A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
CppCast
Every two weeks, or so, we sit down with guests from the C++ community to discuss the latest news and what they have been up to. Find us at cppcast.com
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Thursday, October 5th, 2023
Normal Connections https://isc.sans.edu/diary/Whats+Normal+Connection+Sizes/30278/ Apple Patches https://isc.sans.edu/diary/Apple%20fixes%20vulnerabilities%20in%20iOS%20and%20iPadOS./30280 Looney Tunables Linux Privilege Escalation https://blog.qualys.com/vulnerabilities-threat-research/2023/10/03/cve-2023-4911-looney-tunables-local-privilege-escalation-in-the-glibcs-ld-so Atlasian Confluence Server Vulnerability https://jira.atlassian.com/browse/CONFSERVER-92475
ISC StormCast for Wednesday, October 4th, 2023
Are Local LLMs Useful in Incident Response? https://isc.sans.edu/diary/Are%20Local%20LLMs%20Useful%20in%20Incident%20Response%3F/30274 Pytorch Vulnerability https://github.com/advisories/GHSA-4mqg-h5jf-j9m7 BING Reads Captchas https://twitter.com/literallydenis/status/1708283962399846459 Evilproxy vs. Microsoft 365 https://www.menlosecurity.com/blog/evilproxy-phishing-attack-strikes-indeed/
ISC StormCast for Wednesday, October 4th, 2023
Are Local LLMs Useful in Incident Response? https://isc.sans.edu/diary/Are%20Local%20LLMs%20Useful%20in%20Incident%20Response%3F/30274 Pytorch Vulnerability https://github.com/advisories/GHSA-4mqg-h5jf-j9m7 BING Reads Captchas https://twitter.com/literallydenis/status/1708283962399846459 Evilproxy vs. Microsoft 365 https://www.menlosecurity.com/blog/evilproxy-phishing-attack-strikes-indeed/
ISC StormCast for Tuesday, October 3rd, 2023
Friendly Reminder: ZIP Metadata is Not Encrypted https://isc.sans.edu/diary/Friendly%20Reminder%3A%20ZIP%20Metadata%20is%20Not%20Encrypted/30268 EXIM New Version Released https://www.exim.org/static/doc/security/CVE-2023-zdi.txt Mail GPU Kernel Driver Allows Improper GPU Memory Processing Operations https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Bing AI Serves Malicous Ads https://www.malwarebytes.com/blog/threat-intelligence/2023/09/malicious-ad-served-inside-bing-ai-chatbot Google Announces Robots.txt Ad-Restrictions https://developers.google.com/search/docs/crawling-indexing/overview-google-crawlers#adsbot-mobile-web-android
ISC StormCast for Tuesday, October 3rd, 2023
Friendly Reminder: ZIP Metadata is Not Encrypted https://isc.sans.edu/diary/Friendly%20Reminder%3A%20ZIP%20Metadata%20is%20Not%20Encrypted/30268 EXIM New Version Released https://www.exim.org/static/doc/security/CVE-2023-zdi.txt Mail GPU Kernel Driver Allows Improper GPU Memory Processing Operations https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Bing AI Serves Malicous Ads https://www.malwarebytes.com/blog/threat-intelligence/2023/09/malicious-ad-served-inside-bing-ai-chatbot Google Announces Robots.txt Ad-Restrictions https://developers.google.com/search/docs/crawling-indexing/overview-google-crawlers#adsbot-mobile-web-android
ISC StormCast for Monday, October 2nd, 2023
Analyzing MIME Files: a Quick Tip https://isc.sans.edu/diary/Analyzing%20MIME%20Files%3A%20a%20Quick%20Tip/30266 Infostealers Looking for Password Files https://isc.sans.edu/diary/Are+You+Still+Storing+Passwords+In+Plain+Text+Files/30262/ Simple Netcat Backdoor https://isc.sans.edu/diary/Simple+Netcat+Backdoor+in+Python+Script/30264/ EXIM Response to the ZDI Release https://exim.org/static/doc/security/CVE-2023-zdi.txt Exploit for WS_FTP Vulnerability https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044
ISC StormCast for Monday, October 2nd, 2023
