A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Tuesday, July 25th, 2023
Apple Updates https://isc.sans.edu/forums/diary/Apple%20Updates%20Everything%20%28again%29/30062/ https://support.apple.com/en-us/HT201222 Parsing Data with jq https://isc.sans.edu/diary/JQ%3A%20Another%20Tool%20We%20Thought%20We%20Knew/30060 TETRA Radio Backdoor https://www.wired.com/story/tetra-radio-encryption-backdoor/
ISC StormCast for Monday, July 24th, 2023
Shodan's API for the (Recon) Win! https://isc.sans.edu/diary/Shodan%27s%20API%20For%20The%20%28Recon%29%20Win!/30050 Stolen Microsoft Key May Have Opened Up a lot more than US Government E-Mail Inboxes https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr https://www.theregister.com/2023/07/21/microsoft_key_skeleton/ Okta Logs Decoded https://www.rezonate.io/blog/okta-logs-decoded-unveiling-identity-threats-through-threat-hunting/ Threat Actors Exploiting Citrix CVE-2023-3519 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a https://github.com/securekomodo/citrixInspector
ISC StormCast for Monday, July 24th, 2023
Shodan's API for the (Recon) Win! https://isc.sans.edu/diary/Shodan%27s%20API%20For%20The%20%28Recon%29%20Win!/30050 Stolen Microsoft Key May Have Opened Up a lot more than US Government E-Mail Inboxes https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr https://www.theregister.com/2023/07/21/microsoft_key_skeleton/ Okta Logs Decoded https://www.rezonate.io/blog/okta-logs-decoded-unveiling-identity-threats-through-threat-hunting/ Threat Actors Exploiting Citrix CVE-2023-3519 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a https://github.com/securekomodo/citrixInspector
ISC StormCast for Friday, July 21st, 2023
Deobfuscation of Malware Delivered Through a .bat File https://isc.sans.edu/diary/Deobfuscation%20of%20Malware%20Delivered%20Through%20a%20.bat%20File/30048 Citrix CVE-2023-3519 Indicators of Compromise https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/ ssh-agent vulnerability https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt Spring Security: WebFlux Security Bypass with Un-Prefixed Double Wildcard Pattern https://spring.io/security/cve-2023-34034 American Megatrends (AMI) MegaRAC BMC Vulnerabilities https://eclypsium.com/research/bmcc-lights-out-forever/
ISC StormCast for Friday, July 21st, 2023
Deobfuscation of Malware Delivered Through a .bat File https://isc.sans.edu/diary/Deobfuscation%20of%20Malware%20Delivered%20Through%20a%20.bat%20File/30048 Citrix CVE-2023-3519 Indicators of Compromise https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/ ssh-agent vulnerability https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt Spring Security: WebFlux Security Bypass with Un-Prefixed Double Wildcard Pattern https://spring.io/security/cve-2023-34034 American Megatrends (AMI) MegaRAC BMC Vulnerabilities https://eclypsium.com/research/bmcc-lights-out-forever/
ISC StormCast for Thursday, July 20th, 2023
Citrix ADC Vulneraiblity CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 https://isc.sans.edu/forums/diary/Citrix%20ADC%20Vulnerability%20CVE-2023-3519%2C%203466%20and%203467%20-%20Patch%20Now!/30044/ HAM Radio Enigma Machine Challenge https://isc.sans.edu/diary/HAM%20Radio%20%2B%20Enigma%20Machine%20Challenge/30042 Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujul2023.html Microsoft Expanding Cloud Logging https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/
ISC StormCast for Thursday, July 20th, 2023
Citrix ADC Vulneraiblity CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 https://isc.sans.edu/forums/diary/Citrix%20ADC%20Vulnerability%20CVE-2023-3519%2C%203466%20and%203467%20-%20Patch%20Now!/30044/ HAM Radio Enigma Machine Challenge https://isc.sans.edu/diary/HAM%20Radio%20%2B%20Enigma%20Machine%20Challenge/30042 Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujul2023.html Microsoft Expanding Cloud Logging https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/
ISC StormCast for Wednesday, July 19th, 2023
