A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Tuesday, June 20th, 2023
Formbook From Possible ModiLoaeder (DBatLoader) https://isc.sans.edu/diary/Formbook%20from%20Possible%20ModiLoader%20%28DBatLoader%29%20/29958 Brute-Force ZIP Password Cracking with zipdump.py https://isc.sans.edu/diary/Brute-Force%20ZIP%20Password%20Cracking%20with%20zipdump.py/29948 Malware Delivered Through .inf File https://isc.sans.edu/diary/Malware%20Delivered%20Through%20.inf%20File/29960 FortiNAC - Just a few more RCEs https://frycos.github.io/vulns4free/2023/06/18/fortinac.html
ISC StormCast for Tuesday, June 20th, 2023
Formbook From Possible ModiLoaeder (DBatLoader) https://isc.sans.edu/diary/Formbook%20from%20Possible%20ModiLoader%20%28DBatLoader%29%20/29958 Brute-Force ZIP Password Cracking with zipdump.py https://isc.sans.edu/diary/Brute-Force%20ZIP%20Password%20Cracking%20with%20zipdump.py/29948 Malware Delivered Through .inf File https://isc.sans.edu/diary/Malware%20Delivered%20Through%20.inf%20File/29960 FortiNAC - Just a few more RCEs https://frycos.github.io/vulns4free/2023/06/18/fortinac.html
ISC StormCast for Friday, June 16th, 2023
Supervision and Verfication in Vulnerability Management https://isc.sans.edu/diary/Supervision%20and%20Verification%20in%20Vulnerability%20Management/29952 More MOVEit issues https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023 Critical Citrix Sharefile Storagezones Controller https://support.citrix.com/article/CTX559517/sharefile-storagezones-controller-security-update-for-cve202324489 Chromeloader Malware Update https://threatresearch.ext.hp.com/shampoo-a-new-chromeloader-campaign/ Bignum NPM Package Compromise https://checkmarx.com/blog/hijacking-s3-buckets-new-attack-technique-exploited-in-the-wild-by-supply-chain-attackers
ISC StormCast for Friday, June 16th, 2023
Supervision and Verfication in Vulnerability Management https://isc.sans.edu/diary/Supervision%20and%20Verification%20in%20Vulnerability%20Management/29952 More MOVEit issues https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023 Critical Citrix Sharefile Storagezones Controller https://support.citrix.com/article/CTX559517/sharefile-storagezones-controller-security-update-for-cve202324489 Chromeloader Malware Update https://threatresearch.ext.hp.com/shampoo-a-new-chromeloader-campaign/ Bignum NPM Package Compromise https://checkmarx.com/blog/hijacking-s3-buckets-new-attack-technique-exploited-in-the-wild-by-supply-chain-attackers
ISC StormCast for Thursday, June 15th, 2023
Deobfuscating a VBS Script With Custom Encoding https://isc.sans.edu/diary/Deobfuscating%20a%20VBS%20Script%20With%20Custom%20Encoding/29940 Every Signature is Broken: On the Insecurity of Microsoft Office s OOXML Signatures https://www.usenix.org/conference/usenixsecurity23/presentation/rohlmann How to Manage the Vulnerailbity Associated with CVE-2023-32019 https://support.microsoft.com/en-gb/topic/kb5028407-how-to-manage-the-vulnerability-associated-with-cve-2023-32019-bd6ed35f-48b1-41f6-bd19-d2d97270f080 Fake Security Research GitHub Repos https://vulncheck.com/blog/fake-repos-deliver-malicious-implant Fortigate Vuln Details https://blog.lexfo.fr/xortigate-cve-2023-27997.html Zoom Updates https://explore.zoom.us/en/trust/security/security-bulletin/
ISC StormCast for Thursday, June 15th, 2023
Deobfuscating a VBS Script With Custom Encoding https://isc.sans.edu/diary/Deobfuscating%20a%20VBS%20Script%20With%20Custom%20Encoding/29940 Every Signature is Broken: On the Insecurity of Microsoft Office s OOXML Signatures https://www.usenix.org/conference/usenixsecurity23/presentation/rohlmann How to Manage the Vulnerailbity Associated with CVE-2023-32019 https://support.microsoft.com/en-gb/topic/kb5028407-how-to-manage-the-vulnerability-associated-with-cve-2023-32019-bd6ed35f-48b1-41f6-bd19-d2d97270f080 Fake Security Research GitHub Repos https://vulncheck.com/blog/fake-repos-deliver-malicious-implant Fortigate Vuln Details https://blog.lexfo.fr/xortigate-cve-2023-27997.html Zoom Updates https://explore.zoom.us/en/trust/security/security-bulletin/
ISC StormCast for Wednesday, June 14th, 2023
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/June%202023%20Microsoft%20Patch%20Tuesday/29942/ VMWare 0-Day https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass https://www.vmware.com/security/advisories/VMSA-2023-0013.html SAP Patches https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
ISC StormCast for Wednesday, June 14th, 2023
