A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Thursday, July 27th, 2023
Suspicious IP Addresses Avoided By Malware Samples https://isc.sans.edu/diary/Suspicious%20IP%20Addresses%20Avoided%20by%20Malware%20Samples/30068 Messaging Layer Security (MLS) Protocol https://datatracker.ietf.org/doc/html/rfc9420 PySecDB: Security Commit Dataset in Python https://github.com/SunLab-GMU/PySecDB MacOS Infostealer https://www.sentinelone.com/blog/apple-crimeware-massive-rust-infostealer-campaign-aiming-for-macos-sonoma-ahead-of-public-release/
ISC StormCast for Wednesday, July 26th, 2023
Ivanti Patches Endpoint Manager Mobile https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability?language=en_US Atlassian Patches https://confluence.atlassian.com/security/security-bulletin-july-18-2023-1251417643.html AMD Zen-2 Vulnerability https://lock.cmpxchg8b.com/zenbleed.html VMWare CVE-2023-20891 https://socradar.io/vmwares-response-to-the-critical-cve-2023-20891-vulnerability-exposing-cf-api-admin-credentials/
ISC StormCast for Wednesday, July 26th, 2023
Ivanti Patches Endpoint Manager Mobile https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability?language=en_US Atlassian Patches https://confluence.atlassian.com/security/security-bulletin-july-18-2023-1251417643.html AMD Zen-2 Vulnerability https://lock.cmpxchg8b.com/zenbleed.html VMWare CVE-2023-20891 https://socradar.io/vmwares-response-to-the-critical-cve-2023-20891-vulnerability-exposing-cf-api-admin-credentials/
ISC StormCast for Tuesday, July 25th, 2023
Apple Updates https://isc.sans.edu/forums/diary/Apple%20Updates%20Everything%20%28again%29/30062/ https://support.apple.com/en-us/HT201222 Parsing Data with jq https://isc.sans.edu/diary/JQ%3A%20Another%20Tool%20We%20Thought%20We%20Knew/30060 TETRA Radio Backdoor https://www.wired.com/story/tetra-radio-encryption-backdoor/
ISC StormCast for Tuesday, July 25th, 2023
Apple Updates https://isc.sans.edu/forums/diary/Apple%20Updates%20Everything%20%28again%29/30062/ https://support.apple.com/en-us/HT201222 Parsing Data with jq https://isc.sans.edu/diary/JQ%3A%20Another%20Tool%20We%20Thought%20We%20Knew/30060 TETRA Radio Backdoor https://www.wired.com/story/tetra-radio-encryption-backdoor/
ISC StormCast for Monday, July 24th, 2023
Shodan's API for the (Recon) Win! https://isc.sans.edu/diary/Shodan%27s%20API%20For%20The%20%28Recon%29%20Win!/30050 Stolen Microsoft Key May Have Opened Up a lot more than US Government E-Mail Inboxes https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr https://www.theregister.com/2023/07/21/microsoft_key_skeleton/ Okta Logs Decoded https://www.rezonate.io/blog/okta-logs-decoded-unveiling-identity-threats-through-threat-hunting/ Threat Actors Exploiting Citrix CVE-2023-3519 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a https://github.com/securekomodo/citrixInspector
ISC StormCast for Monday, July 24th, 2023
Shodan's API for the (Recon) Win! https://isc.sans.edu/diary/Shodan%27s%20API%20For%20The%20%28Recon%29%20Win!/30050 Stolen Microsoft Key May Have Opened Up a lot more than US Government E-Mail Inboxes https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr https://www.theregister.com/2023/07/21/microsoft_key_skeleton/ Okta Logs Decoded https://www.rezonate.io/blog/okta-logs-decoded-unveiling-identity-threats-through-threat-hunting/ Threat Actors Exploiting Citrix CVE-2023-3519 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a https://github.com/securekomodo/citrixInspector
ISC StormCast for Friday, July 21st, 2023
Deobfuscation of Malware Delivered Through a .bat File https://isc.sans.edu/diary/Deobfuscation%20of%20Malware%20Delivered%20Through%20a%20.bat%20File/30048 Citrix CVE-2023-3519 Indicators of Compromise https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/ ssh-agent vulnerability https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt Spring Security: WebFlux Security Bypass with Un-Prefixed Double Wildcard Pattern https://spring.io/security/cve-2023-34034 American Megatrends (AMI) MegaRAC BMC Vulnerabilities https://eclypsium.com/research/bmcc-lights-out-forever/
ISC StormCast for Friday, July 21st, 2023
