SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
#news #technews #technology #news #dailynews

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Similar Podcasts

The Cynical Developer

The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career, through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.

CppCast

CppCast
Every two weeks, or so, we sit down with guests from the C++ community to discuss the latest news and what they have been up to. Find us at cppcast.com

Elixir Outlaws

Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.

ISC StormCast for Tuesday, April 16th, 2024

April 15, 2024 6:17 5.58 MB Downloads: 0

Quick Palo Alto Networks Global Protect Vulnerablity Update CVE-2024-3400 https://isc.sans.edu/diary/30838 Delinea patches critical vulnerability in secret manager https://trust.delinea.com/?tcuUid=17aaf4ef-ada9-46d5-bf97-abd3b07daae3 Lancom Windows Setup Assistant May Reset Password https://www.lancom-systems.com/service-support/general-security-information PHP Patches https://seclists.org/oss-sec/2024/q2/113 Duo SMS and VoiP Logs Leaked https://app.securitymsp.cisco.com/e/es?e=2785&eid=opguvrs&elq=bd1c1886a59e40c09915b029a74be94e Lastpass Stops Deepfake Attack https://blog.lastpass.com/posts/2024/04/attempted-audio-deepfake-call-targets-lastpass-employee

ISC StormCast for Tuesday, April 16th, 2024

April 15, 2024 6:17 5.58 MB Downloads: 0

Quick Palo Alto Networks Global Protect Vulnerablity Update CVE-2024-3400 https://isc.sans.edu/diary/30838 Delinea patches critical vulnerability in secret manager https://trust.delinea.com/?tcuUid=17aaf4ef-ada9-46d5-bf97-abd3b07daae3 Lancom Windows Setup Assistant May Reset Password https://www.lancom-systems.com/service-support/general-security-information PHP Patches https://seclists.org/oss-sec/2024/q2/113 Duo SMS and VoiP Logs Leaked https://app.securitymsp.cisco.com/e/es?e=2785&eid=opguvrs&elq=bd1c1886a59e40c09915b029a74be94e Lastpass Stops Deepfake Attack https://blog.lastpass.com/posts/2024/04/attempted-audio-deepfake-call-targets-lastpass-employee

ISC StormCast for Sunday, April 14th, 2024

April 13, 2024 5:41 5.07 MB Downloads: 0

Palo Alto Networks GlobalProtect 0-Day CVE-2024-3400 https://security.paloaltonetworks.com/CVE-2024-3400 https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/#RespondingToCompromise

ISC StormCast for Sunday, April 14th, 2024

April 13, 2024 5:41 5.07 MB Downloads: 0

Palo Alto Networks GlobalProtect 0-Day CVE-2024-3400 https://security.paloaltonetworks.com/CVE-2024-3400 https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/#RespondingToCompromise

ISC StormCast for Friday, April 12th, 2024

April 11, 2024 6:11 5.5 MB Downloads: 0

BatBadBut: You can't securely execute commands on Windows https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/ FortiClient Linux Remote Code Execution https://www.fortiguard.com/psirt/FG-IR-23-087 Apple Threat Notifications and Protecting Against Mercenary Spyware https://support.apple.com/en-us/102174 New Technique to Trick Developers Detected in an Open Source Supply Chain Attack https://checkmarx.com/blog/new-technique-to-trick-developers-detected-in-an-open-source-supply-chain-attack/

ISC StormCast for Friday, April 12th, 2024

April 11, 2024 6:11 5.5 MB Downloads: 0

BatBadBut: You can't securely execute commands on Windows https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/ FortiClient Linux Remote Code Execution https://www.fortiguard.com/psirt/FG-IR-23-087 Apple Threat Notifications and Protecting Against Mercenary Spyware https://support.apple.com/en-us/102174 New Technique to Trick Developers Detected in an Open Source Supply Chain Attack https://checkmarx.com/blog/new-technique-to-trick-developers-detected-in-an-open-source-supply-chain-attack/

ISC StormCast for Thursday, April 11th, 2024

April 10, 2024 5:59 5.32 MB Downloads: 0

Rust Command API code execution vulnerability CVE-2024-24576 https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html Adobe Updates: Magento Adobe Commerce CVE-2024-20759 CVE-2024-20758 https://helpx.adobe.com/security/products/magento/apsb24-18.html https://helpx.adobe.com/security.html Fortinet FortiOS And FortiProxy Vulnerability CVE-2023-41677 https://www.fortiguard.com/psirt/FG-IR-23-493 Smoke and Screen Mirrors Signed Backdoor CVE-2024-26234 https://news.sophos.com/en-us/2024/04/09/smoke-and-screen-mirrors-a-strange-signed-backdoor/

