A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Tuesday, November 28th, 2023
Scans for ownCloud Vulnerability (CVE-2023-49103) https://isc.sans.edu/diary/Scans%20for%20ownCloud%20Vulnerability%20%28CVE-2023-49103%29/30432 Windows Hello Fingerprint Reader Weakness https://blackwinghq.com/blog/posts/a-touch-of-pwn-part-i/
ISC StormCast for Tuesday, November 28th, 2023
Scans for ownCloud Vulnerability (CVE-2023-49103) https://isc.sans.edu/diary/Scans%20for%20ownCloud%20Vulnerability%20%28CVE-2023-49103%29/30432 Windows Hello Fingerprint Reader Weakness https://blackwinghq.com/blog/posts/a-touch-of-pwn-part-i/
ISC StormCast for Monday, November 27th, 2023
DShield Birthday https://isc.sans.edu/diary/Happy%20Birthday%20DShield/30420 Mirai uses CVE-2023-1389 https://isc.sans.edu/diary/CVE-2023-1389%3A%20A%20New%20Means%20to%20Expand%20Botnets/30418 More Mirai Vulnerabilities https://www.akamai.com/blog/security-research/new-rce-botnet-spreads-mirai-via-zero-days Analyzing OVA Files https://isc.sans.edu/diary/OVA%20Files/30424 Static Code Injections in OpenCart (CVE-2023-47444) https://github.com/opencart/opencart/issues/12947 Holiday Hackchallenge https://www.sans.org/mlp/holiday-hack-challenge-2023/
ISC StormCast for Monday, November 27th, 2023
DShield Birthday https://isc.sans.edu/diary/Happy%20Birthday%20DShield/30420 Mirai uses CVE-2023-1389 https://isc.sans.edu/diary/CVE-2023-1389%3A%20A%20New%20Means%20to%20Expand%20Botnets/30418 More Mirai Vulnerabilities https://www.akamai.com/blog/security-research/new-rce-botnet-spreads-mirai-via-zero-days Analyzing OVA Files https://isc.sans.edu/diary/OVA%20Files/30424 Static Code Injections in OpenCart (CVE-2023-47444) https://github.com/opencart/opencart/issues/12947 Holiday Hackchallenge https://www.sans.org/mlp/holiday-hack-challenge-2023/
ISC StormCast for Friday, November 17th, 2023
Beyond -n: Optimizign tcpdump performance https://isc.sans.edu/forums/diary/Beyond%20-n%3A%20Optimizing%20tcpdump%20performance/30408/ Zimbra 0-day used to target international government organizations https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/ FortiSIEM OS command injection in Report Server https://www.fortiguard.com/psirt/FG-IR-23-135 AI Exploit Collection https://github.com/protectai/ai-exploits CrushFTP Remote Code Execution https://convergetp.com/2023/11/16/crushftp-zero-day-cve-2023-43177-discovered/ Scott Poley: The Cyber Date Paradox: Storing Less, Discovering More https://www.sans.edu/cyber-research/cyber-data-paradox-storing-less-discovering-more/
ISC StormCast for Friday, November 17th, 2023
Beyond -n: Optimizign tcpdump performance https://isc.sans.edu/forums/diary/Beyond%20-n%3A%20Optimizing%20tcpdump%20performance/30408/ Zimbra 0-day used to target international government organizations https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/ FortiSIEM OS command injection in Report Server https://www.fortiguard.com/psirt/FG-IR-23-135 AI Exploit Collection https://github.com/protectai/ai-exploits CrushFTP Remote Code Execution https://convergetp.com/2023/11/16/crushftp-zero-day-cve-2023-43177-discovered/ Scott Poley: The Cyber Date Paradox: Storing Less, Discovering More https://www.sans.edu/cyber-research/cyber-data-paradox-storing-less-discovering-more/
ISC StormCast for Thursday, November 16th, 2023
Redline Dropped Through MSIX Package https://isc.sans.edu/diary/Redline%20Dropped%20Through%20MSIX%20Package/30404 ChatGPT Code Interpreter Security Hole https://www.tomshardware.com/news/chatgpt-code-interpreter-security-hole Directory Traversal in Reactor Netty CVE-2023-34062 https://spring.io/security/cve-2023-34062 Aruba Networking Product Vulnerabilities https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt HARArmor https://harmor.dev/
