A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Friday, July 22nd, 2022
Maldoc with non-ASCII VBA Identifiers https://isc.sans.edu/diary/Maldoc%3A+non-ASCII+VBA+Identifiers/28866 Cisco Security Updates https://tools.cisco.com/security/center/publicationListing.x? Outlook 365 Odd Supicious Login Attempt Warnings https://www.theregister.com/2022/07/21/outlook_sign_ins/ Windows RDP Brute Force Protection https://twitter.com/dwizzzleMSFT/status/1549870156771340288 Microsoft resuming blocking macros https://techcommunity.microsoft.com/t5/microsoft-365-blog/helping-users-stay-safe-blocking-internet-macros-by-default-in/ba-p/3071805
ISC StormCast for Friday, July 22nd, 2022
Maldoc with non-ASCII VBA Identifiers https://isc.sans.edu/diary/Maldoc%3A+non-ASCII+VBA+Identifiers/28866 Cisco Security Updates https://tools.cisco.com/security/center/publicationListing.x? Outlook 365 Odd Supicious Login Attempt Warnings https://www.theregister.com/2022/07/21/outlook_sign_ins/ Windows RDP Brute Force Protection https://twitter.com/dwizzzleMSFT/status/1549870156771340288 Microsoft resuming blocking macros https://techcommunity.microsoft.com/t5/microsoft-365-blog/helping-users-stay-safe-blocking-internet-macros-by-default-in/ba-p/3071805
ISC StormCast for Thursday, July 21st, 2022
Malicious Python Script Behaving Like a Rubber Ducky https://isc.sans.edu/diary/Malicious+Python+Script+Behaving+Like+a+Rubber+Ducky/28860 Apple Patches Everything https://isc.sans.edu/diary/Apple+Patches+Everything+Day/28862 Confluence Atlasian Hard Coded Password https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html Zyxel Vulnerablity https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml DNS over HTTP/3 https://security.googleblog.com/2022/07/dns-over-http3-in-android.html
ISC StormCast for Thursday, July 21st, 2022
Malicious Python Script Behaving Like a Rubber Ducky https://isc.sans.edu/diary/Malicious+Python+Script+Behaving+Like+a+Rubber+Ducky/28860 Apple Patches Everything https://isc.sans.edu/diary/Apple+Patches+Everything+Day/28862 Confluence Atlasian Hard Coded Password https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html Zyxel Vulnerablity https://www.zyxel.com/support/Zyxel-security-advisory-authenticated-directory-traversal-vulnerabilities-of-firewalls.shtml DNS over HTTP/3 https://security.googleblog.com/2022/07/dns-over-http3-in-android.html
ISC StormCast for Wednesday, July 20th, 2022
Beacon Request https://isc.sans.edu/diary/Requests+For+beacon.http-get.+Help+Us+Figure+Out+What+They+Are+Looking+For/28856 Oracle July 2022 CPU https://www.oracle.com/security-alerts/cpujul2022.html CloudMensis MacOS Spyware https://www.welivesecurity.com/2022/07/19/i-see-what-you-did-there-look-cloudmensis-macos-spyware/ GPS Tracker Vulnerabilities https://www.bitsight.com/sites/default/files/2022-07/MiCODUS-GPS-Report-Final.pdf
ISC StormCast for Wednesday, July 20th, 2022
Beacon Request https://isc.sans.edu/diary/Requests+For+beacon.http-get.+Help+Us+Figure+Out+What+They+Are+Looking+For/28856 Oracle July 2022 CPU https://www.oracle.com/security-alerts/cpujul2022.html CloudMensis MacOS Spyware https://www.welivesecurity.com/2022/07/19/i-see-what-you-did-there-look-cloudmensis-macos-spyware/ GPS Tracker Vulnerabilities https://www.bitsight.com/sites/default/files/2022-07/MiCODUS-GPS-Report-Final.pdf
ISC StormCast for Tuesday, July 19th, 2022
Adding Your Own Keywords to My PDF Tools https://isc.sans.edu/diary/Adding+Your+Own+Keywords+To+My+PDF+Tools/28852 Tor Improvements https://blog.torproject.org/new-release-tor-browser-115/ Trojan Horse Malware Password Cracker https://www.dragos.com/blog/the-trojan-horse-malware-password-cracking-ecosystem-targeting-industrial-operators/ CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability https://securityonline.info/cve-2022-33891-apache-spark-shell-command-injection-vulnerability/ Juniper Junos Vulnerabilities https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=date%20descending&f:ctype=[Security%20Advisories]