ISC StormCast for Thursday, April 11th, 2024

April 10, 2024 5:59 5.32 MB Downloads: 0

Rust Command API code execution vulnerability CVE-2024-24576 https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html Adobe Updates: Magento Adobe Commerce CVE-2024-20759 CVE-2024-20758 https://helpx.adobe.com/security/products/magento/apsb24-18.html https://helpx.adobe.com/security.html Fortinet FortiOS And FortiProxy Vulnerability CVE-2023-41677 https://www.fortiguard.com/psirt/FG-IR-23-493 Smoke and Screen Mirrors Signed Backdoor CVE-2024-26234 https://news.sophos.com/en-us/2024/04/09/smoke-and-screen-mirrors-a-strange-signed-backdoor/

ISC StormCast for Wednesday, April 10th, 2024

April 09, 2024 6:31 5.77 MB Downloads: 0

Microsoft Patches https://isc.sans.edu/forums/diary/April%202024%20Microsoft%20Patch%20Tuesday%20Summary/30822/ D-Link NAS Backdoor https://github.com/netsecfish/dlink LG SmartTV Vulnerabilities https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/

ISC StormCast for Wednesday, April 10th, 2024

April 09, 2024 6:31 5.77 MB Downloads: 0

Microsoft Patches https://isc.sans.edu/forums/diary/April%202024%20Microsoft%20Patch%20Tuesday%20Summary/30822/ D-Link NAS Backdoor https://github.com/netsecfish/dlink LG SmartTV Vulnerabilities https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/

ISC StormCast for Tuesday, April 9th, 2024

April 08, 2024 5:59 5.33 MB Downloads: 0

A Use Case for Adding Threat Hunting to Your Security Operations Team. https://isc.sans.edu/diary/30816 Notepad++ Parasite Site https://notepad-plus-plus.org/news/help-to-take-down-parasite-site/ Hugging Face Pickle File Vulnerablities https://huggingface.co/blog/hugging-face-wiz-security-blog Google Considers V8 Sandbox no longer experimental https://v8.dev/blog/sandbox

ISC StormCast for Tuesday, April 9th, 2024

April 08, 2024 5:59 5.33 MB Downloads: 0

A Use Case for Adding Threat Hunting to Your Security Operations Team. https://isc.sans.edu/diary/30816 Notepad++ Parasite Site https://notepad-plus-plus.org/news/help-to-take-down-parasite-site/ Hugging Face Pickle File Vulnerablities https://huggingface.co/blog/hugging-face-wiz-security-blog Google Considers V8 Sandbox no longer experimental https://v8.dev/blog/sandbox

ISC StormCast for Monday, April 8th, 2024

April 07, 2024 5:29 4.91 MB Downloads: 0

Heartbleed 10th Anniversary https://heartbleed.com/ Possible Libarchive Backdoor Vulnerability https://github.com/libarchive/libarchive/pull/1609 Magento XML Backdoor https://sansec.io/research/magento-xml-backdoor Google Public DNS's approach to fight against cache poisoning attacks https://security.googleblog.com/2024/03/google-public-dnss-approach-to-fight.html Remote code execution (RCE)vulnerability in Brocade Fabric OS (CVE-2023-3454) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23215 SANS London April Evening Talk https://sans.zoom.us/webinar/register/WN_ZLLnQKCCQCywLGm-CM4xQg#/registration

ISC StormCast for Monday, April 8th, 2024

April 07, 2024 5:29 4.91 MB Downloads: 0

Heartbleed 10th Anniversary https://heartbleed.com/ Possible Libarchive Backdoor Vulnerability https://github.com/libarchive/libarchive/pull/1609 Magento XML Backdoor https://sansec.io/research/magento-xml-backdoor Google Public DNS's approach to fight against cache poisoning attacks https://security.googleblog.com/2024/03/google-public-dnss-approach-to-fight.html Remote code execution (RCE)vulnerability in Brocade Fabric OS (CVE-2023-3454) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23215 SANS London April Evening Talk https://sans.zoom.us/webinar/register/WN_ZLLnQKCCQCywLGm-CM4xQg#/registration

ISC StormCast for Friday, April 5th, 2024

April 04, 2024 15:11 13.06 MB Downloads: 0

Slicing up DoNex with Binary Ninja https://isc.sans.edu/diary/Slicing%20up%20DoNex%20with%20Binary%20Ninja/30812 HTTP/2 Continuation Flood https://nowotarski.info/http2-continuation-flood-technical-details/ Dangers of CSS in HTML Email https://lutrasecurity.com/en/articles/kobold-letters/ Dan Mazzella: Infostealers in Automotive Headunits https://www.sans.edu/cyber-research/exploring-infostealer-malware-techniques-automotive-head-units/