A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Tuesday, September 13th 2016
If it's Free, YOU are the Product https://isc.sans.edu/forums/diary/If+its+Free+YOU+are+the+Product/21469/ Weak MySQL Configurations Can Lead To Privilege Escalation http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html Full Disk Encryption Ransomware https://www.linkedin.com/pulse/mamba-new-full-disk-encryption-ransomware-family-member-marinho?trk=prof-post
ISC StormCast for Tuesday, September 13th 2016
If it's Free, YOU are the Product https://isc.sans.edu/forums/diary/If+its+Free+YOU+are+the+Product/21469/ Weak MySQL Configurations Can Lead To Privilege Escalation http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html Full Disk Encryption Ransomware https://www.linkedin.com/pulse/mamba-new-full-disk-encryption-ransomware-family-member-marinho?trk=prof-post
ISC StormCast for Monday, September 12th 2016
Upgrading Security to MacOS Sierra https://isc.sans.edu/forums/diary/Getting+Ready+for+macOS+Sierra+Upgrade+Securely/21465/ PCI PIN Transation Security / Point of Interaction Update https://www.pcisecuritystandards.org/documents/PCI_PTS_POI_SRs_v5.pdf IMAPS Scans https://isc.sans.edu/forums/diary/Ongoing+IMAP+Scan+Anyone+Else/21463/
ISC StormCast for Monday, September 12th 2016
Upgrading Security to MacOS Sierra https://isc.sans.edu/forums/diary/Getting+Ready+for+macOS+Sierra+Upgrade+Securely/21465/ PCI PIN Transation Security / Point of Interaction Update https://www.pcisecuritystandards.org/documents/PCI_PTS_POI_SRs_v5.pdf IMAPS Scans https://isc.sans.edu/forums/diary/Ongoing+IMAP+Scan+Anyone+Else/21463/
ISC StormCast for Friday, September 9th 2016
Spikes in SNMP Traffic: Looking for PCAPs https://isc.sans.edu/forums/diary/Curious+SNMP+Traffic+Spike/21457/ New Version of Wireshark Released https://www.wireshark.org/docs/relnotes/wireshark-2.2.0.html XEN Hypervisor Vulnerabilities https://xenbits.xen.org/xsa/ Google Moving Ahead With HTTP Phaseout https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html Old Windows Media Player DRM Feature Still Used To Install Malware http://blog.cyren.com/articles/windows-media-player-drm-feature-used-for-malware-delivery-again.html SEC503 Intrusion Detection in Depth Online Training https://www.sans.org/vlive/details/sec503-19sep2016-johannes-ullrich-phd
ISC StormCast for Friday, September 9th 2016
Spikes in SNMP Traffic: Looking for PCAPs https://isc.sans.edu/forums/diary/Curious+SNMP+Traffic+Spike/21457/ New Version of Wireshark Released https://www.wireshark.org/docs/relnotes/wireshark-2.2.0.html XEN Hypervisor Vulnerabilities https://xenbits.xen.org/xsa/ Google Moving Ahead With HTTP Phaseout https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html Old Windows Media Player DRM Feature Still Used To Install Malware http://blog.cyren.com/articles/windows-media-player-drm-feature-used-for-malware-delivery-again.html SEC503 Intrusion Detection in Depth Online Training https://www.sans.org/vlive/details/sec503-19sep2016-johannes-ullrich-phd
ISC StormCast for Thursday, September 8th 2016
DShield Blocklist Update https://isc.sans.edu/forums/diary/Updated+DShield+Blocklist/21453/ Fortinet FortiWAN Load Balancer Mulitple Unpatched Vulnerabilities http://www.kb.cert.org/vuls/id/724487 Rapid7 Published NSM Vulnerabilities http://www.theregister.co.uk/2016/09/07/natwork_magement_vulns/ OPM Breached by Two Different Attackers https://oversight.house.gov/wp-content/uploads/2016/09/The-OPM-Data-Breach-How-the-Government-Jeopardized-Our-National-Security-for-More-than-a-Generation.pdf
ISC StormCast for Thursday, September 8th 2016
DShield Blocklist Update https://isc.sans.edu/forums/diary/Updated+DShield+Blocklist/21453/ Fortinet FortiWAN Load Balancer Mulitple Unpatched Vulnerabilities http://www.kb.cert.org/vuls/id/724487 Rapid7 Published NSM Vulnerabilities http://www.theregister.co.uk/2016/09/07/natwork_magement_vulns/ OPM Breached by Two Different Attackers https://oversight.house.gov/wp-content/uploads/2016/09/The-OPM-Data-Breach-How-the-Government-Jeopardized-Our-National-Security-for-More-than-a-Generation.pdf
