A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Tuesday, August 7th 2018
Numeric Obfuscation https://isc.sans.edu/forums/diary/Numeric+obfuscation+another+example/23960/ Crestron Touchscreen Vulnerability https://blog.securitycompass.com/security-advisory-regarding-crestron-tsw-xx60-touch-panel-devices-9f1a71a926a5 Facebook Releases "Fizz" TLS 1.3 Library https://github.com/facebookincubator/fizz
ISC StormCast for Monday, August 6th 2018
New WPA Attack https://hashcat.net/forum/thread-7717.html Fake Techsupport Uses More Intelligent Call Routing https://www.symantec.com/blogs/threat-intelligence/tech-support-scam-call-optimization HP Printer Updates https://support.hp.com/us-en/document/c06097712
ISC StormCast for Monday, August 6th 2018
New WPA Attack https://hashcat.net/forum/thread-7717.html Fake Techsupport Uses More Intelligent Call Routing https://www.symantec.com/blogs/threat-intelligence/tech-support-scam-call-optimization HP Printer Updates https://support.hp.com/us-en/document/c06097712
ISC StormCast for Friday, August 3rd 2018
Malware in Animated GIF Files https://isc.sans.edu/forums/diary/DHLthemed+malspam+reveals+embedded+malware+in+animated+gif/23944/ MikroTik Miner Botnet https://www.trustwave.com/Resources/SpiderLabs-Blog/Mass-MikroTik-Router-Infection-%E2%80%93-First-we-cryptojack-Brazil,-then-we-take-the-World-/ Microsoft Edge Vulnerability https://www.netsparker.com/blog/web-security/stealing-local-files-with-simple-html-file/
ISC StormCast for Friday, August 3rd 2018
Malware in Animated GIF Files https://isc.sans.edu/forums/diary/DHLthemed+malspam+reveals+embedded+malware+in+animated+gif/23944/ MikroTik Miner Botnet https://www.trustwave.com/Resources/SpiderLabs-Blog/Mass-MikroTik-Router-Infection-%E2%80%93-First-we-cryptojack-Brazil,-then-we-take-the-World-/ Microsoft Edge Vulnerability https://www.netsparker.com/blog/web-security/stealing-local-files-with-simple-html-file/
ISC StormCast for Thursday, August 2nd 2018
Facebook Smishing Attack https://isc.sans.edu/forums/diary/Facebook+Phishing+via+SMS/23940/ Port 52869 UPNP Attacks https://isc.sans.edu/forums/diary/When+Cameras+and+Routers+attack+Phones+Spike+in+CVE20148361+Exploits+Against+Port+52869/23942/ Microsoft Improves Account Security for Midterm Elections https://www.bleepingcomputer.com/news/microsoft/microsoft-accountguard-service-offers-protection-for-political-and-election-orgs/ Google Improves "Government Sponsored Attacks" Alert for GSuite https://9to5google.com/2018/08/01/g-suite-admins-government-based-attackers/
ISC StormCast for Thursday, August 2nd 2018
Facebook Smishing Attack https://isc.sans.edu/forums/diary/Facebook+Phishing+via+SMS/23940/ Port 52869 UPNP Attacks https://isc.sans.edu/forums/diary/When+Cameras+and+Routers+attack+Phones+Spike+in+CVE20148361+Exploits+Against+Port+52869/23942/ Microsoft Improves Account Security for Midterm Elections https://www.bleepingcomputer.com/news/microsoft/microsoft-accountguard-service-offers-protection-for-political-and-election-orgs/ Google Improves "Government Sponsored Attacks" Alert for GSuite https://9to5google.com/2018/08/01/g-suite-admins-government-based-attackers/
ISC StormCast for Wednesday, August 1st 2018
Powershell Inside Certificates https://blog.nviso.be/2018/07/31/powershell-inside-a-certificate-part-1/ TEMPEST is Back http://youtu.be/BpNP9b3aIfY?a Big Star Labs Spyware https://adguard.com/en/blog/big-star-labs-spyware/
