A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Tuesday, January 24th, 2023
Who's Resolving This Domain https://isc.sans.edu/forums/diary/Who's%20Resolving%20This%20Domain%3F/29462/ Apple Updates Everything https://support.apple.com/en-us/HT201222 NSA IPv6 Security Guidance https://media.defense.gov/2023/Jan/18/2003145994/-1/-1/0/CSI_IPV6_SECURITY_GUIDANCE.PDF Roaming Mantis Implements new DNS Changer in tis malicious mobile app https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html
ISC StormCast for Tuesday, January 24th, 2023
Who's Resolving This Domain https://isc.sans.edu/forums/diary/Who's%20Resolving%20This%20Domain%3F/29462/ Apple Updates Everything https://support.apple.com/en-us/HT201222 NSA IPv6 Security Guidance https://media.defense.gov/2023/Jan/18/2003145994/-1/-1/0/CSI_IPV6_SECURITY_GUIDANCE.PDF Roaming Mantis Implements new DNS Changer in tis malicious mobile app https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html
ISC StormCast for Monday, January 23rd, 2023
Imortance of Signing in Windows Environments https://isc.sans.edu/diary/Importance%20of%20signing%20in%20Windows%20environments/29456 FanDuel Discloses Data Breach Caused by Recent Mailchimp Hack https://www.bleepingcomputer.com/news/security/fanduel-discloses-data-breach-caused-by-recent-mailchimp-hack/ OneNote Documents Used to Embed Malicious Office Documents https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trojanized-onenote-document-leads-to-formbook-malware/ Cisco Unified Communications Manager SQL Injection https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-sql-rpPczR8n Possible KeePass Vulnerability https://twitter.com/vomanc/status/1617135599030530054
ISC StormCast for Monday, January 23rd, 2023
Imortance of Signing in Windows Environments https://isc.sans.edu/diary/Importance%20of%20signing%20in%20Windows%20environments/29456 FanDuel Discloses Data Breach Caused by Recent Mailchimp Hack https://www.bleepingcomputer.com/news/security/fanduel-discloses-data-breach-caused-by-recent-mailchimp-hack/ OneNote Documents Used to Embed Malicious Office Documents https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trojanized-onenote-document-leads-to-formbook-malware/ Cisco Unified Communications Manager SQL Injection https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-sql-rpPczR8n Possible KeePass Vulnerability https://twitter.com/vomanc/status/1617135599030530054
ISC StormCast for Friday, January 20th, 2023
SPF and DMARC use on 100k most popular domains https://isc.sans.edu/diary/SPF%20and%20DMARC%20use%20on%20100k%20most%20popular%20domains/29452 Sysmon Exploit Released CVE-2022-41120, CVE-2022-44704 https://github.com/Wh04m1001/SysmonEoP ManageEngine CVE-2022-47966 Technical Deep Dive https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/ Netcomm Router Vulnerablities https://kb.cert.org/vuls/id/986018 Microsoft Pushes Outdated Office Install Check https://www.bleepingcomputer.com/news/microsoft/microsoft-pushes-kb5021751-to-check-for-outdated-office-installs/
ISC StormCast for Friday, January 20th, 2023
SPF and DMARC use on 100k most popular domains https://isc.sans.edu/diary/SPF%20and%20DMARC%20use%20on%20100k%20most%20popular%20domains/29452 Sysmon Exploit Released CVE-2022-41120, CVE-2022-44704 https://github.com/Wh04m1001/SysmonEoP ManageEngine CVE-2022-47966 Technical Deep Dive https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/ Netcomm Router Vulnerablities https://kb.cert.org/vuls/id/986018 Microsoft Pushes Outdated Office Install Check https://www.bleepingcomputer.com/news/microsoft/microsoft-pushes-kb5021751-to-check-for-outdated-office-installs/
ISC StormCast for Thursday, January 19th, 2023
Malicious Google Ads for Fake Notepad++ Lead to Aurora Stealer https://isc.sans.edu/diary/Malicious%20Google%20Ad%20--%3E%20Fake%20Notepad%2B%2B%20Page%20--%3E%20Aurora%20Stealer%20malware/29448 Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujan2023.html QT QML Vulnerability https://blog.talosintelligence.com/vulnerability-spotlight-integer-and-buffer-overflow-vulnerabilities-found-in-qt-qml/ sudo sudoedit vulnerablity https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf
ISC StormCast for Thursday, January 19th, 2023