Analyzing MIME Files: a Quick Tip https://isc.sans.edu/diary/Analyzing%20MIME%20Files%3A%20a%20Quick%20Tip/30266 Infostealers Looking for Password Files https://isc.sans.edu/diary/Are+You+Still+Storing+Passwords+In+Plain+Text+Files/30262/ Simple Netcat Backdoor https://isc.sans.edu/diary/Simple+Netcat+Backdoor+in+Python+Script/30264/ EXIM Response to the ZDI Release https://exim.org/static/doc/security/CVE-2023-zdi.txt Exploit for WS_FTP Vulnerability https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044
ISC StormCast for Friday, September 29th, 2023
IPv4 Addresses in Little Endian Decimal Format https://isc.sans.edu/diary/IPv4%20Addresses%20in%20Little%20Endian%20Decimal%20Format/30256 Chrome Update fixes 0-day Vulnerability https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html Unpatched EXIM Vulnerabilities https://www.zerodayinitiative.com/advisories/ZDI-23-1469/ WS_FTP Vulnerabilities https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023
ISC StormCast for Friday, September 29th, 2023
IPv4 Addresses in Little Endian Decimal Format https://isc.sans.edu/diary/IPv4%20Addresses%20in%20Little%20Endian%20Decimal%20Format/30256 Chrome Update fixes 0-day Vulnerability https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html Unpatched EXIM Vulnerabilities https://www.zerodayinitiative.com/advisories/ZDI-23-1469/ WS_FTP Vulnerabilities https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023
ISC StormCast for Thursday, September 28th, 2023
GPU Sidechannel Attack https://www.hertzbleed.com/gpu.zip/GPU-zip.pdf Router Firmware Compromised for Persistent Access https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csa-cyber-report-sept-2023 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a More libwebp vulnerability confusion https://www.cve.org/CVERecord?id=CVE-2023-5129 https://arstechnica.com/security/2023/09/google-quietly-corrects-previously-submitted-disclosure-for-critical-webp-0-day/ Fake Dependabot Commits https://checkmarx.com/blog/surprise-when-dependabot-contributes-malicious-code/
ISC StormCast for Thursday, September 28th, 2023
GPU Sidechannel Attack https://www.hertzbleed.com/gpu.zip/GPU-zip.pdf Router Firmware Compromised for Persistent Access https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csa-cyber-report-sept-2023 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a More libwebp vulnerability confusion https://www.cve.org/CVERecord?id=CVE-2023-5129 https://arstechnica.com/security/2023/09/google-quietly-corrects-previously-submitted-disclosure-for-critical-webp-0-day/ Fake Dependabot Commits https://checkmarx.com/blog/surprise-when-dependabot-contributes-malicious-code/
ISC StormCast for Wednesday, September 27th, 2023
A new spint on the ZeroFont phishing technique https://isc.sans.edu/diary/A%20new%20spin%20on%20the%20ZeroFont%20phishing%20technique/30248 macOS Sonoma Updates https://isc.sans.edu/diary/Apple%20Releases%20MacOS%20Sonoma%20Including%20Numerous%20Security%20Patches/30252
ISC StormCast for Wednesday, September 27th, 2023
A new spint on the ZeroFont phishing technique https://isc.sans.edu/diary/A%20new%20spin%20on%20the%20ZeroFont%20phishing%20technique/30248 macOS Sonoma Updates https://isc.sans.edu/diary/Apple%20Releases%20MacOS%20Sonoma%20Including%20Numerous%20Security%20Patches/30252
ISC StormCast for Tuesday, September 26th, 2023
LuaJIT Malware https://www.sentinelone.com/labs/sandman-apt-a-mystery-group-targeting-telcos-with-a-luajit-toolkit/ NPM systeminformation flaw https://systeminformation.io/security.html Team City Authentication Bypass https://twitter.com/ptswarm/status/1706223917008834748
ISC StormCast for Tuesday, September 26th, 2023
LuaJIT Malware https://www.sentinelone.com/labs/sandman-apt-a-mystery-group-targeting-telcos-with-a-luajit-toolkit/ NPM systeminformation flaw https://systeminformation.io/security.html Team City Authentication Bypass https://twitter.com/ptswarm/status/1706223917008834748