A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Thursday, November 9th 2017
Mantistek Gaming Keyboard Cloud Driver Exfiltrates Keystroke Data https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html Logitech Will Discontinue Harmony Link Device and Brick it via Firmware Update in March 2018 https://www.theverge.com/circuitbreaker/2017/11/8/16623076/logitech-harmony-link-discontinued-bricked Amazon Is Introducing Additional Security Features for S3 https://aws.amazon.com/blogs/aws/new-amazon-s3-encryption-security-features/
ISC StormCast for Wednesday, November 8th 2017
Interesting RTF Maldoc VBA Dropper https://isc.sans.edu/forums/diary/Interesting+VBA+Dropper/23016/ Multiple Linux USB Flaws Made Public http://www.openwall.com/lists/oss-security/2017/11/06/8 Google Android November Patches https://source.android.com/security/bulletin/2017-11-01#media-framework Ethereum Multi Signature Wallet Bug Cause Loss of $280 Million https://paritytech.io/blog/security-alert.html https://github.com/paritytech/parity/issues/6995
ISC StormCast for Wednesday, November 8th 2017
Interesting RTF Maldoc VBA Dropper https://isc.sans.edu/forums/diary/Interesting+VBA+Dropper/23016/ Multiple Linux USB Flaws Made Public http://www.openwall.com/lists/oss-security/2017/11/06/8 Google Android November Patches https://source.android.com/security/bulletin/2017-11-01#media-framework Ethereum Multi Signature Wallet Bug Cause Loss of $280 Million https://paritytech.io/blog/security-alert.html https://github.com/paritytech/parity/issues/6995
ISC StormCast for Tuesday, November 7th 2017
Fake WhatsApp App in Google Play Store https://www.reddit.com/r/Android/comments/7ahujw/psa_two_different_developers_under_the_same_name/ Crunchyroll.com Redirect Leads to Malware https://blog.ellation.com/crunchyroll-com-update-a2a593cf9155 https://bartblaze.blogspot.com.au/2017/11/crunchyroll-hack-delivers-malware.html Recovering Previously Encrypted iOS Backups https://www.gillware.com/forensics/blog/digital-forensics-case-study/new-solution-encrypted-backups/
ISC StormCast for Tuesday, November 7th 2017
Fake WhatsApp App in Google Play Store https://www.reddit.com/r/Android/comments/7ahujw/psa_two_different_developers_under_the_same_name/ Crunchyroll.com Redirect Leads to Malware https://blog.ellation.com/crunchyroll-com-update-a2a593cf9155 https://bartblaze.blogspot.com.au/2017/11/crunchyroll-hack-delivers-malware.html Recovering Previously Encrypted iOS Backups https://www.gillware.com/forensics/blog/digital-forensics-case-study/new-solution-encrypted-backups/
ISC StormCast for Monday, November 6th 2017
PDF Parser for URLs and Text Content of PDFs https://isc.sans.edu/forums/diary/Extracting+the+text+from+PDF+documents/23008/ https://isc.sans.edu/forums/diary/PDF+documents+URLs/23006/ Mobile Pwn2Own Contest 2017 https://www.zerodayinitiative.com/blog OpenSSL Patch https://www.openssl.org/news/secadv/20171102.txt IEEE P1735 Standard Leads to Weak Crypto https://eprint.iacr.org/2017/828.pdf
ISC StormCast for Monday, November 6th 2017
PDF Parser for URLs and Text Content of PDFs https://isc.sans.edu/forums/diary/Extracting+the+text+from+PDF+documents/23008/ https://isc.sans.edu/forums/diary/PDF+documents+URLs/23006/ Mobile Pwn2Own Contest 2017 https://www.zerodayinitiative.com/blog OpenSSL Patch https://www.openssl.org/news/secadv/20171102.txt IEEE P1735 Standard Leads to Weak Crypto https://eprint.iacr.org/2017/828.pdf
ISC StormCast for Friday, November 3rd 2017
Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI http://www.umiacs.umd.edu/~tdumitra/papers/CCS-2017.pdf Half of Most Popular Free iOS Apps do not use TLS correctly http://www.zeit.de/digital/datenschutz/2017-10/iphone-ios-apps-hacker-verschluesselung/komplettansicht#comments Image Downloader Chrome Extension Includes Adware https://www.bleepingcomputer.com/news/security/psa-beware-the-image-downloader-chrome-adware-extension/ Employees Pay Up Ransomware https://www.bleepingcomputer.com/news/security/59-percent-of-employees-hit-by-ransomware-at-work-paid-ransom-out-of-their-own-pockets/
