A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Friday, July 29th 2016
Verifying SSL/TLS Certificates Manually https://isc.sans.edu/forums/diary/Verifying+SSLTLS+certificates+manually/21311/ LastPass Security Updates https://blog.lastpass.com/2016/07/lastpass-security-updates.html/ Android Linux Kernel Defenses https://security.googleblog.com/2016/07/protecting-android-with-more-linux.html Update to ISC Suspicious Domain List https://isc.sans.edu/suspicious_domains.html
ISC StormCast for Friday, July 29th 2016
Verifying SSL/TLS Certificates Manually https://isc.sans.edu/forums/diary/Verifying+SSLTLS+certificates+manually/21311/ LastPass Security Updates https://blog.lastpass.com/2016/07/lastpass-security-updates.html/ Android Linux Kernel Defenses https://security.googleblog.com/2016/07/protecting-android-with-more-linux.html Update to ISC Suspicious Domain List https://isc.sans.edu/suspicious_domains.html
ISC StormCast for Thursday, July 28th 2016
Linux Bot Analysis https://isc.sans.edu/forums/diary/Analyze+of+a+Linux+botnet+client+source+code/21305/ Critical XEN PV Guests Vulnerability https://isc.sans.edu/forums/diary/Critical+Xen+PV+guests+vulnerabilities/21307/ LastPass Vulnerability https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-your-passwords/ Chimera Ransomware Keys Leaked https://blog.malwarebytes.com/cybercrime/2016/07/keys-to-chimera-ransomware-leaked/ Fiat/Chrysler Software Recall http://www.thecarconnection.com/news/1105198_2015-chrysler-200-jeep-renegade-2014-2015-jeep-cherokee-recalled-410000-vehicles-affected?preview=true Defending Web Applications Security Essentials (DEV522) in Vegas! https://www.sans.org/event/network-security-2016/course/defending-web-applications-security-essentials
ISC StormCast for Thursday, July 28th 2016
Linux Bot Analysis https://isc.sans.edu/forums/diary/Analyze+of+a+Linux+botnet+client+source+code/21305/ Critical XEN PV Guests Vulnerability https://isc.sans.edu/forums/diary/Critical+Xen+PV+guests+vulnerabilities/21307/ LastPass Vulnerability https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-your-passwords/ Chimera Ransomware Keys Leaked https://blog.malwarebytes.com/cybercrime/2016/07/keys-to-chimera-ransomware-leaked/ Fiat/Chrysler Software Recall http://www.thecarconnection.com/news/1105198_2015-chrysler-200-jeep-renegade-2014-2015-jeep-cherokee-recalled-410000-vehicles-affected?preview=true Defending Web Applications Security Essentials (DEV522) in Vegas! https://www.sans.org/event/network-security-2016/course/defending-web-applications-security-essentials
ISC StormCast for Wednesday, July 27th 2016
DNS Cmd and Ctrl via AAAA Records https://isc.sans.edu/forums/diary/Command+and+Control+Channels+Using+AAAA+DNS+Records/21301/ Microsoft Authenticator https://blogs.technet.microsoft.com/enterprisemobility/2016/07/25/microsoft-authenticator-coming-august-15th/ WPAD May Leak HTTPS URLs http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-crypto-works-on-macs-windows-and-linux/ HOnions: Tor Servers To Discover Snooping Tor Nodes https://regmedia.co.uk/2016/07/25/10_honions-sanatinia.pdf
ISC StormCast for Wednesday, July 27th 2016
DNS Cmd and Ctrl via AAAA Records https://isc.sans.edu/forums/diary/Command+and+Control+Channels+Using+AAAA+DNS+Records/21301/ Microsoft Authenticator https://blogs.technet.microsoft.com/enterprisemobility/2016/07/25/microsoft-authenticator-coming-august-15th/ WPAD May Leak HTTPS URLs http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-crypto-works-on-macs-windows-and-linux/ HOnions: Tor Servers To Discover Snooping Tor Nodes https://regmedia.co.uk/2016/07/25/10_honions-sanatinia.pdf
ISC StormCast for Tuesday, July 26th 2016
Python Malware - Part 4 https://isc.sans.edu/forums/diary/Python+Malware+Part+4/21297/ Powerware Decrypter https://github.com/pan-unit42/public_tools/blob/master/powerware/powerware_decrypt.py No More Ransomware https://www.nomoreransom.org Pangu iOS 9.3.3 Jailbrake http://en.pangu.io Safe Skies TSA Keys Duplicated http://www.3ders.org/articles/20160725-hackers-create-3d-printed-tsa-safe-skies-master-key-for-luggage-release-blueprints.html
ISC StormCast for Tuesday, July 26th 2016