Malicious Google Ads for Fake Notepad++ Lead to Aurora Stealer https://isc.sans.edu/diary/Malicious%20Google%20Ad%20--%3E%20Fake%20Notepad%2B%2B%20Page%20--%3E%20Aurora%20Stealer%20malware/29448 Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujan2023.html QT QML Vulnerability https://blog.talosintelligence.com/vulnerability-spotlight-integer-and-buffer-overflow-vulnerabilities-found-in-qt-qml/ sudo sudoedit vulnerablity https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf
ISC StormCast for Wednesday, January 18th, 2023
Finding that one GPO setting in a pool of hundreds of GPOs https://isc.sans.edu/diary/Finding%20that%20one%20GPO%20Setting%20in%20a%20Pool%20of%20Hundreds%20of%20GPOs/29442 GIT Code Audit https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif/ Azure SSRF Flaws https://orca.security/resources/blog/ssrf-vulnerabilities-in-four-azure-services/ SMB Insecure Guest Auth Off By Default In Windows 11 Pro https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-insecure-guest-auth-now-off-by-default-in-windows-insider/ba-p/3715014 Packet Tuesday: IPv6 Router Advertisements https://www.youtube.com/watch?v=uRWpB_lYIZ8
ISC StormCast for Wednesday, January 18th, 2023
Finding that one GPO setting in a pool of hundreds of GPOs https://isc.sans.edu/diary/Finding%20that%20one%20GPO%20Setting%20in%20a%20Pool%20of%20Hundreds%20of%20GPOs/29442 GIT Code Audit https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif/ Azure SSRF Flaws https://orca.security/resources/blog/ssrf-vulnerabilities-in-four-azure-services/ SMB Insecure Guest Auth Off By Default In Windows 11 Pro https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-insecure-guest-auth-now-off-by-default-in-windows-insider/ba-p/3715014 Packet Tuesday: IPv6 Router Advertisements https://www.youtube.com/watch?v=uRWpB_lYIZ8
ISC StormCast for Tuesday, January 17th, 2023
PSA: Why you must run an ad blocker when using Google https://isc.sans.edu/diary/PSA%3A%20Why%20you%20must%20run%20an%20ad%20blocker%20when%20using%20Google/29438 NortonLifeLock Password Manager Bruteforcing https://webcache.googleusercontent.com/search?q=cache%3A91Bmx_jTJIkJ%3Ahttps%3A%2F%2Fago.vermont.gov%2Fwp-content%2Fuploads%2F2023%2F01%2F2023-01-09-NortonLifeLock-Gen-Digital-Data-Breach-Notice-to-Consumers.pdf&cd=3&hl=de&ct=clnk&gl=de CVE-2023-0179 Linux kernel stack buffer overflow in nftables: PoC and writeup https://seclists.org/oss-sec/2023/q1/20 MSI (in)Secure Boot https://dawidpotocki.com/en/2023/01/13/msi-insecure-boot/
ISC StormCast for Tuesday, January 17th, 2023
PSA: Why you must run an ad blocker when using Google https://isc.sans.edu/diary/PSA%3A%20Why%20you%20must%20run%20an%20ad%20blocker%20when%20using%20Google/29438 NortonLifeLock Password Manager Bruteforcing https://webcache.googleusercontent.com/search?q=cache%3A91Bmx_jTJIkJ%3Ahttps%3A%2F%2Fago.vermont.gov%2Fwp-content%2Fuploads%2F2023%2F01%2F2023-01-09-NortonLifeLock-Gen-Digital-Data-Breach-Notice-to-Consumers.pdf&cd=3&hl=de&ct=clnk&gl=de CVE-2023-0179 Linux kernel stack buffer overflow in nftables: PoC and writeup https://seclists.org/oss-sec/2023/q1/20 MSI (in)Secure Boot https://dawidpotocki.com/en/2023/01/13/msi-insecure-boot/
ISC StormCast for Monday, January 16th, 2023
Elon Musk Themed Crypto Scams Flooding YouTube Today https://isc.sans.edu/diary/Elon%20Musk%20Themed%20Crypto%20Scams%20Flooding%20YouTube%20Today/29434 Microsoft Text to Speech Synthesizer https://arxiv.org/pdf/2301.02111.pdf Missing Windows Start Menu https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-22H2#2998msgdesc
ISC StormCast for Monday, January 16th, 2023
Elon Musk Themed Crypto Scams Flooding YouTube Today https://isc.sans.edu/diary/Elon%20Musk%20Themed%20Crypto%20Scams%20Flooding%20YouTube%20Today/29434 Microsoft Text to Speech Synthesizer https://arxiv.org/pdf/2301.02111.pdf Missing Windows Start Menu https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-22H2#2998msgdesc
ISC StormCast for Friday, January 13th, 2023
Prowler v3: AWS & Azure security assessments https://isc.sans.edu/diary/Prowler%20v3%3A%20AWS%20%26%20Azure%20security%20assessments/29430 Certified Pre-Pw0ned Android TV https://github.com/DesktopECHO/T95-H616-Malware Revolte Attack https://revolte-attack.net NGFW Data Exfiltration https://cymulate.com/blog/data-exfiltration-firewall/