ISC StormCast for Thursday, November 16th, 2023
Redline Dropped Through MSIX Package https://isc.sans.edu/diary/Redline%20Dropped%20Through%20MSIX%20Package/30404 ChatGPT Code Interpreter Security Hole https://www.tomshardware.com/news/chatgpt-code-interpreter-security-hole Directory Traversal in Reactor Netty CVE-2023-34062 https://spring.io/security/cve-2023-34062 Aruba Networking Product Vulnerabilities https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt HARArmor https://harmor.dev/
ISC StormCast for Wednesday, November 15th, 2023
Microsoft Patches https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20November%202023/30400 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html Intel CPU Glitch State Patch https://lock.cmpxchg8b.com/reptar.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html
ISC StormCast for Wednesday, November 15th, 2023
Microsoft Patches https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20November%202023/30400 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html Intel CPU Glitch State Patch https://lock.cmpxchg8b.com/reptar.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html
ISC StormCast for Tuesday, November 14th, 2023
Noticing command control channels by reviewing DNS protocols https://isc.sans.edu/diary/Noticing%20command%20and%20control%20channels%20by%20reviewing%20DNS%20protocols/30396 Passive SSH Key Compromise via Lattices https://eprint.iacr.org/2023/1711.pdf Juniper Vulnerabilities Exploited https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US
ISC StormCast for Tuesday, November 14th, 2023
Noticing command control channels by reviewing DNS protocols https://isc.sans.edu/diary/Noticing%20command%20and%20control%20channels%20by%20reviewing%20DNS%20protocols/30396 Passive SSH Key Compromise via Lattices https://eprint.iacr.org/2023/1711.pdf Juniper Vulnerabilities Exploited https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US
ISC StormCast for Monday, November 13th, 2023
Routers Targeted for Gafgyt Botnet https://isc.sans.edu/forums/diary/Routers%20Targeted%20for%20Gafgyt%20Botnet%20%5BGuest%20Diary%5D/30390/ ScreenConnect used to Attack Healthcare https://www.huntress.com/blog/third-party-pharmaceutical-vendor-linked-to-pharmacy-and-health-clinic-cyberattack Fake Skills Assessment Portals Associated with Sapphire Sleet https://twitter.com/MsftSecIntel/status/1722316019920728437 OpenVPN Access Server Vulnerabilities https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/
ISC StormCast for Monday, November 13th, 2023
Routers Targeted for Gafgyt Botnet https://isc.sans.edu/forums/diary/Routers%20Targeted%20for%20Gafgyt%20Botnet%20%5BGuest%20Diary%5D/30390/ ScreenConnect used to Attack Healthcare https://www.huntress.com/blog/third-party-pharmaceutical-vendor-linked-to-pharmacy-and-health-clinic-cyberattack Fake Skills Assessment Portals Associated with Sapphire Sleet https://twitter.com/MsftSecIntel/status/1722316019920728437 OpenVPN Access Server Vulnerabilities https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/
ISC StormCast for Friday, November 10th, 2023
Visual Examples of Code Injection https://isc.sans.edu/diary/Visual%20Examples%20of%20Code%20Injection/30388 SysAid Exploited by Cl0p Ransomware (CVE-2023-47246) https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification WS_FTP Server Update CVE-2023-42659 https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-November-2023 Malvertiser copies PC news site to delivery infostealer https://www.malwarebytes.com/blog/threat-intelligence/2023/11/malvertiser-copies-pc-news-site-to-deliver-infostealer pyArrow/Apache Arrow Vulnerability https://lists.apache.org/thread/yhy7tdfjf9hrl9vfrtzo8p2cyjq87v7n