A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
CppCast
Every two weeks, or so, we sit down with guests from the C++ community to discuss the latest news and what they have been up to. Find us at cppcast.com
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Friday, August 11th, 2023
Some things never change, such as SQL Authentication "Encryption" https://isc.sans.edu/diary/Some%20things%20never%20change%20%3F%20such%20as%20SQL%20Authentication%20%3Fencryption%3F/30112 Defender Pretender: When Windows Defender Updates Become a Security Risk https://www.blackhat.com/us-23/briefings/schedule/#defender-pretender-when-windows-defender-updates-become-a-security-risk-32706 Dell Compellent Hardcoded Key https://www.dell.com/support/kbdoc/en-us/000216615/dsa-2023-282-security-update-for-dell-storage-integration-tools-for-vmware-dsitv-vulnerabilities Vulnerabilities in Sogou Keyboard https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/
ISC StormCast for Friday, August 11th, 2023
Some things never change, such as SQL Authentication "Encryption" https://isc.sans.edu/diary/Some%20things%20never%20change%20%3F%20such%20as%20SQL%20Authentication%20%3Fencryption%3F/30112 Defender Pretender: When Windows Defender Updates Become a Security Risk https://www.blackhat.com/us-23/briefings/schedule/#defender-pretender-when-windows-defender-updates-become-a-security-risk-32706 Dell Compellent Hardcoded Key https://www.dell.com/support/kbdoc/en-us/000216615/dsa-2023-282-security-update-for-dell-storage-integration-tools-for-vmware-dsitv-vulnerabilities Vulnerabilities in Sogou Keyboard https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/
ISC StormCast for Thursday, August 10th, 2023
Tunnelcrack VPN Vulnerability https://papers.mathyvanhoef.com/usenix2023-tunnelcrack.pdf Mozilla VPN Vulnerablity https://www.openwall.com/lists/oss-security/2023/08/03/1 Non English Exchange Server Patch Issues https://techcommunity.microsoft.com/t5/exchange-team-blog/released-august-2023-exchange-server-security-updates/bc-p/3894481/highlight/true VSCode Token Security https://cycode.com/blog/exposing-vscode-secrets/ Weekly Updates for Google Chrome https://security.googleblog.com/2023/08/an-update-on-chrome-security-updates.html
ISC StormCast for Thursday, August 10th, 2023
Tunnelcrack VPN Vulnerability https://papers.mathyvanhoef.com/usenix2023-tunnelcrack.pdf Mozilla VPN Vulnerablity https://www.openwall.com/lists/oss-security/2023/08/03/1 Non English Exchange Server Patch Issues https://techcommunity.microsoft.com/t5/exchange-team-blog/released-august-2023-exchange-server-security-updates/bc-p/3894481/highlight/true VSCode Token Security https://cycode.com/blog/exposing-vscode-secrets/ Weekly Updates for Google Chrome https://security.googleblog.com/2023/08/an-update-on-chrome-security-updates.html
ISC StormCast for Wednesday, August 9th, 2023
Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202023%20Patch%20Tuesday/30106 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html
ISC StormCast for Wednesday, August 9th, 2023
Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202023%20Patch%20Tuesday/30106 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html
ISC StormCast for Tuesday, August 8th, 2023
Update: Researchers Scanning the Internet https://isc.sans.edu/diary/Update%3A%20Researchers%20scanning%20the%20Internet/30102 Malicious OpenBullet Configuration Files https://www.kasada.io/threat-intel-openbullet-malware/ Abusing Cloudflare Tunnels https://www.guidepointsecurity.com/blog/tunnel-vision-cloudflared-abused-in-the-wild/
ISC StormCast for Tuesday, August 8th, 2023
Update: Researchers Scanning the Internet https://isc.sans.edu/diary/Update%3A%20Researchers%20scanning%20the%20Internet/30102 Malicious OpenBullet Configuration Files https://www.kasada.io/threat-intel-openbullet-malware/ Abusing Cloudflare Tunnels https://www.guidepointsecurity.com/blog/tunnel-vision-cloudflared-abused-in-the-wild/
ISC StormCast for Monday, August 7th, 2023
