A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Monday, September 26th, 2022
Kids Like Cookies and Malware Likes them Too https://isc.sans.edu/forums/diary/Kids+Like+Cookies+Malware+Too/29082 Downloading Files from Removed Domains https://isc.sans.edu/forums/diary/Downloading%20Samples%20From%20Takendown%20Domains/29086/ WhatsApp Security Updates https://www.whatsapp.com/security/advisories/2022/ Sophos RCE Flaw https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce CircleCI Phishing Attacks Used to Access GitHub Accounts https://discuss.circleci.com/t/circleci-security-alert-warning-phishing-attempt-for-login-credentials/45408
ISC StormCast for Monday, September 26th, 2022
Kids Like Cookies and Malware Likes them Too https://isc.sans.edu/forums/diary/Kids+Like+Cookies+Malware+Too/29082 Downloading Files from Removed Domains https://isc.sans.edu/forums/diary/Downloading%20Samples%20From%20Takendown%20Domains/29086/ WhatsApp Security Updates https://www.whatsapp.com/security/advisories/2022/ Sophos RCE Flaw https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce CircleCI Phishing Attacks Used to Access GitHub Accounts https://discuss.circleci.com/t/circleci-security-alert-warning-phishing-attempt-for-login-credentials/45408
ISC StormCast for Friday, September 23rd, 2022
RAT Delivered Through FODHelper https://isc.sans.edu/forums/diary/RAT+Delivered+Through+FODHelper/29078 Microsoft Endpoint Configuration Manager Spoofing Vulnerability https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37972 New Fuzzing Tool: cifuzz https://github.com/CodeIntelligenceTesting/cifuzz No Security Updates from Apple https://support.apple.com/en-us/HT201222
ISC StormCast for Friday, September 23rd, 2022
RAT Delivered Through FODHelper https://isc.sans.edu/forums/diary/RAT+Delivered+Through+FODHelper/29078 Microsoft Endpoint Configuration Manager Spoofing Vulnerability https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37972 New Fuzzing Tool: cifuzz https://github.com/CodeIntelligenceTesting/cifuzz No Security Updates from Apple https://support.apple.com/en-us/HT201222
ISC StormCast for Thursday, September 22nd, 2022
Phishing Campaigns Use Free Only Resources https://isc.sans.edu/forums/diary/Phishing%20Campaigns%20Use%20Free%20Online%20Resources/29074/ Insecure use of tarfile.extract in Python https://bugs.python.org/issue1044#msg55464 Twitter Failed to Logout Users After Password Reset https://privacy.twitter.com/en/blog/2022/an-issue-impacting-password-resets
ISC StormCast for Thursday, September 22nd, 2022
Phishing Campaigns Use Free Only Resources https://isc.sans.edu/forums/diary/Phishing%20Campaigns%20Use%20Free%20Online%20Resources/29074/ Insecure use of tarfile.extract in Python https://bugs.python.org/issue1044#msg55464 Twitter Failed to Logout Users After Password Reset https://privacy.twitter.com/en/blog/2022/an-issue-impacting-password-resets
ISC StormCast for Wednesday, September 21st, 2022
Chainsaw: Hunt, search and extract event log records https://isc.sans.edu/diary/Chainsaw%3A+Hunt%2C+search%2C+and+extract+event+log+records/29066 PDU Exploits past NAT https://claroty.com/team82/research/jumping-nat-to-shut-down-electric-devices Tamper Protection will be turned on for all Enterprise Customers https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/tamper-protection-will-be-turned-on-for-all-enterprise-customers/ba-p/3616478
ISC StormCast for Wednesday, September 21st, 2022
Chainsaw: Hunt, search and extract event log records https://isc.sans.edu/diary/Chainsaw%3A+Hunt%2C+search%2C+and+extract+event+log+records/29066 PDU Exploits past NAT https://claroty.com/team82/research/jumping-nat-to-shut-down-electric-devices Tamper Protection will be turned on for all Enterprise Customers https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/tamper-protection-will-be-turned-on-for-all-enterprise-customers/ba-p/3616478
ISC StormCast for Tuesday, September 20th, 2022
Preventing ISO Malware https://isc.sans.edu/diary/Preventing+ISO+Malware+/29062 State of Emotet https://www.advintel.io/post/advintel-s-state-of-emotet-aka-spmtools-displays-over-million-compromised-machines-through-2022 Undermining Microsoft Teams Security by Mining Tokens https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens
ISC StormCast for Tuesday, September 20th, 2022
Preventing ISO Malware https://isc.sans.edu/diary/Preventing+ISO+Malware+/29062 State of Emotet https://www.advintel.io/post/advintel-s-state-of-emotet-aka-spmtools-displays-over-million-compromised-machines-through-2022 Undermining Microsoft Teams Security by Mining Tokens https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens
ISC StormCast for Monday, September 19th, 2022
Word Maldoc With CustomXML and Renamed VBAProject.bin https://isc.sans.edu/diary/Word+Maldoc+With+CustomXML+and+Renamed+VBAProject.bin/29056 2FA on Lock Screens https://www.bbc.com/news/uk-england-london-62809151 Chrome and Edge Enhances Spellcheck Features Expose PII, Even Your Password https://www.otto-js.com/news/article/chrome-and-edge-enhanced-spellcheck-features-expose-pii-even-your-passwords Reconstructing Content Reflected in Glasses https://arxiv.org/abs/2205.03971
ISC StormCast for Monday, September 19th, 2022
Word Maldoc With CustomXML and Renamed VBAProject.bin https://isc.sans.edu/diary/Word+Maldoc+With+CustomXML+and+Renamed+VBAProject.bin/29056 2FA on Lock Screens https://www.bbc.com/news/uk-england-london-62809151 Chrome and Edge Enhances Spellcheck Features Expose PII, Even Your Password https://www.otto-js.com/news/article/chrome-and-edge-enhanced-spellcheck-features-expose-pii-even-your-passwords Reconstructing Content Reflected in Glasses https://arxiv.org/abs/2205.03971
ISC StormCast for Friday, September 16th, 2022
Malicous Word Document With a Frameset https://isc.sans.edu/diary/Malicious+Word+Document+with+a+Frameset/29052 CVE-2022-34721 Exploit https://github.com/78ResearchLab/PoC/tree/main/CVE-2022-34721 Trojaned Putty Used in Attacks https://www.mandiant.com/resources/blog/dprk-whatsapp-phishing Lenovo BIOS Updates https://support.lenovo.com/us/en/product_security/LEN-94953#Desktop
ISC StormCast for Friday, September 16th, 2022
Malicous Word Document With a Frameset https://isc.sans.edu/diary/Malicious+Word+Document+with+a+Frameset/29052 CVE-2022-34721 Exploit https://github.com/78ResearchLab/PoC/tree/main/CVE-2022-34721 Trojaned Putty Used in Attacks https://www.mandiant.com/resources/blog/dprk-whatsapp-phishing Lenovo BIOS Updates https://support.lenovo.com/us/en/product_security/LEN-94953#Desktop
ISC StormCast for Thursday, September 15th, 2022
Easy Process Injection within Python https://isc.sans.edu/diary/Easy+Process+Injection+within+Python/29048 Queen Elizabeth Related Phishing https://twitter.com/threatinsight/status/1570092339984584705 Microsoft 365 Auto Updates Apps on Locked or Idle Devices https://techcommunity.microsoft.com/t5/microsoft-365-blog/update-under-lock-improved-update-experience-for-microsoft-365/ba-p/3618901