A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Friday, June 9th 2017
Cisco Prime Data Center Network Manager Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm1 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm2 Oracle Peoplesoft Default Accounts https://erpscan.com/press-center/blog/peoplesoft-default-accounts/ FOSCAM Camera Default Passwords and Other Vulnerabilities http://images.news.f-secure.com/Web/FSecure/%7B43df9e0d-20a8-404a-86d0-70dcca00b6e5%7D_vulnerabilities-in-foscam-IP-cameras_report.pdf Android Malware With Code Injections https://securelist.com/78648/dvmap-the-first-android-malware-with-code-injection/ STI Student John Dittmer: Legal Implication of Vulnerablity Scans https://www.sans.org/reading-room/whitepapers/legal/minimizing-legal-risk-cybersecurity-scanning-tools-37522
ISC StormCast for Thursday, June 8th 2017
Deceptive Advertisements: What They Do And Where They Come From https://isc.sans.edu/forums/diary/Deceptive+Advertisements+What+they+do+and+where+they+come+from/22494/ Instagram as Covert Channel https://www.welivesecurity.com/2017/06/06/turlas-watering-hole-campaign-updated-firefox-extension-abusing-instagram/ Domain Shadowing Used in Rik Exploit Kit https://blogs.rsa.com/shadowfall/
ISC StormCast for Thursday, June 8th 2017
Deceptive Advertisements: What They Do And Where They Come From https://isc.sans.edu/forums/diary/Deceptive+Advertisements+What+they+do+and+where+they+come+from/22494/ Instagram as Covert Channel https://www.welivesecurity.com/2017/06/06/turlas-watering-hole-campaign-updated-firefox-extension-abusing-instagram/ Domain Shadowing Used in Rik Exploit Kit https://blogs.rsa.com/shadowfall/
ISC StormCast for Wednesday, June 7th 2017
Finding XOR Keys Part 2 https://isc.sans.edu/forums/diary/Malware+and+XOR+Part+2/22490/ Instagram Stories Not Using TLS https://vvyper.com/2017/05/22/instagram-stories-ssl/ Printer "Dots" May Have Lead to Arrest of NSA Contractor http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html#.WTc9SMbMyRt Exfiltrating Data via Blinking LED https://arxiv.org/abs/1706.01140
ISC StormCast for Wednesday, June 7th 2017
Finding XOR Keys Part 2 https://isc.sans.edu/forums/diary/Malware+and+XOR+Part+2/22490/ Instagram Stories Not Using TLS https://vvyper.com/2017/05/22/instagram-stories-ssl/ Printer "Dots" May Have Lead to Arrest of NSA Contractor http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html#.WTc9SMbMyRt Exfiltrating Data via Blinking LED https://arxiv.org/abs/1706.01140
ISC StormCast for Tuesday, June 6th 2017
Finding XOR Keys Used To Encode Malware https://isc.sans.edu/forums/diary/Malware+and+XOR+Part+1/22486/ Citywide IMSI Discovery https://seaglass.cs.washington.edu Hijacking Country Level Domains https://thehackerblog.com/the-journey-to-hijacking-a-countrys-tld-the-hidden-risks-of-domain-extensions/index.html
ISC StormCast for Tuesday, June 6th 2017
Finding XOR Keys Used To Encode Malware https://isc.sans.edu/forums/diary/Malware+and+XOR+Part+1/22486/ Citywide IMSI Discovery https://seaglass.cs.washington.edu Hijacking Country Level Domains https://thehackerblog.com/the-journey-to-hijacking-a-countrys-tld-the-hidden-risks-of-domain-extensions/index.html
ISC StormCast for Monday, June 5th 2017
Phishing Campaigns for Bitcoin https://isc.sans.edu/forums/diary/Phishing+Campaigns+Follow+Trends/22482/ Mouseover May Trigger Powerpoint Macro https://www.dodgethissecurity.com/2017/06/02/new-powerpoint-mouseover-based-downloader-analysis-results/ Vault 7 "Pandemic" Tool https://wikileaks.org/vault7/document/Pandemic-1_1-S-NF/Pandemic-1_1-S-NF.pdf Mozilla Considering Move Away From OCSP https://bugzilla.mozilla.org/show_bug.cgi?id=1366100 Defending Web Application Security Minneapolis https://www.sans.org/event/minneapolis-2017 Intrusion Detection in Depth Columbia MD https://www.sans.org/event/columbia-2017/course/intrusion-detection-in-depth