ISC StormCast for Friday, November 3rd 2017
Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI http://www.umiacs.umd.edu/~tdumitra/papers/CCS-2017.pdf Half of Most Popular Free iOS Apps do not use TLS correctly http://www.zeit.de/digital/datenschutz/2017-10/iphone-ios-apps-hacker-verschluesselung/komplettansicht#comments Image Downloader Chrome Extension Includes Adware https://www.bleepingcomputer.com/news/security/psa-beware-the-image-downloader-chrome-adware-extension/ Employees Pay Up Ransomware https://www.bleepingcomputer.com/news/security/59-percent-of-employees-hit-by-ransomware-at-work-paid-ransom-out-of-their-own-pockets/
ISC StormCast for Thursday, November 2nd 2017
Configuring SSH Properly on Cisco IOS https://isc.sans.edu/forums/diary/Securing+SSH+Services+Go+Blue+Team/22992/ Ethereum Miners Hijacked via Default SSH Credentials https://labs.bitdefender.com/2017/11/ethereum-os-miners-targeted-by-ssh-based-hijacker/ Crypto Shuffler Steals Bitcoin From Clipboard https://www.kaspersky.com/blog/cryptoshuffler-bitcoin-stealer/19976/ Google Calender Event Injection Added To Mail Snipper https://www.blackhillsinfosec.com/google-calendar-event-injection-mailsniper/ November Ouch! Newsletter released: Shopping Security Online https://securingthehuman.sans.org/resources/newsletters/ouch/2017?utm_medium=Social&utm_source=Twitter&utm_content=OUCH+Nov+2017+all+languages+&utm_campaign=STH+Ouch+#november2017
ISC StormCast for Thursday, November 2nd 2017
Configuring SSH Properly on Cisco IOS https://isc.sans.edu/forums/diary/Securing+SSH+Services+Go+Blue+Team/22992/ Ethereum Miners Hijacked via Default SSH Credentials https://labs.bitdefender.com/2017/11/ethereum-os-miners-targeted-by-ssh-based-hijacker/ Crypto Shuffler Steals Bitcoin From Clipboard https://www.kaspersky.com/blog/cryptoshuffler-bitcoin-stealer/19976/ Google Calender Event Injection Added To Mail Snipper https://www.blackhillsinfosec.com/google-calendar-event-injection-mailsniper/ November Ouch! Newsletter released: Shopping Security Online https://securingthehuman.sans.org/resources/newsletters/ouch/2017?utm_medium=Social&utm_source=Twitter&utm_content=OUCH+Nov+2017+all+languages+&utm_campaign=STH+Ouch+#november2017
ISC StormCast for Wednesday, November 1st 2017
Malicious Powershell Code https://isc.sans.edu/forums/diary/Some+Powershell+Malicious+Code/22988/ Apple Updates Everything https://support.apple.com/en-gb/HT201222 Internet Draft To Update IoT Devices https://tools.ietf.org/html/draft-moran-suit-architecture-00
ISC StormCast for Wednesday, November 1st 2017
Malicious Powershell Code https://isc.sans.edu/forums/diary/Some+Powershell+Malicious+Code/22988/ Apple Updates Everything https://support.apple.com/en-gb/HT201222 Internet Draft To Update IoT Devices https://tools.ietf.org/html/draft-moran-suit-architecture-00
ISC StormCast for Tuesday, October 31st 2017
Google Chrome Moving Away from HTTPS Public Key Pinning (HPKP) https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/he9tr7p3rZ8/eNMwKPmUBAAJ Effort To Remove Trust From Dutch CA Over New Intercept Law https://bugzilla.mozilla.org/show_bug.cgi?id=1408647 Crypto Coin Mining Feature Found in Google App Store Downloads http://blog.trendmicro.com/trendlabs-security-intelligence/coin-miner-mobile-malware-returns-hits-google-play/
ISC StormCast for Tuesday, October 31st 2017
Google Chrome Moving Away from HTTPS Public Key Pinning (HPKP) https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/he9tr7p3rZ8/eNMwKPmUBAAJ Effort To Remove Trust From Dutch CA Over New Intercept Law https://bugzilla.mozilla.org/show_bug.cgi?id=1408647 Crypto Coin Mining Feature Found in Google App Store Downloads http://blog.trendmicro.com/trendlabs-security-intelligence/coin-miner-mobile-malware-returns-hits-google-play/