A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Thursday, May 23rd 2019
An Update on the Microsoft Windows RDP BlueKeep Vulnerablity https://isc.sans.edu/forums/diary/An+Update+on+the+Microsoft+Windows+RDP+Bluekeep+Vulnerability+CVE20190708+now+with+pcaps/24960/ New Zero Day Exploits by SandboxEscaper https://github.com/SandboxEscaper/polarbearrepo Signed Exploit Code https://medium.com/@chroniclesec/abusing-code-signing-for-profit-ef80a37b50f4
ISC StormCast for Thursday, May 23rd 2019
An Update on the Microsoft Windows RDP BlueKeep Vulnerablity https://isc.sans.edu/forums/diary/An+Update+on+the+Microsoft+Windows+RDP+Bluekeep+Vulnerability+CVE20190708+now+with+pcaps/24960/ New Zero Day Exploits by SandboxEscaper https://github.com/SandboxEscaper/polarbearrepo Signed Exploit Code https://medium.com/@chroniclesec/abusing-code-signing-for-profit-ef80a37b50f4
ISC StormCast for Wednesday, May 22nd 2019
Setting Up Shodan Monitoring https://isc.sans.edu/forums/diary/Using+Shodan+Monitoring/24956/ Fingerprinting Smartphones With Gyroscope Data https://sensorid.cl.cam.ac.uk/ 20% of Linux Docker Containers Without Password https://www.kennasecurity.com/20-of-the-1000-most-popular-docker-containers-have-no-root-password/ RDP #bluekeep Signature For Snort/Suricata https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt
ISC StormCast for Wednesday, May 22nd 2019
Setting Up Shodan Monitoring https://isc.sans.edu/forums/diary/Using+Shodan+Monitoring/24956/ Fingerprinting Smartphones With Gyroscope Data https://sensorid.cl.cam.ac.uk/ 20% of Linux Docker Containers Without Password https://www.kennasecurity.com/20-of-the-1000-most-popular-docker-containers-have-no-root-password/ RDP #bluekeep Signature For Snort/Suricata https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt
ISC StormCast for Tuesday, May 21st 2019
MSFT RDP Vulnerability (#BlueKeep) Update https://twitter.com/search?q=%23bluekeep Sharepoint Exploited https://isc.sans.edu/forums/diary/CVE20190604+Attack/24952/ Risks of JWT https://snikt.net/blog/2019/05/16/jwt-signature-vs-mac-attacks/ MuddyWater Campaign Evolves https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html
ISC StormCast for Tuesday, May 21st 2019
MSFT RDP Vulnerability (#BlueKeep) Update https://twitter.com/search?q=%23bluekeep Sharepoint Exploited https://isc.sans.edu/forums/diary/CVE20190604+Attack/24952/ Risks of JWT https://snikt.net/blog/2019/05/16/jwt-signature-vs-mac-attacks/ MuddyWater Campaign Evolves https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html
ISC StormCast for Monday, May 20th 2019
Google Analyzes Vendor Response to 0-Day Exploits https://googleprojectzero.blogspot.com/p/0day.html ASUS WebStorage Abused For Malware Distribution https://www.welivesecurity.com/2019/05/14/plead-malware-mitm-asus-webstorage/ Vulnerabilities in Apple Air Drop https://www.usenix.org/system/files/sec19fall_stute_prepub.pdf
ISC StormCast for Monday, May 20th 2019
Google Analyzes Vendor Response to 0-Day Exploits https://googleprojectzero.blogspot.com/p/0day.html ASUS WebStorage Abused For Malware Distribution https://www.welivesecurity.com/2019/05/14/plead-malware-mitm-asus-webstorage/ Vulnerabilities in Apple Air Drop https://www.usenix.org/system/files/sec19fall_stute_prepub.pdf
ISC StormCast for Friday, May 17th 2019
The Risk of Authenticated Vulnerability Scans https://isc.sans.edu/forums/diary/The+Risk+of+Authenticated+Vulnerability+Scans/24942/ ARIN Revokes about 735,000 IP Addresses https://www.arin.net/vault/about_us/media/releases/20190513.html More Cisco Patches (Prime Infrastructure, EPN Manager) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-pi-rce Instrument Landing Systems Spoofing https://aanjhan.com/assets/ils_usenix2019.pdf
ISC StormCast for Friday, May 17th 2019
The Risk of Authenticated Vulnerability Scans https://isc.sans.edu/forums/diary/The+Risk+of+Authenticated+Vulnerability+Scans/24942/ ARIN Revokes about 735,000 IP Addresses https://www.arin.net/vault/about_us/media/releases/20190513.html More Cisco Patches (Prime Infrastructure, EPN Manager) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-pi-rce Instrument Landing Systems Spoofing https://aanjhan.com/assets/ils_usenix2019.pdf
ISC StormCast for Thursday, May 16th 2019
Forbes Website Infected by Magecart https://twitter.com/bad_packets/status/1128517905765683201 Malware Randomizes TLS Ciphers https://blogs.akamai.com/sitr/2019/05/bots-tampering-with-tls-to-avoid-detection.html Google Recalls Titan Security Keys https://security.googleblog.com/2019/05/titan-keys-update.html SAMBA Update https://www.samba.org/samba/security/CVE-2018-16860.html SAP Patches https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032
ISC StormCast for Thursday, May 16th 2019
Forbes Website Infected by Magecart https://twitter.com/bad_packets/status/1128517905765683201 Malware Randomizes TLS Ciphers https://blogs.akamai.com/sitr/2019/05/bots-tampering-with-tls-to-avoid-detection.html Google Recalls Titan Security Keys https://security.googleblog.com/2019/05/titan-keys-update.html SAMBA Update https://www.samba.org/samba/security/CVE-2018-16860.html SAP Patches https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032
ISC StormCast for Wednesday, May 15th 2019
New Intel CPU Vulnerabilities https://cpu.fail/ Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+May+2019+Patch+Tuesday/24934/ Apple Updates https://support.apple.com/en-us/HT201222 Broken Trustseal https://twitter.com/gwillem/status/1127890329175244800 https://twitter.com/bestoftheweb/status/1128036593208524800
ISC StormCast for Wednesday, May 15th 2019
New Intel CPU Vulnerabilities https://cpu.fail/ Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+May+2019+Patch+Tuesday/24934/ Apple Updates https://support.apple.com/en-us/HT201222 Broken Trustseal https://twitter.com/gwillem/status/1127890329175244800 https://twitter.com/bestoftheweb/status/1128036593208524800
ISC StormCast for Tuesday, May 14th 2019
Linux Remote Code Execution When Closing TCP Sockets https://github.com/torvalds/linux/commit/cb66ddd156203daefb8d71158036b27b0e2caf63 WhatsApp Buffer Overflow Exploited to Install Spyware https://www.facebook.com/security/advisories/cve-2019-3568 Cisco Vulnerabilities Lead to Trust Anchor Module Exploit https://thrangrycat.com/ Linksys Unauthenticated Information Leak https://badpackets.net/over-25000-linksys-smart-wi-fi-routers-vulnerable-to-sensitive-information-disclosure-flaw/