A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Monday, March 18th, 2024
5GHoul Revisted: Thress Months Later https://isc.sans.edu/diary/5Ghoul%20Revisited%3A%20Three%20Months%20Later/30746 Obfuscated Hexadecimal Payload https://isc.sans.edu/diary/Obfuscated%20Hexadecimal%20Payload/30750 ChatGPT Related OAUTH Issues https://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data?utm_source=social&utm_medium=reddit RedCanary Threat Detection Report https://redcanary.com/threat-detection-report/ CRL/OCSP Changes https://github.com/cabforum/servercert/blob/main/docs/BR.md
ISC StormCast for Monday, March 18th, 2024
5GHoul Revisted: Thress Months Later https://isc.sans.edu/diary/5Ghoul%20Revisited%3A%20Three%20Months%20Later/30746 Obfuscated Hexadecimal Payload https://isc.sans.edu/diary/Obfuscated%20Hexadecimal%20Payload/30750 ChatGPT Related OAUTH Issues https://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data?utm_source=social&utm_medium=reddit RedCanary Threat Detection Report https://redcanary.com/threat-detection-report/ CRL/OCSP Changes https://github.com/cabforum/servercert/blob/main/docs/BR.md
ISC StormCast for Friday, March 15th, 2024
Increase in the number of phishing messages pointing to IPFS and to R2 buckets https://isc.sans.edu/diary/Increase%20in%20the%20number%20of%20phishing%20messages%20pointing%20to%20IPFS%20and%20to%20R2%20buckets/30744 Fortinet New Vulnerabilities https://www.horizon3.ai/attack-research/attack-blogs/fortiwlm-the-almost-story-for-the-forti-forty/ Fortinet Updates https://www.helpnetsecurity.com/2024/03/14/cve-2023-48788-poc/ Arcserve UDP Vulnerability and PoC https://www.tenable.com/security/research/tra-2024-07 Michael Holcomb: Mode Matters: Monitoring PLCs for Detecting Potential ICS/OT Incidents https://www.sans.edu/cyber-research/mode-matters-monitoring-plcs-for-detecting-potential-ics-ot-incidents/
ISC StormCast for Friday, March 15th, 2024
Increase in the number of phishing messages pointing to IPFS and to R2 buckets https://isc.sans.edu/diary/Increase%20in%20the%20number%20of%20phishing%20messages%20pointing%20to%20IPFS%20and%20to%20R2%20buckets/30744 Fortinet New Vulnerabilities https://www.horizon3.ai/attack-research/attack-blogs/fortiwlm-the-almost-story-for-the-forti-forty/ Fortinet Updates https://www.helpnetsecurity.com/2024/03/14/cve-2023-48788-poc/ Arcserve UDP Vulnerability and PoC https://www.tenable.com/security/research/tra-2024-07 Michael Holcomb: Mode Matters: Monitoring PLCs for Detecting Potential ICS/OT Incidents https://www.sans.edu/cyber-research/mode-matters-monitoring-plcs-for-detecting-potential-ics-ot-incidents/
ISC StormCast for Thursday, March 14th, 2024
Using ChatGPT to Deofuscate Malicious Scripts https://isc.sans.edu/diary/Using%20ChatGPT%20to%20Deobfuscate%20Malicious%20Scripts/30740 Critical Fortinet Vulnerabilities https://fortiguard.fortinet.com/psirt Adobe Security Bulletins https://helpx.adobe.com/security/security-bulletin.html Kubernetes Local Volumes Command Injection Vulnerability https://www.akamai.com/blog/security-research/kubernetes-local-volumes-command-injection-vulnerability-rce-system-privileges
ISC StormCast for Thursday, March 14th, 2024
Using ChatGPT to Deofuscate Malicious Scripts https://isc.sans.edu/diary/Using%20ChatGPT%20to%20Deobfuscate%20Malicious%20Scripts/30740 Critical Fortinet Vulnerabilities https://fortiguard.fortinet.com/psirt Adobe Security Bulletins https://helpx.adobe.com/security/security-bulletin.html Kubernetes Local Volumes Command Injection Vulnerability https://www.akamai.com/blog/security-research/kubernetes-local-volumes-command-injection-vulnerability-rce-system-privileges
ISC StormCast for Wednesday, March 13th, 2024
Microsoft Patch Tuesday March 2024 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20-%20March%202024/30736 Death Knell of NVD https://resilientcyber.substack.com/p/death-knell-of-the-nvd Unrestricted file upload vulnerability in ManageEngine Desktop Central https://www.incibe.es/en/incibe-cert/notices/aviso/unrestricted-file-upload-vulnerability-manageengine-desktop-central Siemens Fire Protection System Updates https://cert-portal.siemens.com/productcert/html/ssa-225840.html
ISC StormCast for Wednesday, March 13th, 2024
Microsoft Patch Tuesday March 2024 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20-%20March%202024/30736 Death Knell of NVD https://resilientcyber.substack.com/p/death-knell-of-the-nvd Unrestricted file upload vulnerability in ManageEngine Desktop Central https://www.incibe.es/en/incibe-cert/notices/aviso/unrestricted-file-upload-vulnerability-manageengine-desktop-central Siemens Fire Protection System Updates https://cert-portal.siemens.com/productcert/html/ssa-225840.html
ISC StormCast for Tuesday, March 12th, 2024
