A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Tuesday, January 2nd 2018
Analyzing TNEF Files https://isc.sans.edu/forums/diary/Analyzing+TNEF+files/23175/ Obfuscated RTF Files https://isc.sans.edu/forums/diary/Dealing+with+obfuscated+RTF+files/23169/ 2017 Flood of CVEs https://isc.sans.edu/forums/diary/2017+The+Flood+of+CVEs/23173/ Sonos/Bose Smart Speaker Flaws https://documents.trendmicro.com/assets/pdf/The-Sound-of-a-Targeted-Attack.pdf Web Trackers Exploit Login Managers https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/ Backdoored Wordpress Plugins https://www.bleepingcomputer.com/news/security/three-more-wordpress-plugins-found-hiding-a-backdoor/
ISC StormCast for Friday, December 22nd 2017
Critical Flaw in SMBv1 Implementation of Dell EMC Data Domain DD OS http://seclists.org/fulldisclosure/2017/Dec/79 Facebook Enables Feature To Review All E-Mails Sent By Facebook https://www.facebook.com/notes/facebook-security/new-security-feature-reveals-if-facebook-mails-are-legit/10154983636230766/ EtherDelta DNS Attack https://twitter.com/etherdelta Enigmail Vulnerability https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
ISC StormCast for Friday, December 22nd 2017
Critical Flaw in SMBv1 Implementation of Dell EMC Data Domain DD OS http://seclists.org/fulldisclosure/2017/Dec/79 Facebook Enables Feature To Review All E-Mails Sent By Facebook https://www.facebook.com/notes/facebook-security/new-security-feature-reveals-if-facebook-mails-are-legit/10154983636230766/ EtherDelta DNS Attack https://twitter.com/etherdelta Enigmail Vulnerability https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
ISC StormCast for Thursday, December 21st 2017
Kernel Hooking Basics https://isc.sans.edu/forums/diary/Guest+Diary+Etay+Nir+Kernel+Hooking+Basics/23155/ Intel Memory Encryption https://software.intel.com/sites/default/files/managed/a5/16/Multi-Key-Total-Memory-Encryption-Spec.pdf https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=33e63acc119d15c2fac3e3775f32d1ce7a01021b WordPress Sites Infected with Monero Miners https://www.wordfence.com/blog/2017/12/aggressive-brute-force-wordpress-attack/
ISC StormCast for Thursday, December 21st 2017
Kernel Hooking Basics https://isc.sans.edu/forums/diary/Guest+Diary+Etay+Nir+Kernel+Hooking+Basics/23155/ Intel Memory Encryption https://software.intel.com/sites/default/files/managed/a5/16/Multi-Key-Total-Memory-Encryption-Spec.pdf https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=33e63acc119d15c2fac3e3775f32d1ce7a01021b WordPress Sites Infected with Monero Miners https://www.wordfence.com/blog/2017/12/aggressive-brute-force-wordpress-attack/
ISC StormCast for Wednesday, December 20th 2017
Example of "MouseOver" Link in a Powerpoint File https://isc.sans.edu/forums/diary/Example+of+MouseOver+Link+in+a+Powerpoint+File/23149/ Adups Malware Still Haunting Android Phones https://blog.malwarebytes.com/cybercrime/2017/12/mobile-menace-monday-upping-the-ante-on-adups-fwupgradeprovider/ Popular Wordpress Captcha Included Backdoor https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/ Comparing DNS Filters https://medium.com/@nykolas.z/dns-security-filters-compared-quad9-x-opendns-x-comodo-secure-x-norton-connectsafe-x-yandex-safe-a00ace3bf21f
ISC StormCast for Wednesday, December 20th 2017
Example of "MouseOver" Link in a Powerpoint File https://isc.sans.edu/forums/diary/Example+of+MouseOver+Link+in+a+Powerpoint+File/23149/ Adups Malware Still Haunting Android Phones https://blog.malwarebytes.com/cybercrime/2017/12/mobile-menace-monday-upping-the-ante-on-adups-fwupgradeprovider/ Popular Wordpress Captcha Included Backdoor https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/ Comparing DNS Filters https://medium.com/@nykolas.z/dns-security-filters-compared-quad9-x-opendns-x-comodo-secure-x-norton-connectsafe-x-yandex-safe-a00ace3bf21f