ISC StormCast for Wednesday, September 7th 2016
Google September Android Security Update https://source.android.com/security/bulletin/2016-09-01.html Hard Coded Password / Key Issue Gets Worse http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html Snagging Credentials From Locked Machines (Windows and OS X) https://room362.com/post/2016/snagging-creds-from-locked-machines/
ISC StormCast for Wednesday, September 7th 2016
Google September Android Security Update https://source.android.com/security/bulletin/2016-09-01.html Hard Coded Password / Key Issue Gets Worse http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html Snagging Credentials From Locked Machines (Windows and OS X) https://room362.com/post/2016/snagging-creds-from-locked-machines/
ISC StormCast for Tuesday, September 6th 2016
Apple Patches OS X and Safari for Trident/Pegasus Vulnerabilities https://support.apple.com/en-us/HT201222 Malware Delivered via ".pub" Files https://isc.sans.edu/forums/diary/Malware+Delivered+via+pub+Files/21443/ Sophos Anti Virus False Positive Causes Blue Screen of Death https://community.sophos.com/kb/en-us/125000 Adobe Reviving Flash for Linux https://blogs.adobe.com/flashplayer/2016/08/beta-news-flash-player-npapi-for-linux.html Google Patches Nexuse 5X Vulnerability https://securityintelligence.com/undocumented-patched-vulnerability-in-nexus-5x-allowed-for-memory-dumping-via-usb/
ISC StormCast for Tuesday, September 6th 2016
Apple Patches OS X and Safari for Trident/Pegasus Vulnerabilities https://support.apple.com/en-us/HT201222 Malware Delivered via ".pub" Files https://isc.sans.edu/forums/diary/Malware+Delivered+via+pub+Files/21443/ Sophos Anti Virus False Positive Causes Blue Screen of Death https://community.sophos.com/kb/en-us/125000 Adobe Reviving Flash for Linux https://blogs.adobe.com/flashplayer/2016/08/beta-news-flash-player-npapi-for-linux.html Google Patches Nexuse 5X Vulnerability https://securityintelligence.com/undocumented-patched-vulnerability-in-nexus-5x-allowed-for-memory-dumping-via-usb/
ISC StormCast for Friday, September 2nd 2016
Malware Using Maxmind For Geolocation https://isc.sans.edu/forums/diary/Maxmindcom+Abused+As+AntiAnalysis+Technique/21435/ Content Security Policy of Limited Use in Real World https://research.google.com/pubs/pub45542.html CryptWare Bitlocker Enhancement Vulnerability https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160831-0_CryptWare_CryptoPro_Manipulation_of_pre-boot_authentication_v10.txt Google Releases Chrome 53 http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html
ISC StormCast for Friday, September 2nd 2016
Malware Using Maxmind For Geolocation https://isc.sans.edu/forums/diary/Maxmindcom+Abused+As+AntiAnalysis+Technique/21435/ Content Security Policy of Limited Use in Real World https://research.google.com/pubs/pub45542.html CryptWare Bitlocker Enhancement Vulnerability https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160831-0_CryptWare_CryptoPro_Manipulation_of_pre-boot_authentication_v10.txt Google Releases Chrome 53 http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html
ISC StormCast for Thursday, September 1st 2016
Abobe ColdFusion Update https://helpx.adobe.com/security/products/coldfusion/apsb16-30.html OS X Bittorrent Client Transmission Backdoored http://www.welivesecurity.com/2016/08/30/osxkeydnap-spreads-via-signed-transmission-application/ Arrested Lurk Hacking Group Likely Developed Angler Exploit Kit https://securelist.com/analysis/publications/75944/the-hunt-for-lurk/ Vulnerable REDIS Instances Used by Fake Ransomware https://duo.com/blog/over-18-000-redis-instances-targeted-by-fake-ransomware