ISC StormCast for Wednesday, August 1st 2018
Powershell Inside Certificates https://blog.nviso.be/2018/07/31/powershell-inside-a-certificate-part-1/ TEMPEST is Back http://youtu.be/BpNP9b3aIfY?a Big Star Labs Spyware https://adguard.com/en/blog/big-star-labs-spyware/
ISC StormCast for Tuesday, July 31st 2018
DOSFuscation Campaign https://isc.sans.edu/forums/diary/Malicious+Word+documents+using+DOSfuscation/23932/ Let's Encrypt Outage https://letsencrypt.status.io Malvertising Campaign Insides https://research.checkpoint.com/malvertising-campaign-based-secrets-lies/
ISC StormCast for Tuesday, July 31st 2018
DOSFuscation Campaign https://isc.sans.edu/forums/diary/Malicious+Word+documents+using+DOSfuscation/23932/ Let's Encrypt Outage https://letsencrypt.status.io Malvertising Campaign Insides https://research.checkpoint.com/malvertising-campaign-based-secrets-lies/
ISC StormCast for Monday, July 30th 2018
Summary of Earchings in Recent Sextortion Attack https://isc.sans.edu/forums/diary/Sextortion+Follow+the+Money/23922/ Adware Distributed with Legitimate Applications https://www.bleepingcomputer.com/news/security/fake-websites-for-keepass-7zip-audacity-others-found-pushing-adware/ https://twitter.com/JusticeRage PDF Editor Supply Chain Exploit https://cloudblogs.microsoft.com/microsoftsecure/2018/07/26/attack-inception-compromised-supply-chain-within-a-supply-chain-poses-new-risks/
ISC StormCast for Monday, July 30th 2018
Summary of Earchings in Recent Sextortion Attack https://isc.sans.edu/forums/diary/Sextortion+Follow+the+Money/23922/ Adware Distributed with Legitimate Applications https://www.bleepingcomputer.com/news/security/fake-websites-for-keepass-7zip-audacity-others-found-pushing-adware/ https://twitter.com/JusticeRage PDF Editor Supply Chain Exploit https://cloudblogs.microsoft.com/microsoftsecure/2018/07/26/attack-inception-compromised-supply-chain-within-a-supply-chain-poses-new-risks/
ISC StormCast for Friday, July 27th 2018
NetSpectre: Read Arbitrary Memory over the Network https://misc0110.net/web/files/netspectre.pdf Google Play Store Bans Crypto Miners https://play.google.com/about/developer-content-policy-print/ Japanese Calendar Issues https://blogs.msdn.microsoft.com/shawnste/2018/04/12/the-japanese-calendars-y2k-moment/ Multiple Vulnerabilities in Samsung SmartThings Hub https://blog.talosintelligence.com/2018/07/samsung-smartthings-vulns.html?m=1 Times Change and Your Training Data Should Too: The Effect of Training Data Recency on Twitter Classifiers. Ryan O'Grady https://www.sans.org/reading-room/whitepapers/artificialintelligence/times-change-training-data-too-effect-training-data-recency-twitter-classifiers-38500
ISC StormCast for Friday, July 27th 2018
NetSpectre: Read Arbitrary Memory over the Network https://misc0110.net/web/files/netspectre.pdf Google Play Store Bans Crypto Miners https://play.google.com/about/developer-content-policy-print/ Japanese Calendar Issues https://blogs.msdn.microsoft.com/shawnste/2018/04/12/the-japanese-calendars-y2k-moment/ Multiple Vulnerabilities in Samsung SmartThings Hub https://blog.talosintelligence.com/2018/07/samsung-smartthings-vulns.html?m=1 Times Change and Your Training Data Should Too: The Effect of Training Data Recency on Twitter Classifiers. Ryan O'Grady https://www.sans.org/reading-room/whitepapers/artificialintelligence/times-change-training-data-too-effect-training-data-recency-twitter-classifiers-38500