Python Malware - Part 4 https://isc.sans.edu/forums/diary/Python+Malware+Part+4/21297/ Powerware Decrypter https://github.com/pan-unit42/public_tools/blob/master/powerware/powerware_decrypt.py No More Ransomware https://www.nomoreransom.org Pangu iOS 9.3.3 Jailbrake http://en.pangu.io Safe Skies TSA Keys Duplicated http://www.3ders.org/articles/20160725-hackers-create-3d-printed-tsa-safe-skies-master-key-for-luggage-release-blueprints.html
ISC StormCast for Monday, July 25th 2016
NIST Digital Authentication Guide Preview https://github.com/usnistgov/800-63-3 Powerware Ransomware Spoofing Locky http://researchcenter.paloaltonetworks.com/2016/07/unit42-powerware-ransomware-spoofing-locky-malware-family/ SAP HANA Security Advisory http://www.onapsis.com/research/security-advisories Pokemon Go Forensics https://www.gillware.com/forensics/blog/mobile-forensics/oh-no-pokemon-go-forensic-artifacts
ISC StormCast for Monday, July 25th 2016
NIST Digital Authentication Guide Preview https://github.com/usnistgov/800-63-3 Powerware Ransomware Spoofing Locky http://researchcenter.paloaltonetworks.com/2016/07/unit42-powerware-ransomware-spoofing-locky-malware-family/ SAP HANA Security Advisory http://www.onapsis.com/research/security-advisories Pokemon Go Forensics https://www.gillware.com/forensics/blog/mobile-forensics/oh-no-pokemon-go-forensic-artifacts
ISC StormCast for Friday, July 22nd 2016
A Practice ntds.dit File For Hash Extraction and Password Cracking https://isc.sans.edu/forums/diary/Practice+ntdsdit+File/21287/ Mozilla Further Reducing Flash Content https://blog.mozilla.org/futurereleases/2016/07/20/reducing-adobe-flash-usage-in-firefox/ Little Snitch Update https://www.obdev.at/products/littlesnitch/releasenotes.html PHP 7.0.9 / 5.6.24 Released (fixes httpoxy vulnerability) http://php.net/ChangeLog-7.php#7.0.9 http://www.php.net/ChangeLog-5.php#5.6.24 Google Chrome Update http://googlechromereleases.blogspot.com/search/label/Stable%20updates
ISC StormCast for Friday, July 22nd 2016
A Practice ntds.dit File For Hash Extraction and Password Cracking https://isc.sans.edu/forums/diary/Practice+ntdsdit+File/21287/ Mozilla Further Reducing Flash Content https://blog.mozilla.org/futurereleases/2016/07/20/reducing-adobe-flash-usage-in-firefox/ Little Snitch Update https://www.obdev.at/products/littlesnitch/releasenotes.html PHP 7.0.9 / 5.6.24 Released (fixes httpoxy vulnerability) http://php.net/ChangeLog-7.php#7.0.9 http://www.php.net/ChangeLog-5.php#5.6.24 Google Chrome Update http://googlechromereleases.blogspot.com/search/label/Stable%20updates
ISC StormCast for Thursday, July 21st 2016
Oracle Critical Patch Update http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html DNS Root Key Rotation http://schd.ws/hosted_files/icann562016/60/Matt%20Larson%20ICANN56%20KSK%20roll%20briefing.pdf Anti-Malware Codehooking Vulnerabilities http://breakingmalware.com/vulnerabilities/captain-hook-pirating-avs-bypass-exploit-mitigations/ More Details Regaring Apple's Image I/O Vulnerablity http://www.talosintelligence.com/reports/TALOS-2016-0171/ Hidden Backdoor in Dell Security Software https://www.digitaldefense.com/ddi-six-discoveries/
ISC StormCast for Thursday, July 21st 2016
Oracle Critical Patch Update http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html DNS Root Key Rotation http://schd.ws/hosted_files/icann562016/60/Matt%20Larson%20ICANN56%20KSK%20roll%20briefing.pdf Anti-Malware Codehooking Vulnerabilities http://breakingmalware.com/vulnerabilities/captain-hook-pirating-avs-bypass-exploit-mitigations/ More Details Regaring Apple's Image I/O Vulnerablity http://www.talosintelligence.com/reports/TALOS-2016-0171/ Hidden Backdoor in Dell Security Software https://www.digitaldefense.com/ddi-six-discoveries/
ISC StormCast for Wednesday, July 20th 2016
Objective Systems ASN1C Compiler Creates Vulnerable Code https://github.com/programa-stic/security-advisories/tree/master/ObjSys/CVE-2016-5080 Office Maldoc Analysis https://isc.sans.edu/forums/diary/Office+Maldoc+Lets+Focus+on+the+VBA+Macros+Later/21275/ Defeating GMail's Malicious Macro Signatures https://warroom.securestate.com/bypassing-gmails-malicious-macro-signatures/