A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Thursday, May 30th 2019
Behavioural Malware Analysis With Microsoft Attack Surface Analyzer https://isc.sans.edu/forums/diary/Behavioural+Malware+Analysis+with+Microsoft+ASA/24980/ Docker Symlink Race Attack https://seclists.org/oss-sec/2019/q2/131 Nanshu Campaign Using Signed Rootkit https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
ISC StormCast for Thursday, May 30th 2019
Behavioural Malware Analysis With Microsoft Attack Surface Analyzer https://isc.sans.edu/forums/diary/Behavioural+Malware+Analysis+with+Microsoft+ASA/24980/ Docker Symlink Race Attack https://seclists.org/oss-sec/2019/q2/131 Nanshu Campaign Using Signed Rootkit https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
ISC StormCast for Wednesday, May 29th 2019
Office Document And Base64 Encoded PowerShell Script https://isc.sans.edu/forums/diary/Office+Document+BASE64+PowerShell/24976/ https://0xdf.gitlab.io/2019/05/21/malware-analysis-unnamed-emotet-doc.html Enumeration of BlueKeep Vulnerable Hosts https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html DHCP Client Vulnerablity Analysis https://sensepost.com/blog/2019/analysis-of-a-1day-cve-2019-0547-and-discovery-of-a-forgotten-condition-in-the-patch-cve-2019-0726-part-1-of-2/ Office File Deleting Phishing Emails https://www.bleepingcomputer.com/news/security/phishing-emails-pretend-to-be-office-365-file-deletion-alerts/
ISC StormCast for Wednesday, May 29th 2019
Office Document And Base64 Encoded PowerShell Script https://isc.sans.edu/forums/diary/Office+Document+BASE64+PowerShell/24976/ https://0xdf.gitlab.io/2019/05/21/malware-analysis-unnamed-emotet-doc.html Enumeration of BlueKeep Vulnerable Hosts https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html DHCP Client Vulnerablity Analysis https://sensepost.com/blog/2019/analysis-of-a-1day-cve-2019-0547-and-discovery-of-a-forgotten-condition-in-the-patch-cve-2019-0726-part-1-of-2/ Office File Deleting Phishing Emails https://www.bleepingcomputer.com/news/security/phishing-emails-pretend-to-be-office-365-file-deletion-alerts/
ISC StormCast for Tuesday, May 28th 2019
MacOS GateKeeper Bypass https://www.fcvl.net/vulnerabilities/macosx-gatekeeper-bypass Fortinet FortiOS SSL VPN Vulnerabilities https://fortiguard.com/psirt Customizing NMAP Service Detection https://isc.sans.edu/forums/diary/Video+nmap+Service+Detection+Customization/24970/
ISC StormCast for Tuesday, May 28th 2019
MacOS GateKeeper Bypass https://www.fcvl.net/vulnerabilities/macosx-gatekeeper-bypass Fortinet FortiOS SSL VPN Vulnerabilities https://fortiguard.com/psirt Customizing NMAP Service Detection https://isc.sans.edu/forums/diary/Video+nmap+Service+Detection+Customization/24970/
ISC StormCast for Friday, May 24th 2019
Dangers of Custom URL Schemes https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/ Update on Phyiscal Skimmer Market https://www.advanced-intel.com/blog/skimming-threat-landscape-technology-advances-lower-barriers-of-entry-for-novice-skimming-operators Apple Supplemental Update For masOS 10.14.5 https://support.apple.com/kb/DL2005?locale=en_US Microsoft Releases Advanced Threat Protection for MacOS https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Defender-ATP-for-Mac-now-in-open-public-preview/ba-p/634603
ISC StormCast for Friday, May 24th 2019
Dangers of Custom URL Schemes https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/ Update on Phyiscal Skimmer Market https://www.advanced-intel.com/blog/skimming-threat-landscape-technology-advances-lower-barriers-of-entry-for-novice-skimming-operators Apple Supplemental Update For masOS 10.14.5 https://support.apple.com/kb/DL2005?locale=en_US Microsoft Releases Advanced Threat Protection for MacOS https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Defender-ATP-for-Mac-now-in-open-public-preview/ba-p/634603
ISC StormCast for Thursday, May 23rd 2019
An Update on the Microsoft Windows RDP BlueKeep Vulnerablity https://isc.sans.edu/forums/diary/An+Update+on+the+Microsoft+Windows+RDP+Bluekeep+Vulnerability+CVE20190708+now+with+pcaps/24960/ New Zero Day Exploits by SandboxEscaper https://github.com/SandboxEscaper/polarbearrepo Signed Exploit Code https://medium.com/@chroniclesec/abusing-code-signing-for-profit-ef80a37b50f4
ISC StormCast for Thursday, May 23rd 2019
An Update on the Microsoft Windows RDP BlueKeep Vulnerablity https://isc.sans.edu/forums/diary/An+Update+on+the+Microsoft+Windows+RDP+Bluekeep+Vulnerability+CVE20190708+now+with+pcaps/24960/ New Zero Day Exploits by SandboxEscaper https://github.com/SandboxEscaper/polarbearrepo Signed Exploit Code https://medium.com/@chroniclesec/abusing-code-signing-for-profit-ef80a37b50f4
ISC StormCast for Wednesday, May 22nd 2019
Setting Up Shodan Monitoring https://isc.sans.edu/forums/diary/Using+Shodan+Monitoring/24956/ Fingerprinting Smartphones With Gyroscope Data https://sensorid.cl.cam.ac.uk/ 20% of Linux Docker Containers Without Password https://www.kennasecurity.com/20-of-the-1000-most-popular-docker-containers-have-no-root-password/ RDP #bluekeep Signature For Snort/Suricata https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt
ISC StormCast for Wednesday, May 22nd 2019
Setting Up Shodan Monitoring https://isc.sans.edu/forums/diary/Using+Shodan+Monitoring/24956/ Fingerprinting Smartphones With Gyroscope Data https://sensorid.cl.cam.ac.uk/ 20% of Linux Docker Containers Without Password https://www.kennasecurity.com/20-of-the-1000-most-popular-docker-containers-have-no-root-password/ RDP #bluekeep Signature For Snort/Suricata https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt
ISC StormCast for Tuesday, May 21st 2019
MSFT RDP Vulnerability (#BlueKeep) Update https://twitter.com/search?q=%23bluekeep Sharepoint Exploited https://isc.sans.edu/forums/diary/CVE20190604+Attack/24952/ Risks of JWT https://snikt.net/blog/2019/05/16/jwt-signature-vs-mac-attacks/ MuddyWater Campaign Evolves https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html
ISC StormCast for Tuesday, May 21st 2019
MSFT RDP Vulnerability (#BlueKeep) Update https://twitter.com/search?q=%23bluekeep Sharepoint Exploited https://isc.sans.edu/forums/diary/CVE20190604+Attack/24952/ Risks of JWT https://snikt.net/blog/2019/05/16/jwt-signature-vs-mac-attacks/ MuddyWater Campaign Evolves https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html
ISC StormCast for Monday, May 20th 2019
Google Analyzes Vendor Response to 0-Day Exploits https://googleprojectzero.blogspot.com/p/0day.html ASUS WebStorage Abused For Malware Distribution https://www.welivesecurity.com/2019/05/14/plead-malware-mitm-asus-webstorage/ Vulnerabilities in Apple Air Drop https://www.usenix.org/system/files/sec19fall_stute_prepub.pdf