ISC StormCast for Tuesday, December 19th 2017
Not So Malicious Word Doc https://isc.sans.edu/forums/diary/Phish+or+scam+Part+1/23141/ https://isc.sans.edu/forums/diary/Phish+or+scam+Part+2/23145/ AMF Descerializer Vulnerability http://codewhitesec.blogspot.com/2017/04/amf.html?m=1 Windows "Keeper" Password Manager Vulnerable https://bugs.chromium.org/p/project-zero/issues/detail?id=1481&desc=3 Android Malware Destroys Device https://securelist.com/jack-of-all-trades/83470/
ISC StormCast for Tuesday, December 19th 2017
Not So Malicious Word Doc https://isc.sans.edu/forums/diary/Phish+or+scam+Part+1/23141/ https://isc.sans.edu/forums/diary/Phish+or+scam+Part+2/23145/ AMF Descerializer Vulnerability http://codewhitesec.blogspot.com/2017/04/amf.html?m=1 Windows "Keeper" Password Manager Vulnerable https://bugs.chromium.org/p/project-zero/issues/detail?id=1481&desc=3 Android Malware Destroys Device https://securelist.com/jack-of-all-trades/83470/
ISC StormCast for Monday, December 18th 2017
Microsoft Office VBA Macro Obfuscation via Metadata https://isc.sans.edu/forums/diary/Microsoft+Office+VBA+Macro+Obfuscation+via+Metadata/23139/ Large Scale BGP Attack https://bgpmon.net/popular-destinations-rerouted-to-russia/ HSTS and HPKP Weaknesses in Firefox, IE/Edge and Chrome http://blog.en.elevenpaths.com/2017/12/breaking-out-hsts-and-hpkp-on-firefox.html
ISC StormCast for Monday, December 18th 2017
Microsoft Office VBA Macro Obfuscation via Metadata https://isc.sans.edu/forums/diary/Microsoft+Office+VBA+Macro+Obfuscation+via+Metadata/23139/ Large Scale BGP Attack https://bgpmon.net/popular-destinations-rerouted-to-russia/ HSTS and HPKP Weaknesses in Firefox, IE/Edge and Chrome http://blog.en.elevenpaths.com/2017/12/breaking-out-hsts-and-hpkp-on-firefox.html
ISC StormCast for Friday, December 15th 2017
Citizen Lab Security Planner https://securityplanner.org/ Apple Update to iOS/tvOS/iCloud (Windows) https://support.apple.com/en-us/HT201222 Fortinet Client Credentials Shared Key https://www.sec-consult.com/en/blog/advisories/vpn-credentials-disclosure-in-fortinet-forticlient/index.html Fox-It Victim of a Man-in-the-Middle Attack https://blog.fox-it.com/2017/12/14/lessons-learned-from-a-man-in-the-middle-attack/
ISC StormCast for Friday, December 15th 2017
Citizen Lab Security Planner https://securityplanner.org/ Apple Update to iOS/tvOS/iCloud (Windows) https://support.apple.com/en-us/HT201222 Fortinet Client Credentials Shared Key https://www.sec-consult.com/en/blog/advisories/vpn-credentials-disclosure-in-fortinet-forticlient/index.html Fox-It Victim of a Man-in-the-Middle Attack https://blog.fox-it.com/2017/12/14/lessons-learned-from-a-man-in-the-middle-attack/
ISC StormCast for Thursday, December 14th 2017
Tracking Newly Registered Domains https://isc.sans.edu/forums/diary/Tracking+Newly+Registered+Domains/23127/ Critical Palo Alto Firewall Flaws Allow RCE as root http://seclists.org/fulldisclosure/2017/Dec/38 Hiding Changes from git-diff https://www.twistlock.com/2017/12/13/hiding-content-git-escape-sequence-twistlock-labs-experiment/ Apple Airport Update https://support.apple.com/en-us/HT208354
ISC StormCast for Thursday, December 14th 2017
Tracking Newly Registered Domains https://isc.sans.edu/forums/diary/Tracking+Newly+Registered+Domains/23127/ Critical Palo Alto Firewall Flaws Allow RCE as root http://seclists.org/fulldisclosure/2017/Dec/38 Hiding Changes from git-diff https://www.twistlock.com/2017/12/13/hiding-content-git-escape-sequence-twistlock-labs-experiment/ Apple Airport Update https://support.apple.com/en-us/HT208354