWifi) Systems https://www.sans.org/reading-room/whitepapers/telephone/paper/38945
ISC StormCast for Thursday, June 13th 2019
Sandbox Escaper Publishes Additional CVE-2019-0841 Bypass http://archive.is/3toQY http://sandboxescaper.blogspot.com/p/disclosures_8.html Bypassing NTLM Message Signing (CVE-2019-1040) https://blog.preempt.com/drop-the-mic Details About macOS Keysteal Vulnerability https://www.pinauten.de/resources/KeySteal_OBTS_2019.pdf
ISC StormCast for Thursday, June 13th 2019
Sandbox Escaper Publishes Additional CVE-2019-0841 Bypass http://archive.is/3toQY http://sandboxescaper.blogspot.com/p/disclosures_8.html Bypassing NTLM Message Signing (CVE-2019-1040) https://blog.preempt.com/drop-the-mic Details About macOS Keysteal Vulnerability https://www.pinauten.de/resources/KeySteal_OBTS_2019.pdf
ISC StormCast for Wednesday, June 12th 2019
Microsoft Patches https://isc.sans.edu/forums/diary/MSFT+June+2019+Patch+Tuesday/25024/ Adobe Patches https://helpx.adobe.com/security.html SAP Security Notes https://www.onapsis.com/blog/sap-patch-notes-june-2019 Intel Updates https://www.us-cert.gov/ncas/current-activity/2019/06/11/Intel-Releases-Security-Updates-Mitigations-Multiple-Products Microsoft Certificate DoS https://bugs.chromium.org/p/project-zero/issues/detail?id=1804 GPS Receiver Woes https://www.flightglobal.com/news/articles/collins-gps-outage-grounds-regional-flights-458819/ RAMBleed Attack https://www.documentcloud.org/documents/6150180-RamBleed-attack-CVE-2019-0174.html
ISC StormCast for Wednesday, June 12th 2019
Microsoft Patches https://isc.sans.edu/forums/diary/MSFT+June+2019+Patch+Tuesday/25024/ Adobe Patches https://helpx.adobe.com/security.html SAP Security Notes https://www.onapsis.com/blog/sap-patch-notes-june-2019 Intel Updates https://www.us-cert.gov/ncas/current-activity/2019/06/11/Intel-Releases-Security-Updates-Mitigations-Multiple-Products Microsoft Certificate DoS https://bugs.chromium.org/p/project-zero/issues/detail?id=1804 GPS Receiver Woes https://www.flightglobal.com/news/articles/collins-gps-outage-grounds-regional-flights-458819/ RAMBleed Attack https://www.documentcloud.org/documents/6150180-RamBleed-attack-CVE-2019-0174.html
ISC StormCast for Tuesday, June 11th 2019
Interesting JavaScript Obfuscation Example https://isc.sans.edu/forums/diary/Interesting+JavaScript+Obfuscation+Example/25020/ Spam Taking Advantage of DNS over HTTPS https://myonlinesecurity.co.uk/it-looks-like-another-dns-compromise-hack-happening/ European Mobile Operator Traffic Leaked to China https://arstechnica.com/information-technology/2019/06/bgp-mishap-sends-european-mobile-traffic-through-china-telecom-for-2-hours/?comments=1 VLC Update Patches Various Security Flaws http://www.jbkempf.com/blog/post/2019/VLC-3.0.7-and-security