ISC StormCast for Monday, June 5th 2017
Phishing Campaigns for Bitcoin https://isc.sans.edu/forums/diary/Phishing+Campaigns+Follow+Trends/22482/ Mouseover May Trigger Powerpoint Macro https://www.dodgethissecurity.com/2017/06/02/new-powerpoint-mouseover-based-downloader-analysis-results/ Vault 7 "Pandemic" Tool https://wikileaks.org/vault7/document/Pandemic-1_1-S-NF/Pandemic-1_1-S-NF.pdf Mozilla Considering Move Away From OCSP https://bugzilla.mozilla.org/show_bug.cgi?id=1366100 Defending Web Application Security Minneapolis https://www.sans.org/event/minneapolis-2017 Intrusion Detection in Depth Columbia MD https://www.sans.org/event/columbia-2017/course/intrusion-detection-in-depth
ISC StormCast for Friday, June 2nd 2017
Sharing Private Data With Webcast Invitations https://isc.sans.edu/forums/diary/Sharing+Private+Data+with+Webcast+Invitations/22478/ onelogin breach https://www.onelogin.com/blog/may-31-2017-security-incident Google AMP Phishing https://citizenlab.org/2017/05/tainted-leaks-disinformation-phish/ STI Student Paper: Kevin Kelly Tesla Crypt https://www.sans.org/reading-room/whitepapers/bestprac/indicators-compromise-teslacrypt-malware-37622
ISC StormCast for Friday, June 2nd 2017
Sharing Private Data With Webcast Invitations https://isc.sans.edu/forums/diary/Sharing+Private+Data+with+Webcast+Invitations/22478/ onelogin breach https://www.onelogin.com/blog/may-31-2017-security-incident Google AMP Phishing https://citizenlab.org/2017/05/tainted-leaks-disinformation-phish/ STI Student Paper: Kevin Kelly Tesla Crypt https://www.sans.org/reading-room/whitepapers/bestprac/indicators-compromise-teslacrypt-malware-37622
ISC StormCast for Thursday, June 1st 2017
Analysis of Competing Hypotheses, WCry and Lazarus https://isc.sans.edu/forums/diary/Analysis+of+Competing+Hypotheses+WCry+and+Lazarus+ACH+part+2/22470/ Windows XP Not Stable Enough for WannaCry https://blog.kryptoslogic.com/malware/2017/05/29/two-weeks-later.html Mexican Biker Gang Uses Jeep Database to Steal Car https://regmedia.co.uk/2017/05/31/indictment5_30.pdf Dangers of Public WAS Snapshots https://www.nvteh.com/news/problems-with-public-ebs-snapshots
ISC StormCast for Thursday, June 1st 2017
Analysis of Competing Hypotheses, WCry and Lazarus https://isc.sans.edu/forums/diary/Analysis+of+Competing+Hypotheses+WCry+and+Lazarus+ACH+part+2/22470/ Windows XP Not Stable Enough for WannaCry https://blog.kryptoslogic.com/malware/2017/05/29/two-weeks-later.html Mexican Biker Gang Uses Jeep Database to Steal Car https://regmedia.co.uk/2017/05/31/indictment5_30.pdf Dangers of Public WAS Snapshots https://www.nvteh.com/news/problems-with-public-ebs-snapshots
ISC StormCast for Wednesday, May 31st 2017
FreeRADIUS Vulnerability https://isc.sans.edu/forums/diary/FreeRadius+Authentication+Bypass/22466/ Microsoft Malware Protection Engine Update http://seclists.org/microsoft/2017/q2/8 Chrome UI Bug May Allow Unnoticed Recording https://medium.com/@barzik/the-new-html5-video-audio-api-has-privacy-issues-on-desktop-chrome-5832c99c7659 AWS Auditing Tools https://summitroute.com/blog/2017/05/30/free_tools_for_auditing_the_security_of_an_aws_account/ SANS Social Denver June 14th https://pages.sans.org/denversocial
ISC StormCast for Wednesday, May 31st 2017
FreeRADIUS Vulnerability https://isc.sans.edu/forums/diary/FreeRadius+Authentication+Bypass/22466/ Microsoft Malware Protection Engine Update http://seclists.org/microsoft/2017/q2/8 Chrome UI Bug May Allow Unnoticed Recording https://medium.com/@barzik/the-new-html5-video-audio-api-has-privacy-issues-on-desktop-chrome-5832c99c7659 AWS Auditing Tools https://summitroute.com/blog/2017/05/30/free_tools_for_auditing_the_security_of_an_aws_account/ SANS Social Denver June 14th https://pages.sans.org/denversocial