A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Wednesday, August 9th, 2023
Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202023%20Patch%20Tuesday/30106 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html
ISC StormCast for Wednesday, August 9th, 2023
Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202023%20Patch%20Tuesday/30106 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html
ISC StormCast for Tuesday, August 8th, 2023
Update: Researchers Scanning the Internet https://isc.sans.edu/diary/Update%3A%20Researchers%20scanning%20the%20Internet/30102 Malicious OpenBullet Configuration Files https://www.kasada.io/threat-intel-openbullet-malware/ Abusing Cloudflare Tunnels https://www.guidepointsecurity.com/blog/tunnel-vision-cloudflared-abused-in-the-wild/
ISC StormCast for Tuesday, August 8th, 2023
Update: Researchers Scanning the Internet https://isc.sans.edu/diary/Update%3A%20Researchers%20scanning%20the%20Internet/30102 Malicious OpenBullet Configuration Files https://www.kasada.io/threat-intel-openbullet-malware/ Abusing Cloudflare Tunnels https://www.guidepointsecurity.com/blog/tunnel-vision-cloudflared-abused-in-the-wild/
ISC StormCast for Monday, August 7th, 2023
Are Leaked Credential Dumps Used by Attackers? https://isc.sans.edu/diary/Are%20Leaked%20Credentials%20Dumps%20Used%20by%20Attackers%3F/30098 New PaperCut RCE Vulnerability https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/ Microsoft mitigates Power Platform Custom Code information disclosure vulnerability https://msrc.microsoft.com/blog/2023/08/microsoft-mitigates-power-platform-custom-code-information-disclosure-vulnerability/ Microsoft Publishes Token theft Playbook https://learn.microsoft.com/en-us/security/operations/token-theft-playbook
ISC StormCast for Monday, August 7th, 2023
Are Leaked Credential Dumps Used by Attackers? https://isc.sans.edu/diary/Are%20Leaked%20Credentials%20Dumps%20Used%20by%20Attackers%3F/30098 New PaperCut RCE Vulnerability https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/ Microsoft mitigates Power Platform Custom Code information disclosure vulnerability https://msrc.microsoft.com/blog/2023/08/microsoft-mitigates-power-platform-custom-code-information-disclosure-vulnerability/ Microsoft Publishes Token theft Playbook https://learn.microsoft.com/en-us/security/operations/token-theft-playbook
ISC StormCast for Friday, August 4th, 2023
From small LNK to large malicious BAT file with zero VT score https://isc.sans.edu/diary/From%20small%20LNK%20to%20large%20malicious%20BAT%20file%20with%20zero%20VT%20score/30094 Social Engineering via Microsoft Teams https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/ Automating the Search for LOLBAS https://pentera.io/resources/whitepapers/the-lolbas-odyssey-finding-new-lolbas-and-how-you-can-too/ Sneaky Versioning Used to Bypass Scanners https://thehackernews.com/2023/08/malicious-apps-use-sneaky-versioning.html Aruba Patches https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-010.txt Mitel Patches https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0008
ISC StormCast for Friday, August 4th, 2023
From small LNK to large malicious BAT file with zero VT score https://isc.sans.edu/diary/From%20small%20LNK%20to%20large%20malicious%20BAT%20file%20with%20zero%20VT%20score/30094 Social Engineering via Microsoft Teams https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/ Automating the Search for LOLBAS https://pentera.io/resources/whitepapers/the-lolbas-odyssey-finding-new-lolbas-and-how-you-can-too/ Sneaky Versioning Used to Bypass Scanners https://thehackernews.com/2023/08/malicious-apps-use-sneaky-versioning.html Aruba Patches https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-010.txt Mitel Patches https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0008