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/June%202023%20Microsoft%20Patch%20Tuesday/29942/ VMWare 0-Day https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass https://www.vmware.com/security/advisories/VMSA-2023-0013.html SAP Patches https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
ISC StormCast for Tuesday, June 13th, 2023
Geoserver Attack Details: More Cryptominers Against Unconfigured WebApps https://isc.sans.edu/diary/Geoserver%20Attack%20Details%3A%20More%20Cryptominers%20against%20Unconfigured%20WebApps/29936 Fortinet Update CVE-2023-27997 https://www.fortiguard.com/psirt/FG-IR-23-097 Bitwarden Key Accessible By Low Privileged User https://hackerone.com/reports/1874155 Western Digital SMART Flag Abuse https://arstechnica.com/gadgets/2023/06/clearly-predatory-western-digital-sparks-panic-anger-for-age-shaming-hdds/
ISC StormCast for Tuesday, June 13th, 2023
Geoserver Attack Details: More Cryptominers Against Unconfigured WebApps https://isc.sans.edu/diary/Geoserver%20Attack%20Details%3A%20More%20Cryptominers%20against%20Unconfigured%20WebApps/29936 Fortinet Update CVE-2023-27997 https://www.fortiguard.com/psirt/FG-IR-23-097 Bitwarden Key Accessible By Low Privileged User https://hackerone.com/reports/1874155 Western Digital SMART Flag Abuse https://arstechnica.com/gadgets/2023/06/clearly-predatory-western-digital-sparks-panic-anger-for-age-shaming-hdds/
ISC StormCast for Monday, June 12th, 2023
Undetected PowerShell Backdoor Disduigsed as a Profiled File https://isc.sans.edu/diary/Undetected%20PowerShell%20Backdoor%20Disguised%20as%20a%20Profile%20File/29930 DShield Honeypot Activity for May 2023 https://isc.sans.edu/diary/DShield%20Honeypot%20Activity%20for%20May%202023%20/29932 Second MOVEit Vulnerability https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability Fortinet Patches CVE-2023-27997 https://twitter.com/cfreal_/status/1667852157536616451
ISC StormCast for Monday, June 12th, 2023
Undetected PowerShell Backdoor Disduigsed as a Profiled File https://isc.sans.edu/diary/Undetected%20PowerShell%20Backdoor%20Disguised%20as%20a%20Profile%20File/29930 DShield Honeypot Activity for May 2023 https://isc.sans.edu/diary/DShield%20Honeypot%20Activity%20for%20May%202023%20/29932 Second MOVEit Vulnerability https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability Fortinet Patches CVE-2023-27997 https://twitter.com/cfreal_/status/1667852157536616451
ISC StormCast for Friday, June 9th, 2023
Geoserver Scans https://isc.sans.edu/diary/Ongoing%20scans%20for%20Geoserver/29926 Barracuda Recommends Replacing Compromised Devices https://www.barracuda.com/company/legal/esg-vulnerability Google improves Chrome Password Manager https://www.msn.com/en-us/news/other/chrome-adds-windows-biometric-logins-to-its-password-powers/ar-AA1ciCCf Minecraft Mods Include Malicious Code https://www.bleepingcomputer.com/news/security/new-fractureiser-malware-used-curseforge-minecraft-mods-to-infect-windows-linux/ Trend Micro Service Pack https://files.trendmicro.com/documentation/readme/Apex%20One/2020/apex_one_2019_win_cp_b12033_EN_Critical_Patch_Readme.html
ISC StormCast for Friday, June 9th, 2023
Geoserver Scans https://isc.sans.edu/diary/Ongoing%20scans%20for%20Geoserver/29926 Barracuda Recommends Replacing Compromised Devices https://www.barracuda.com/company/legal/esg-vulnerability Google improves Chrome Password Manager https://www.msn.com/en-us/news/other/chrome-adds-windows-biometric-logins-to-its-password-powers/ar-AA1ciCCf Minecraft Mods Include Malicious Code https://www.bleepingcomputer.com/news/security/new-fractureiser-malware-used-curseforge-minecraft-mods-to-infect-windows-linux/ Trend Micro Service Pack https://files.trendmicro.com/documentation/readme/Apex%20One/2020/apex_one_2019_win_cp_b12033_EN_Critical_Patch_Readme.html
ISC StormCast for Thursday, June 8th, 2023
DMARC in .co TLD https://isc.sans.edu/diary/Management%20of%20DMARC%20control%20for%20email%20impersonation%20of%20domains%20in%20the%20.co%20TLD%20-%20part%202/29922 Three Vulnerabilities in VMWare Aria Operations for Networks https://www.vmware.com/security/advisories/VMSA-2023-0012.html SpinOK Spyware SDK found in Android Apps https://vms.drweb.com/search/?q=Android.Spy.SpinOk&lng=en https://www.cloudsek.com/threatintelligence/supply-chain-attack-infiltrates-android-apps-with-malicious-sdk Cisco Anyconnect Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw RSA Webcast https://www.rsaconference.com/library/webcast/149-sans-followup-2023