SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
#news #technews #technology #news #dailynews

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Similar Podcasts

The Cynical Developer

The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career, through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.

CppCast

CppCast
Every two weeks, or so, we sit down with guests from the C++ community to discuss the latest news and what they have been up to. Find us at cppcast.com

Elixir Outlaws

Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.

ISC StormCast for Monday, September 25th, 2023

September 24, 2023 7:08 6.3 MB Downloads: 0

Scanning for Laravel - a PHP Framework for Web Artisants https://isc.sans.edu/forums/diary/Scanning%20for%20Laravel%20-%20a%20PHP%20Framework%20for%20Web%20Artisants/30242/ Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT https://unit42.paloaltonetworks.com/fake-cve-2023-40477-poc-hides-venomrat/ Unmasking a Sophistiacted Phishing Campaign That Targets Hotel Guests https://www.akamai.com/blog/security-research/sophisticated-phishing-campaign-targeting-hospitality BSides JAX October 14th https://www.bsidesjax.org/ tickets: https://www.eventbrite.com/e/bsides-jacksonville-2023-registration-566463807497?aff=oddtdtcreator

ISC StormCast for Monday, September 25th, 2023

September 24, 2023 7:08 6.3 MB Downloads: 0

Scanning for Laravel - a PHP Framework for Web Artisants https://isc.sans.edu/forums/diary/Scanning%20for%20Laravel%20-%20a%20PHP%20Framework%20for%20Web%20Artisants/30242/ Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT https://unit42.paloaltonetworks.com/fake-cve-2023-40477-poc-hides-venomrat/ Unmasking a Sophistiacted Phishing Campaign That Targets Hotel Guests https://www.akamai.com/blog/security-research/sophisticated-phishing-campaign-targeting-hospitality BSides JAX October 14th https://www.bsidesjax.org/ tickets: https://www.eventbrite.com/e/bsides-jacksonville-2023-registration-566463807497?aff=oddtdtcreator

ISC StormCast for Friday, September 22nd, 2023

September 21, 2023 6:03 5.38 MB Downloads: 0

Apple Patches Three 0-Days https://isc.sans.edu/diary/Apple+Patches+Three+New+0Day+Vulnerabilities+Affecting+iOSiPadOSwatchOSmacOS/30238 WebP Vulnerability https://blog.isosceles.com/the-webp-0day/ MOVEit Transfer Service Pack https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-September-2023 Improved Passkey Support in Windows 11 https://www.microsoft.com/en-us/security/blog/2023/09/21/new-microsoft-security-tools-to-protect-families-and-businesses/

ISC StormCast for Friday, September 22nd, 2023

September 21, 2023 6:03 5.38 MB Downloads: 0

Apple Patches Three 0-Days https://isc.sans.edu/diary/Apple+Patches+Three+New+0Day+Vulnerabilities+Affecting+iOSiPadOSwatchOSmacOS/30238 WebP Vulnerability https://blog.isosceles.com/the-webp-0day/ MOVEit Transfer Service Pack https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-September-2023 Improved Passkey Support in Windows 11 https://www.microsoft.com/en-us/security/blog/2023/09/21/new-microsoft-security-tools-to-protect-families-and-businesses/

ISC StormCast for Thursday, September 21st, 2023

September 20, 2023 5:58 5.31 MB Downloads: 0

What's Normal: DNS TTL Values https://isc.sans.edu/forums/diary/What's%20Normal%3F%20DNS%20TTL%20Values/30234/ CISA Highlights Snatch Ransomware https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-263a npm packages caught exfiltrating Kubernetes config, SSH keys https://blog.sonatype.com/npm-packages-caught-exfiltrating-kubernetes-config-ssh-keys Nagios XI Vulnerabilities https://outpost24.com/blog/nagios-xi-vulnerabilities/

ISC StormCast for Thursday, September 21st, 2023

September 20, 2023 5:58 5.31 MB Downloads: 0

What's Normal: DNS TTL Values https://isc.sans.edu/forums/diary/What's%20Normal%3F%20DNS%20TTL%20Values/30234/ CISA Highlights Snatch Ransomware https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-263a npm packages caught exfiltrating Kubernetes config, SSH keys https://blog.sonatype.com/npm-packages-caught-exfiltrating-kubernetes-config-ssh-keys Nagios XI Vulnerabilities https://outpost24.com/blog/nagios-xi-vulnerabilities/

ISC StormCast for Wednesday, September 20th, 2023

September 19, 2023 5:23 4.82 MB Downloads: 0

Obfuscated Scans For Older Adobe Experience Manager Vulnerabilities https://isc.sans.edu/diary/Obfuscated%20Scans%20for%20Older%20Adobe%20Experience%20Manager%20Vulnerabilities/30230 Trend Micro Apex One 0-day https://success.trendmicro.com/dcx/s/solution/000294994?language=en_US SprySOCKS Backdoor https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html GitLab Patches https://about.gitlab.com/releases/2023/09/18/security-release-gitlab-16-3-4-released/