What happens when you accidentially leak your AWS API Keys https://isc.sans.edu/diary/What%20happens%20when%20you%20accidentally%20leak%20your%20AWS%20API%20keys%3F%20%5BGuest%20Diary%5D/30730 How Crypto Imposters are using Calendly to infect Macs with Malware https://cyberguy.com/news/how-crypto-imposters-are-using-calendly-to-infect-macs-with-malware/ https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/ Misconfiguration Manager: Overlooked and Overprivileged https://posts.specterops.io/misconfiguration-manager-overlooked-and-overprivileged-70983b8f350d
ISC StormCast for Tuesday, March 12th, 2024
What happens when you accidentially leak your AWS API Keys https://isc.sans.edu/diary/What%20happens%20when%20you%20accidentally%20leak%20your%20AWS%20API%20keys%3F%20%5BGuest%20Diary%5D/30730 How Crypto Imposters are using Calendly to infect Macs with Malware https://cyberguy.com/news/how-crypto-imposters-are-using-calendly-to-infect-macs-with-malware/ https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/ Misconfiguration Manager: Overlooked and Overprivileged https://posts.specterops.io/misconfiguration-manager-overlooked-and-overprivileged-70983b8f350d
ISC StormCast for Monday, March 11th, 2024
Attack Wrangles Thousands of Web Users into a Password Cracking Botnet https://arstechnica.com/security/2024/03/attack-wrangles-thousands-of-web-users-into-a-password-cracking-botnet Cisco VPN Client Vuln https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-client-crlf-W43V4G7 Fortinet Vulnerability Exploited https://bishopfox.com/blog/cve-2024-21762-vulnerability-scanner-for-fortigate-firewalls pgAdmin Path Traversal https://www.shielder.com/advisories/pgadmin-path-traversal_leads_to_unsafe_deserialization_and_rce/ Font Vulnerabilities https://www.canva.dev/blog/engineering/fonts-are-still-a-helvetica-of-a-problem/ QNAP Flaws https://securityonline.info/cve-2024-21899-cvss-9-8-critical-qnap-flaw-opens-door-to-hackers/
ISC StormCast for Monday, March 11th, 2024
Attack Wrangles Thousands of Web Users into a Password Cracking Botnet https://arstechnica.com/security/2024/03/attack-wrangles-thousands-of-web-users-into-a-password-cracking-botnet Cisco VPN Client Vuln https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-client-crlf-W43V4G7 Fortinet Vulnerability Exploited https://bishopfox.com/blog/cve-2024-21762-vulnerability-scanner-for-fortigate-firewalls pgAdmin Path Traversal https://www.shielder.com/advisories/pgadmin-path-traversal_leads_to_unsafe_deserialization_and_rce/ Font Vulnerabilities https://www.canva.dev/blog/engineering/fonts-are-still-a-helvetica-of-a-problem/ QNAP Flaws https://securityonline.info/cve-2024-21899-cvss-9-8-critical-qnap-flaw-opens-door-to-hackers/
ISC StormCast for Friday, March 8th, 2024
AWS Deploymnet Risks - Configuration and Credential File Targeting https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20AWS%20Deployment%20Risks%20-%20Configuration%20and%20Credential%20File%20Targeting/30722 Apple Updates https://isc.sans.edu/diary/MacOS%20Patches%20%28and%20Safari%2C%20TVOS%2C%20VisionOS%2C%20WatchOS%29/30726 NSA/CISA Secure Cloud Guides https://media.defense.gov/2024/Mar/07/2003407866/-1/-1/0/CSI-CloudTop10-Identity-Access-Management.PDF https://media.defense.gov/2024/Mar/07/2003407858/-1/-1/0/CSI-CloudTop10-Key-Management.PDF https://media.defense.gov/2024/Mar/07/2003407859/-1/-1/0/CSI-CloudTop10-Managed-Service-Providers.PDF https://media.defense.gov/2024/Mar/07/2003407862/-1/-1/0/CSI-CloudTop10-Secure-Data.PDF https://media.defense.gov/2024/Mar/07/2003407861/-1/-1/0/CSI-CloudTop10-Network-Segmentation.PDF
ISC StormCast for Friday, March 8th, 2024
AWS Deploymnet Risks - Configuration and Credential File Targeting https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20AWS%20Deployment%20Risks%20-%20Configuration%20and%20Credential%20File%20Targeting/30722 Apple Updates https://isc.sans.edu/diary/MacOS%20Patches%20%28and%20Safari%2C%20TVOS%2C%20VisionOS%2C%20WatchOS%29/30726 NSA/CISA Secure Cloud Guides https://media.defense.gov/2024/Mar/07/2003407866/-1/-1/0/CSI-CloudTop10-Identity-Access-Management.PDF https://media.defense.gov/2024/Mar/07/2003407858/-1/-1/0/CSI-CloudTop10-Key-Management.PDF https://media.defense.gov/2024/Mar/07/2003407859/-1/-1/0/CSI-CloudTop10-Managed-Service-Providers.PDF https://media.defense.gov/2024/Mar/07/2003407862/-1/-1/0/CSI-CloudTop10-Secure-Data.PDF https://media.defense.gov/2024/Mar/07/2003407861/-1/-1/0/CSI-CloudTop10-Network-Segmentation.PDF
ISC StormCast for Thursday, March 7th, 2024
Scanning and Abusing the QUIC Protocol https://isc.sans.edu/diary/Scanning%20and%20abusing%20the%20QUIC%20protocol/30720 Google Chrome Update https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html Spinning YARN https://www.cadosecurity.com/spinning-yarn-a-new-linux-malware-campaign-targets-docker-apache-hadoop-redis-and-confluence/ Teamcity Exploited https://twitter.com/leak_ix/status/1765460190621581347