A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Wednesday, August 21st 2019
Guildma Malware is Now Using Facebook and YouTube as Update Channel https://isc.sans.edu/forums/diary/Guildma+malware+is+now+accessing+Facebook+andYouTube+to+keep+uptodate/25222/ Supply Chain Issues: rest-client ruby gem backdoored https://www.theregister.co.uk/2019/08/20/ruby_gem_hacked/
ISC StormCast for Tuesday, August 20th 2019
iOS 12.4 Jailbreak Released after Reindruced Vulnerability form 12.2 https://github.com/pwn20wndstuff/Undecimus/releases SHA2-Signed Updates for Windows Not Available with Symantec Endpoint Protection https://support.symantec.com/us/en/article.tech255857.html Attacking and Downgrading Bluetooth Key Negotiation https://knobattack.com
ISC StormCast for Tuesday, August 20th 2019
iOS 12.4 Jailbreak Released after Reindruced Vulnerability form 12.2 https://github.com/pwn20wndstuff/Undecimus/releases SHA2-Signed Updates for Windows Not Available with Symantec Endpoint Protection https://support.symantec.com/us/en/article.tech255857.html Attacking and Downgrading Bluetooth Key Negotiation https://knobattack.com
ISC StormCast for Monday, August 19th 2019
Large Number of VoIP System Vulnerabilities Released https://www.sit.fraunhofer.de/en/cve/ Confidential Company Documents Leaked in Public Sandboxes https://blog.cylab.co/2019/08/16/confidential-company-documents-exposed-in-public-sandboxes/ https://www.sit.fraunhofer.de/en/news-events/latest/press-releases/details/news-article/show/gefahr-uebers-telefon/ Trend Micro Password Manager DLL Hijacking https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx Firefox Password Manager May Leak Passwords https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/#CVE-2019-11733
ISC StormCast for Monday, August 19th 2019
Large Number of VoIP System Vulnerabilities Released https://www.sit.fraunhofer.de/en/cve/ Confidential Company Documents Leaked in Public Sandboxes https://blog.cylab.co/2019/08/16/confidential-company-documents-exposed-in-public-sandboxes/ https://www.sit.fraunhofer.de/en/news-events/latest/press-releases/details/news-article/show/gefahr-uebers-telefon/ Trend Micro Password Manager DLL Hijacking https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx Firefox Password Manager May Leak Passwords https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/#CVE-2019-11733
ISC StormCast for Friday, August 16th 2019
Analysis of a Spearphishing Maldoc https://isc.sans.edu/forums/diary/Analysis+of+a+Spearphishing+Maldoc/25242/ IoT Security Stagnation https://securityledger.com/2019/08/huge-survey-of-firmware-finds-no-security-gains-in-15-years/ Kaspersky Insecurity https://www.heise.de/ct/artikel/Kasper-Spy-Kaspersky-Anti-Virus-puts-users-at-risk-4496138.html
ISC StormCast for Friday, August 16th 2019
Analysis of a Spearphishing Maldoc https://isc.sans.edu/forums/diary/Analysis+of+a+Spearphishing+Maldoc/25242/ IoT Security Stagnation https://securityledger.com/2019/08/huge-survey-of-firmware-finds-no-security-gains-in-15-years/ Kaspersky Insecurity https://www.heise.de/ct/artikel/Kasper-Spy-Kaspersky-Anti-Virus-puts-users-at-risk-4496138.html
ISC StormCast for Thursday, August 15th 2019
MedusaHTTP Malware https://isc.sans.edu/forums/diary/Recent+example+of+MedusaHTTP+malware/25234/ Cryptominer uses DuckDNS for C&C https://www.varonis.com/blog/monero-cryptominer/ Intel NUC Vulnerabilities https://www.intel.com/content/www/us/en/security-center/default.html HTTP/2 Vulnerabilities https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
ISC StormCast for Thursday, August 15th 2019
MedusaHTTP Malware https://isc.sans.edu/forums/diary/Recent+example+of+MedusaHTTP+malware/25234/ Cryptominer uses DuckDNS for C&C https://www.varonis.com/blog/monero-cryptominer/ Intel NUC Vulnerabilities https://www.intel.com/content/www/us/en/security-center/default.html HTTP/2 Vulnerabilities https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
ISC StormCast for Wednesday, August 14th 2019
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/August+2019+Microsoft+Patch+Tuesday/25236/ Adobe Patches https://helpx.adobe.com/security.html Windows Text Services Vulnerabilities https://googleprojectzero.blogspot.com/2019/08/down-rabbit-hole.html#ftnt2
ISC StormCast for Wednesday, August 14th 2019
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/August+2019+Microsoft+Patch+Tuesday/25236/ Adobe Patches https://helpx.adobe.com/security.html Windows Text Services Vulnerabilities https://googleprojectzero.blogspot.com/2019/08/down-rabbit-hole.html#ftnt2
ISC StormCast for Tuesday, August 13th 2019
Malicious DAA Attachments https://isc.sans.edu/forums/diary/Malicious+DAA+Attachments/25230/ SQLLite Exploits https://research.checkpoint.com/select-code_execution-from-using-sqlite/ Printer Vulnerabilities https://www.defcon.org/html/defcon-27/dc-27-speakers.html#Romero https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/?research=Technical+advisories
ISC StormCast for Tuesday, August 13th 2019
Malicious DAA Attachments https://isc.sans.edu/forums/diary/Malicious+DAA+Attachments/25230/ SQLLite Exploits https://research.checkpoint.com/select-code_execution-from-using-sqlite/ Printer Vulnerabilities https://www.defcon.org/html/defcon-27/dc-27-speakers.html#Romero https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/?research=Technical+advisories
ISC StormCast for Monday, August 12th 2019
100% JavaScript Phishing Page https://isc.sans.edu/forums/diary/100+JavaScript+Phishing+Page/25220/ Vulnerabilities in DSLR Cameras https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ https://global.canon/en/support/security/d-camera.html Turning Tesla into Surveilance Platform https://github.com/tevora-threat/scout Basic Electron Framework Exploitation https://www.contextis.com/en/blog/basic-electron-framework-exploitation
ISC StormCast for Monday, August 12th 2019
100% JavaScript Phishing Page https://isc.sans.edu/forums/diary/100+JavaScript+Phishing+Page/25220/ Vulnerabilities in DSLR Cameras https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ https://global.canon/en/support/security/d-camera.html Turning Tesla into Surveilance Platform https://github.com/tevora-threat/scout Basic Electron Framework Exploitation https://www.contextis.com/en/blog/basic-electron-framework-exploitation