Are Leaked Credential Dumps Used by Attackers? https://isc.sans.edu/diary/Are%20Leaked%20Credentials%20Dumps%20Used%20by%20Attackers%3F/30098 New PaperCut RCE Vulnerability https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/ Microsoft mitigates Power Platform Custom Code information disclosure vulnerability https://msrc.microsoft.com/blog/2023/08/microsoft-mitigates-power-platform-custom-code-information-disclosure-vulnerability/ Microsoft Publishes Token theft Playbook https://learn.microsoft.com/en-us/security/operations/token-theft-playbook
ISC StormCast for Monday, August 7th, 2023
Are Leaked Credential Dumps Used by Attackers? https://isc.sans.edu/diary/Are%20Leaked%20Credentials%20Dumps%20Used%20by%20Attackers%3F/30098 New PaperCut RCE Vulnerability https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/ Microsoft mitigates Power Platform Custom Code information disclosure vulnerability https://msrc.microsoft.com/blog/2023/08/microsoft-mitigates-power-platform-custom-code-information-disclosure-vulnerability/ Microsoft Publishes Token theft Playbook https://learn.microsoft.com/en-us/security/operations/token-theft-playbook
ISC StormCast for Friday, August 4th, 2023
From small LNK to large malicious BAT file with zero VT score https://isc.sans.edu/diary/From%20small%20LNK%20to%20large%20malicious%20BAT%20file%20with%20zero%20VT%20score/30094 Social Engineering via Microsoft Teams https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/ Automating the Search for LOLBAS https://pentera.io/resources/whitepapers/the-lolbas-odyssey-finding-new-lolbas-and-how-you-can-too/ Sneaky Versioning Used to Bypass Scanners https://thehackernews.com/2023/08/malicious-apps-use-sneaky-versioning.html Aruba Patches https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-010.txt Mitel Patches https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0008
ISC StormCast for Friday, August 4th, 2023
From small LNK to large malicious BAT file with zero VT score https://isc.sans.edu/diary/From%20small%20LNK%20to%20large%20malicious%20BAT%20file%20with%20zero%20VT%20score/30094 Social Engineering via Microsoft Teams https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/ Automating the Search for LOLBAS https://pentera.io/resources/whitepapers/the-lolbas-odyssey-finding-new-lolbas-and-how-you-can-too/ Sneaky Versioning Used to Bypass Scanners https://thehackernews.com/2023/08/malicious-apps-use-sneaky-versioning.html Aruba Patches https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-010.txt Mitel Patches https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0008
ISC StormCast for Thursday, August 3rd, 2023
Zeek and Defender Endpoint https://isc.sans.edu/diary/Zeek%20and%20Defender%20Endpoint/30088 New Ivanti MobileIron Core Vulnerability https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US Salesforce Phishing https://labs.guard.io/phishforce-vulnerability-uncovered-in-salesforces-email-services-exploited-for-phishing-32024ad4b5fa Abusing the Amazon Web Services SSM Agent as a Remote Access Trojan https://www.mitiga.io/blog/abusing-the-amazon-web-services-ssm-agent-as-a-remote-access-trojan
ISC StormCast for Thursday, August 3rd, 2023
Zeek and Defender Endpoint https://isc.sans.edu/diary/Zeek%20and%20Defender%20Endpoint/30088 New Ivanti MobileIron Core Vulnerability https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US Salesforce Phishing https://labs.guard.io/phishforce-vulnerability-uncovered-in-salesforces-email-services-exploited-for-phishing-32024ad4b5fa Abusing the Amazon Web Services SSM Agent as a Remote Access Trojan https://www.mitiga.io/blog/abusing-the-amazon-web-services-ssm-agent-as-a-remote-access-trojan
ISC StormCast for Wednesday, August 2nd, 2023
DNS Over HTTPS Summary https://isc.sans.edu/diary/Summary%20of%20DNS%20over%20HTTPS%20requests%20against%20our%20honeypots./30084 Malware Infects Airgapped Networks https://usa.kaspersky.com/about/press-releases/2023_kaspersky-uncovers-malware-for-targeted-data-exfiltration-from-air-gapped-environments Google Deleting Inactive Accounts https://support.google.com/accounts/answer/12418290?visit_id=638264210155158507-1346504535&p=inactive_account_policy_blog&rd=1 Google AMP Service Used for Phishing https://cofense.com/blog/google-amp-the-newest-of-evasive-phishing-tactic/