ISC StormCast for Thursday, August 3rd, 2023
Zeek and Defender Endpoint https://isc.sans.edu/diary/Zeek%20and%20Defender%20Endpoint/30088 New Ivanti MobileIron Core Vulnerability https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US Salesforce Phishing https://labs.guard.io/phishforce-vulnerability-uncovered-in-salesforces-email-services-exploited-for-phishing-32024ad4b5fa Abusing the Amazon Web Services SSM Agent as a Remote Access Trojan https://www.mitiga.io/blog/abusing-the-amazon-web-services-ssm-agent-as-a-remote-access-trojan
ISC StormCast for Thursday, August 3rd, 2023
Zeek and Defender Endpoint https://isc.sans.edu/diary/Zeek%20and%20Defender%20Endpoint/30088 New Ivanti MobileIron Core Vulnerability https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US Salesforce Phishing https://labs.guard.io/phishforce-vulnerability-uncovered-in-salesforces-email-services-exploited-for-phishing-32024ad4b5fa Abusing the Amazon Web Services SSM Agent as a Remote Access Trojan https://www.mitiga.io/blog/abusing-the-amazon-web-services-ssm-agent-as-a-remote-access-trojan
ISC StormCast for Wednesday, August 2nd, 2023
DNS Over HTTPS Summary https://isc.sans.edu/diary/Summary%20of%20DNS%20over%20HTTPS%20requests%20against%20our%20honeypots./30084 Malware Infects Airgapped Networks https://usa.kaspersky.com/about/press-releases/2023_kaspersky-uncovers-malware-for-targeted-data-exfiltration-from-air-gapped-environments Google Deleting Inactive Accounts https://support.google.com/accounts/answer/12418290?visit_id=638264210155158507-1346504535&p=inactive_account_policy_blog&rd=1 Google AMP Service Used for Phishing https://cofense.com/blog/google-amp-the-newest-of-evasive-phishing-tactic/
ISC StormCast for Wednesday, August 2nd, 2023
DNS Over HTTPS Summary https://isc.sans.edu/diary/Summary%20of%20DNS%20over%20HTTPS%20requests%20against%20our%20honeypots./30084 Malware Infects Airgapped Networks https://usa.kaspersky.com/about/press-releases/2023_kaspersky-uncovers-malware-for-targeted-data-exfiltration-from-air-gapped-environments Google Deleting Inactive Accounts https://support.google.com/accounts/answer/12418290?visit_id=638264210155158507-1346504535&p=inactive_account_policy_blog&rd=1 Google AMP Service Used for Phishing https://cofense.com/blog/google-amp-the-newest-of-evasive-phishing-tactic/
ISC StormCast for Tuesday, August 1st, 2023
Ivanti End Point Manager 2nd Zero Day https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US New Redis Malware Uses Unknown Initial Access Vector https://www.cadosecurity.com/redis-p2pinfect/ https://unit42.paloaltonetworks.com/peer-to-peer-worm-p2pinfect/ Google Android 0-Day Summary https://security.googleblog.com/2023/07/the-ups-and-downs-of-0-days-year-in.html Wiping Sensitive Data from Printers https://psirt.canon/advisory-information/cp2023-003/
ISC StormCast for Tuesday, August 1st, 2023
Ivanti End Point Manager 2nd Zero Day https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US New Redis Malware Uses Unknown Initial Access Vector https://www.cadosecurity.com/redis-p2pinfect/ https://unit42.paloaltonetworks.com/peer-to-peer-worm-p2pinfect/ Google Android 0-Day Summary https://security.googleblog.com/2023/07/the-ups-and-downs-of-0-days-year-in.html Wiping Sensitive Data from Printers https://psirt.canon/advisory-information/cp2023-003/
ISC StormCast for Monday, July 31st, 2023
USPS Phishing Scam Targeting iOS Users https://isc.sans.edu/forums/diary/USPS+Phishing+Scam+Targeting+iOS+Users/30078/ Do Attackers Pay More Attention to IPv6 https://isc.sans.edu/diary/Do%20Attackers%20Pay%20More%20Attention%20to%20IPv6%3F/30076 Shell Code in Images https://isc.sans.edu/diary/ShellCode%20Hidden%20with%20Steganography/30074 Ivanti Mobileiron Exploit Public https://github.com/vchan-in/CVE-2023-35078-Exploit-POC/blob/main/cve_2023_35078_poc.py