Deobfuscation of Malware Delivered Through a .bat File https://isc.sans.edu/diary/Deobfuscation%20of%20Malware%20Delivered%20Through%20a%20.bat%20File/30048 Citrix CVE-2023-3519 Indicators of Compromise https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/ ssh-agent vulnerability https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt Spring Security: WebFlux Security Bypass with Un-Prefixed Double Wildcard Pattern https://spring.io/security/cve-2023-34034 American Megatrends (AMI) MegaRAC BMC Vulnerabilities https://eclypsium.com/research/bmcc-lights-out-forever/
ISC StormCast for Thursday, July 20th, 2023
Citrix ADC Vulneraiblity CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 https://isc.sans.edu/forums/diary/Citrix%20ADC%20Vulnerability%20CVE-2023-3519%2C%203466%20and%203467%20-%20Patch%20Now!/30044/ HAM Radio Enigma Machine Challenge https://isc.sans.edu/diary/HAM%20Radio%20%2B%20Enigma%20Machine%20Challenge/30042 Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujul2023.html Microsoft Expanding Cloud Logging https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/
ISC StormCast for Thursday, July 20th, 2023
Citrix ADC Vulneraiblity CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 https://isc.sans.edu/forums/diary/Citrix%20ADC%20Vulnerability%20CVE-2023-3519%2C%203466%20and%203467%20-%20Patch%20Now!/30044/ HAM Radio Enigma Machine Challenge https://isc.sans.edu/diary/HAM%20Radio%20%2B%20Enigma%20Machine%20Challenge/30042 Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujul2023.html Microsoft Expanding Cloud Logging https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/
ISC StormCast for Wednesday, July 19th, 2023
Exploit Attempts for "Stagil navigation for Jira Menus & Themes" https://isc.sans.edu/diary/Exploit%20Attempts%20for%20%22Stagil%20navigation%20for%20Jira%20Menus%20%26%20Themes%22%20CVE-2023-26255%20and%20CVE-2023-26256/30038 Citrix Vulnerabilities https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467 Google Cloud Build Service Vulnerability https://orca.security/resources/blog/bad-build-google-cloud-build-potential-supply-chain-attack-vulnerability
ISC StormCast for Wednesday, July 19th, 2023
Exploit Attempts for "Stagil navigation for Jira Menus & Themes" https://isc.sans.edu/diary/Exploit%20Attempts%20for%20%22Stagil%20navigation%20for%20Jira%20Menus%20%26%20Themes%22%20CVE-2023-26255%20and%20CVE-2023-26256/30038 Citrix Vulnerabilities https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467 Google Cloud Build Service Vulnerability https://orca.security/resources/blog/bad-build-google-cloud-build-potential-supply-chain-attack-vulnerability
ISC StormCast for Tuesday, July 18th, 2023
Zimbra Vulnerability Exploited https://blog.zimbra.com/2023/07/security-update-for-zimbra-collaboration-suite-version-8-8-15 Woocommerce Vulnerability Actively Being Exploited https://www.rcesecurity.com/2023/07/patch-diffing-cve-2023-28121-to-compromise-a-woocommerce/ Adobe Coldfusion Flaws exploited https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-coldfusion-rce-bug-exploited-in-attacks/ CISA Cloud Security Fact Sheet: Free Tools for Cloud Environments https://www.cisa.gov/sites/default/files/2023-07/Free%20Tools%20for%20Cloud%20Environments_508c.pdf JumpCloud Breach https://arstechnica.com/security/2023/07/jumpcloud-says-nation-state-hacker-breach-targeted-some-of-its-customers/
ISC StormCast for Tuesday, July 18th, 2023
Zimbra Vulnerability Exploited https://blog.zimbra.com/2023/07/security-update-for-zimbra-collaboration-suite-version-8-8-15 Woocommerce Vulnerability Actively Being Exploited https://www.rcesecurity.com/2023/07/patch-diffing-cve-2023-28121-to-compromise-a-woocommerce/ Adobe Coldfusion Flaws exploited https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-coldfusion-rce-bug-exploited-in-attacks/ CISA Cloud Security Fact Sheet: Free Tools for Cloud Environments https://www.cisa.gov/sites/default/files/2023-07/Free%20Tools%20for%20Cloud%20Environments_508c.pdf JumpCloud Breach https://arstechnica.com/security/2023/07/jumpcloud-says-nation-state-hacker-breach-targeted-some-of-its-customers/