Exploit Attempts for "Stagil navigation for Jira Menus & Themes" https://isc.sans.edu/diary/Exploit%20Attempts%20for%20%22Stagil%20navigation%20for%20Jira%20Menus%20%26%20Themes%22%20CVE-2023-26255%20and%20CVE-2023-26256/30038 Citrix Vulnerabilities https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467 Google Cloud Build Service Vulnerability https://orca.security/resources/blog/bad-build-google-cloud-build-potential-supply-chain-attack-vulnerability
ISC StormCast for Wednesday, July 19th, 2023
Exploit Attempts for "Stagil navigation for Jira Menus & Themes" https://isc.sans.edu/diary/Exploit%20Attempts%20for%20%22Stagil%20navigation%20for%20Jira%20Menus%20%26%20Themes%22%20CVE-2023-26255%20and%20CVE-2023-26256/30038 Citrix Vulnerabilities https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467 Google Cloud Build Service Vulnerability https://orca.security/resources/blog/bad-build-google-cloud-build-potential-supply-chain-attack-vulnerability
ISC StormCast for Tuesday, July 18th, 2023
Zimbra Vulnerability Exploited https://blog.zimbra.com/2023/07/security-update-for-zimbra-collaboration-suite-version-8-8-15 Woocommerce Vulnerability Actively Being Exploited https://www.rcesecurity.com/2023/07/patch-diffing-cve-2023-28121-to-compromise-a-woocommerce/ Adobe Coldfusion Flaws exploited https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-coldfusion-rce-bug-exploited-in-attacks/ CISA Cloud Security Fact Sheet: Free Tools for Cloud Environments https://www.cisa.gov/sites/default/files/2023-07/Free%20Tools%20for%20Cloud%20Environments_508c.pdf JumpCloud Breach https://arstechnica.com/security/2023/07/jumpcloud-says-nation-state-hacker-breach-targeted-some-of-its-customers/
ISC StormCast for Tuesday, July 18th, 2023
Zimbra Vulnerability Exploited https://blog.zimbra.com/2023/07/security-update-for-zimbra-collaboration-suite-version-8-8-15 Woocommerce Vulnerability Actively Being Exploited https://www.rcesecurity.com/2023/07/patch-diffing-cve-2023-28121-to-compromise-a-woocommerce/ Adobe Coldfusion Flaws exploited https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-coldfusion-rce-bug-exploited-in-attacks/ CISA Cloud Security Fact Sheet: Free Tools for Cloud Environments https://www.cisa.gov/sites/default/files/2023-07/Free%20Tools%20for%20Cloud%20Environments_508c.pdf JumpCloud Breach https://arstechnica.com/security/2023/07/jumpcloud-says-nation-state-hacker-breach-targeted-some-of-its-customers/
ISC StormCast for Monday, July 17th, 2023
Microsoft Driver Certs Details https://blog.talosintelligence.com/old-certificate-new-signature/ Threads App Lures https://www.helpnetsecurity.com/2023/07/14/threads-app-lure/ First Releases CVSS 4.0 Preview https://www.first.org/cvss/
ISC StormCast for Monday, July 17th, 2023
Microsoft Driver Certs Details https://blog.talosintelligence.com/old-certificate-new-signature/ Threads App Lures https://www.helpnetsecurity.com/2023/07/14/threads-app-lure/ First Releases CVSS 4.0 Preview https://www.first.org/cvss/
ISC StormCast for Friday, July 14th, 2023
DShield Honeypot Maintenance and Data Retention https://isc.sans.edu/diary/DShield%20Honeypot%20Maintenance%20and%20Data%20Retention/30024 Enhanced Monitoring to Detect APT Activity Targeting Outlook Online https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a PoC Exploit: Fake Proof of Concept with Backdoor Malware https://www.uptycs.com/blog/new-poc-exploit-backdoor-malware GhostScript CVE-2023-36664 PoC Exploit https://www.kroll.com/en/insights/publications/cyber/ghostscript-cve-2023-36664-remote-code-execution-vulnerability
ISC StormCast for Friday, July 14th, 2023
DShield Honeypot Maintenance and Data Retention https://isc.sans.edu/diary/DShield%20Honeypot%20Maintenance%20and%20Data%20Retention/30024 Enhanced Monitoring to Detect APT Activity Targeting Outlook Online https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a PoC Exploit: Fake Proof of Concept with Backdoor Malware https://www.uptycs.com/blog/new-poc-exploit-backdoor-malware GhostScript CVE-2023-36664 PoC Exploit https://www.kroll.com/en/insights/publications/cyber/ghostscript-cve-2023-36664-remote-code-execution-vulnerability