SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
#news #technews #technology #news #dailynews

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Similar Podcasts

Elixir Outlaws

Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.

The Cynical Developer

The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career, through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.

ThunderCast

ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.

ISC StormCast for Tuesday, December 12th, 2023

December 11, 2023 5:35 5.0 MB Downloads: 0

What is Sitemap.xml and Why a Pentester Should Care https://isc.sans.edu/diary/What%20is%20sitemap.xml%2C%20and%20Why%20a%20Pentester%20Should%20Care/30472 Apple Patches Everything https://isc.sans.edu/forums/diary/Apple%20Patches%20Everything/30474/ Android Password Manager Auto Spill https://i.blackhat.com/EU-23/Presentations/EU-23-Gangwal-AutoSpill-Zero-Effort-Credential-Stealing.pdf

ISC StormCast for Monday, December 11th, 2023

December 10, 2023 6:15 5.55 MB Downloads: 0

IPv4 Mapped IPv6 Addresses https://isc.sans.edu/diary/IPv4-mapped%20IPv6%20Address%20Used%20For%20Obfuscation/30466 Honeypots From the Skeptical Beginner to the Tactical Enthusiast https://isc.sans.edu/diary/Honeypots%3A%20From%20the%20Skeptical%20Beginner%20to%20the%20Tactical%20Enthusiast/30468 Bluetooth Weakness CVE-2023-45866 https://github.com/skysafe/reblog/tree/main/cve-2023-45866 Syrus 4 IoT Gateway Vulnerability CVE-2023-6248 https://socradar.io/syrus4-iot-gateway-vulnerability-could-allow-code-execution-on-thousands-of-vehicles-simultaneously-cve-2023-6248/ Microsoft Edge Vulnerability CVE-2023-35618 https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#december-7-2023

ISC StormCast for Monday, December 11th, 2023

December 10, 2023 6:15 5.55 MB Downloads: 0

IPv4 Mapped IPv6 Addresses https://isc.sans.edu/diary/IPv4-mapped%20IPv6%20Address%20Used%20For%20Obfuscation/30466 Honeypots From the Skeptical Beginner to the Tactical Enthusiast https://isc.sans.edu/diary/Honeypots%3A%20From%20the%20Skeptical%20Beginner%20to%20the%20Tactical%20Enthusiast/30468 Bluetooth Weakness CVE-2023-45866 https://github.com/skysafe/reblog/tree/main/cve-2023-45866 Syrus 4 IoT Gateway Vulnerability CVE-2023-6248 https://socradar.io/syrus4-iot-gateway-vulnerability-could-allow-code-execution-on-thousands-of-vehicles-simultaneously-cve-2023-6248/ Microsoft Edge Vulnerability CVE-2023-35618 https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#december-7-2023

ISC StormCast for Friday, December 8th, 2023

December 07, 2023 6:14 5.54 MB Downloads: 0

5G Vulnerabilities https://isc.sans.edu/diary/5Ghoul%3A%20Impacts%2C%20Implications%20and%20Next%20Steps/30462 Revealing the hidden Risks of QR Codes https://isc.sans.edu/diary/Revealing%20the%20Hidden%20Risks%20of%20QR%20Codes%20%5BGuest%20Diary%5D/30458 Window 10 End of Support https://techcommunity.microsoft.com/t5/windows-it-pro-blog/plan-for-windows-10-eos-with-windows-11-windows-365-and-esu/ba-p/4000414 Apache Struts 2 Vulnerability CVE-2023-50164 https://cwiki.apache.org/confluence/display/WW/S2-066

ISC StormCast for Friday, December 8th, 2023

December 07, 2023 6:14 5.54 MB Downloads: 0

5G Vulnerabilities https://isc.sans.edu/diary/5Ghoul%3A%20Impacts%2C%20Implications%20and%20Next%20Steps/30462 Revealing the hidden Risks of QR Codes https://isc.sans.edu/diary/Revealing%20the%20Hidden%20Risks%20of%20QR%20Codes%20%5BGuest%20Diary%5D/30458 Window 10 End of Support https://techcommunity.microsoft.com/t5/windows-it-pro-blog/plan-for-windows-10-eos-with-windows-11-windows-365-and-esu/ba-p/4000414 Apache Struts 2 Vulnerability CVE-2023-50164 https://cwiki.apache.org/confluence/display/WW/S2-066

ISC StormCast for Thursday, December 7th, 2023

December 06, 2023 5:50 5.2 MB Downloads: 0

Whose packet is is anyway: a new RFC for attribution of internet probes https://isc.sans.edu/forums/diary/Whose%20packet%20is%20it%20anyway%3A%20a%20new%20RFC%20for%20attribution%20of%20internet%20probes/30456/ MLFlow Vulnerability https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security https://mlflow.org/category/news/index.html Abusing STS Tokens https://redcanary.com/blog/aws-sts/ Atlasian Vulnerabilities https://confluence.atlassian.com/security/security-advisories-bulletins-1236937381.html Holiday Hack Challenge https://www.sans.org/mlp/holiday-hack-challenge-2023/

ISC StormCast for Thursday, December 7th, 2023

December 06, 2023 5:50 5.2 MB Downloads: 0

Whose packet is is anyway: a new RFC for attribution of internet probes https://isc.sans.edu/forums/diary/Whose%20packet%20is%20it%20anyway%3A%20a%20new%20RFC%20for%20attribution%20of%20internet%20probes/30456/ MLFlow Vulnerability https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security https://mlflow.org/category/news/index.html Abusing STS Tokens https://redcanary.com/blog/aws-sts/ Atlasian Vulnerabilities https://confluence.atlassian.com/security/security-advisories-bulletins-1236937381.html Holiday Hack Challenge https://www.sans.org/mlp/holiday-hack-challenge-2023/