ISC StormCast for Wednesday, September 20th, 2023

September 19, 2023 5:23 4.82 MB Downloads: 0

Obfuscated Scans For Older Adobe Experience Manager Vulnerabilities https://isc.sans.edu/diary/Obfuscated%20Scans%20for%20Older%20Adobe%20Experience%20Manager%20Vulnerabilities/30230 Trend Micro Apex One 0-day https://success.trendmicro.com/dcx/s/solution/000294994?language=en_US SprySOCKS Backdoor https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html GitLab Patches https://about.gitlab.com/releases/2023/09/18/security-release-gitlab-16-3-4-released/

ISC StormCast for Tuesday, September 19th, 2023

September 18, 2023 5:26 4.86 MB Downloads: 0

Internet Wide Multi VPN Search from Single /24 Network https://isc.sans.edu/diary/Internet%20Wide%20Multi%20VPN%20Search%20From%20Single%20%2024%20Network/30226 iOS/iPadOS/tvOS/WatchOS Updates https://support.apple.com/en-us/HT201222 Juniper Vuln Details/Exploit CVE-2023-36845 https://vulncheck.com/blog/juniper-cve-2023-36845

ISC StormCast for Tuesday, September 19th, 2023

September 18, 2023 5:26 4.86 MB Downloads: 0

Internet Wide Multi VPN Search from Single /24 Network https://isc.sans.edu/diary/Internet%20Wide%20Multi%20VPN%20Search%20From%20Single%20%2024%20Network/30226 iOS/iPadOS/tvOS/WatchOS Updates https://support.apple.com/en-us/HT201222 Juniper Vuln Details/Exploit CVE-2023-36845 https://vulncheck.com/blog/juniper-cve-2023-36845

ISC StormCast for Monday, September 18th, 2023

September 17, 2023 5:47 5.16 MB Downloads: 0

When MFA isn't actually MFA https://retool.com/blog/mfa-isnt-mfa/ QNAP Patches https://www.qnap.com/en/security-advisories?ref=security_advisory_details Chrome able to use Apple Keychain Passkeys https://9to5google.com/2023/09/14/chrome-118-icloud-passkey/ Fortinet XSS https://fortiguard.fortinet.com/psirt/FG-IR-23-106 vBulletin XSS https://gist.github.com/GiongfNef/8fe658dce4c7fcf3a7b4e6387e50141c

ISC StormCast for Monday, September 18th, 2023

September 17, 2023 5:47 5.16 MB Downloads: 0

When MFA isn't actually MFA https://retool.com/blog/mfa-isnt-mfa/ QNAP Patches https://www.qnap.com/en/security-advisories?ref=security_advisory_details Chrome able to use Apple Keychain Passkeys https://9to5google.com/2023/09/14/chrome-118-icloud-passkey/ Fortinet XSS https://fortiguard.fortinet.com/psirt/FG-IR-23-106 vBulletin XSS https://gist.github.com/GiongfNef/8fe658dce4c7fcf3a7b4e6387e50141c

ISC StormCast for Friday, September 15th, 2023

September 14, 2023 5:37 5.03 MB Downloads: 0

DShield and eqmu Sitting in a Tree: L-O-G-G-I-N-G https://isc.sans.edu/diary/DShield%20and%20qemu%20Sitting%20in%20a%20Tree%3A%20L-O-G-G-I-N-G/30216 Uncursing the ncurses memory corruption vulnerabilities https://www.microsoft.com/en-us/security/blog/2023/09/14/uncursing-the-ncurses-memory-corruption-vulnerabilities-found-in-library/ Arbitrary code execution via Windows Themes (CVE-2023-38146) https://exploits.forsale/themebleed/ 3AM Ransomware used if LockBit Fails https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/3am-ransomware-lockbit

ISC StormCast for Friday, September 15th, 2023

September 14, 2023 5:37 5.03 MB Downloads: 0

DShield and eqmu Sitting in a Tree: L-O-G-G-I-N-G https://isc.sans.edu/diary/DShield%20and%20qemu%20Sitting%20in%20a%20Tree%3A%20L-O-G-G-I-N-G/30216 Uncursing the ncurses memory corruption vulnerabilities https://www.microsoft.com/en-us/security/blog/2023/09/14/uncursing-the-ncurses-memory-corruption-vulnerabilities-found-in-library/ Arbitrary code execution via Windows Themes (CVE-2023-38146) https://exploits.forsale/themebleed/ 3AM Ransomware used if LockBit Fails https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/3am-ransomware-lockbit

ISC StormCast for Thursday, September 14th, 2023

September 13, 2023 5:42 5.09 MB Downloads: 0

Backdoored Free DownloadManager https://securelist.com/backdoored-free-download-manager-linux-malware/110465/ Foxit PDF Reader Updates https://www.foxit.com/support/security-bulletins.html macOS MetaStealer: New Family of Obfuscated Go Infostealers https://www.sentinelone.com/blog/macos-metastealer-new-family-of-obfuscated-go-infostealers-spread-in-targeted-attacks/ Windows 11 to Support Blocking SMB NTLM Hashes https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-ntlm-blocking-now-supported-in-windows-insider/ba-p/3916206