ISC StormCast for Wednesday, December 6th, 2023

December 05, 2023 5:34 4.98 MB Downloads: 0

Cobalt Strike's "Runtime Configuration" https://isc.sans.edu/diary/Cobalt%20Strike%27s%20%22Runtime%20Configuration%22/30426 Adobe ColdFusion Exploit Abused https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a Atos Unify OpenScape Vulnerability https://sec-consult.com/vulnerability-lab/advisory/argument-injection-vulnerability-in-multiple-atos-unify-openscape-products/ ExtremeXOS Vulnerabilities https://rhinosecuritylabs.com/research/extreme-networks-extremexos-vulnerabilities/

ISC StormCast for Wednesday, December 6th, 2023

December 05, 2023 5:34 4.98 MB Downloads: 0

Cobalt Strike's "Runtime Configuration" https://isc.sans.edu/diary/Cobalt%20Strike%27s%20%22Runtime%20Configuration%22/30426 Adobe ColdFusion Exploit Abused https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a Atos Unify OpenScape Vulnerability https://sec-consult.com/vulnerability-lab/advisory/argument-injection-vulnerability-in-multiple-atos-unify-openscape-products/ ExtremeXOS Vulnerabilities https://rhinosecuritylabs.com/research/extreme-networks-extremexos-vulnerabilities/

ISC StormCast for Tuesday, December 5th, 2023

December 04, 2023 6:00 5.34 MB Downloads: 0

Zarya Hacktivists: More than just Sharepoint https://isc.sans.edu/diary/Zarya%20Hacktivists%3A%20More%20than%20just%20Sharepoint./30450 ICANN Registration Data Request Service (RDRS) https://rdrs.icann.org/ Android Updates https://source.android.com/docs/security/bulletin/2023-12-01 GitLab Patches https://about.gitlab.com/releases/2023/11/30/security-release-gitlab-16-6-1-released/

ISC StormCast for Tuesday, December 5th, 2023

December 04, 2023 6:00 5.34 MB Downloads: 0

Zarya Hacktivists: More than just Sharepoint https://isc.sans.edu/diary/Zarya%20Hacktivists%3A%20More%20than%20just%20Sharepoint./30450 ICANN Registration Data Request Service (RDRS) https://rdrs.icann.org/ Android Updates https://source.android.com/docs/security/bulletin/2023-12-01 GitLab Patches https://about.gitlab.com/releases/2023/11/30/security-release-gitlab-16-6-1-released/

ISC StormCast for Monday, December 4th, 2023

December 03, 2023 6:01 5.36 MB Downloads: 0

UEFI Exploit via Boot Image https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.html Fake Phishing Scan Tricks Users into Installing Backdoor Plugin https://www.wordfence.com/blog/2023/12/psa-fake-cve-2023-45124-phishing-scam-tricks-users-into-installing-backdoor-plugin/ Qlik Sense Exploited by Cactus Ransomware https://arcticwolf.com/resources/blog/qlik-sense-exploited-in-cactus-ransomware-campaign/ https://www.praetorian.com/blog/qlik-sense-technical-exploit/ VMWare Vulnerability Patched https://www.vmware.com/security/advisories/VMSA-2023-0026.html

ISC StormCast for Monday, December 4th, 2023

December 03, 2023 6:01 5.36 MB Downloads: 0

UEFI Exploit via Boot Image https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.html Fake Phishing Scan Tricks Users into Installing Backdoor Plugin https://www.wordfence.com/blog/2023/12/psa-fake-cve-2023-45124-phishing-scam-tricks-users-into-installing-backdoor-plugin/ Qlik Sense Exploited by Cactus Ransomware https://arcticwolf.com/resources/blog/qlik-sense-exploited-in-cactus-ransomware-campaign/ https://www.praetorian.com/blog/qlik-sense-technical-exploit/ VMWare Vulnerability Patched https://www.vmware.com/security/advisories/VMSA-2023-0026.html

ISC StormCast for Friday, December 1st, 2023

November 30, 2023 5:35 5.0 MB Downloads: 0

Apple Updates https://isc.sans.edu/diary/Apple+Patches+Exploited+WebKit+Vulnerabilitiues+in+iOSiPadOSmacOS/30444 Prophetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today https://isc.sans.edu/forums/diary/Prophetic+Post+by+Intern+on+CVE20231389+Foreshadows+Mirai+Botnet+Expansion+Today/30442/ Zyxel Vulnerabilities https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products Solarwinds Update https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-4_release_notes.htm#link3 DNS Looking Glass https://isc.sans.edu/tools/dnslookup/

ISC StormCast for Friday, December 1st, 2023

November 30, 2023 5:35 5.0 MB Downloads: 0

Apple Updates https://isc.sans.edu/diary/Apple+Patches+Exploited+WebKit+Vulnerabilitiues+in+iOSiPadOSmacOS/30444 Prophetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today https://isc.sans.edu/forums/diary/Prophetic+Post+by+Intern+on+CVE20231389+Foreshadows+Mirai+Botnet+Expansion+Today/30442/ Zyxel Vulnerabilities https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products Solarwinds Update https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-4_release_notes.htm#link3 DNS Looking Glass https://isc.sans.edu/tools/dnslookup/