ISC StormCast for Tuesday, July 19th, 2022
Adding Your Own Keywords to My PDF Tools https://isc.sans.edu/diary/Adding+Your+Own+Keywords+To+My+PDF+Tools/28852 Tor Improvements https://blog.torproject.org/new-release-tor-browser-115/ Trojan Horse Malware Password Cracker https://www.dragos.com/blog/the-trojan-horse-malware-password-cracking-ecosystem-targeting-industrial-operators/ CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability https://securityonline.info/cve-2022-33891-apache-spark-shell-command-injection-vulnerability/ Juniper Junos Vulnerabilities https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=date%20descending&f:ctype=[Security%20Advisories]
ISC StormCast for Monday, July 18th, 2022
Python: Files in Use By Another Process https://isc.sans.edu/diary/Python%3A+Files+In+Use+By+Another+Process/28848 Google Removing App Permissions List for Data Safety https://twitter.com/MishaalRahman/status/1547307555407421443 Google Play Malware https://twitter.com/IngraoMaxime/status/1547164768401858560 Faking Github Metadata https://checkmarx.com/blog/unverified-commits-are-you-unknowingly-trusting-attackers-code/
ISC StormCast for Monday, July 18th, 2022
Python: Files in Use By Another Process https://isc.sans.edu/diary/Python%3A+Files+In+Use+By+Another+Process/28848 Google Removing App Permissions List for Data Safety https://twitter.com/MishaalRahman/status/1547307555407421443 Google Play Malware https://twitter.com/IngraoMaxime/status/1547164768401858560 Faking Github Metadata https://checkmarx.com/blog/unverified-commits-are-you-unknowingly-trusting-attackers-code/
ISC StormCast for Friday, July 15th, 2022
Debugging Broadcast Storms https://isc.sans.edu/diary/A+%22DHCP+is+Broken%22+story%2C+and+a+Blast+from+the+Past+%28or+should+I+say+%22Storm%22+from+the+past%29/28844 Targeted Deanonymization via Side Channel Attacks https://leakuidatorplusteam.github.io/preprint.pdf Cookie Theft to BEC https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/ VMWare Patch https://www.vmware.com/security/advisories/VMSA-2021-0025.html
ISC StormCast for Friday, July 15th, 2022
Debugging Broadcast Storms https://isc.sans.edu/diary/A+%22DHCP+is+Broken%22+story%2C+and+a+Blast+from+the+Past+%28or+should+I+say+%22Storm%22+from+the+past%29/28844 Targeted Deanonymization via Side Channel Attacks https://leakuidatorplusteam.github.io/preprint.pdf Cookie Theft to BEC https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/ VMWare Patch https://www.vmware.com/security/advisories/VMSA-2021-0025.html
ISC StormCast for Thursday, July 14th, 2022
Using Referrers to Detect Phishing Attacks https://isc.sans.edu/diary/Using+Referers+to+Detect+Phishing+Attacks/28836 Callback Phishing Campaigns Impersonating Security Companies https://www.crowdstrike.com/blog/callback-malware-campaigns-impersonate-crowdstrike-and-other-cybersecurity-companies/ Retbleed Spectre Attack https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 https://www.microsoft.com/security/blog/2022/07/13/uncovering-a-macos-app-sandbox-escape-vulnerability-a-deep-dive-into-cve-2022-26706/ Buffer Overflow Vulnerabilities in UEFI firmware of several Lenovo Notebook https://twitter.com/ESETresearch/status/1547166334651334657
ISC StormCast for Thursday, July 14th, 2022
Using Referrers to Detect Phishing Attacks https://isc.sans.edu/diary/Using+Referers+to+Detect+Phishing+Attacks/28836 Callback Phishing Campaigns Impersonating Security Companies https://www.crowdstrike.com/blog/callback-malware-campaigns-impersonate-crowdstrike-and-other-cybersecurity-companies/ Retbleed Spectre Attack https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 https://www.microsoft.com/security/blog/2022/07/13/uncovering-a-macos-app-sandbox-escape-vulnerability-a-deep-dive-into-cve-2022-26706/ Buffer Overflow Vulnerabilities in UEFI firmware of several Lenovo Notebook https://twitter.com/ESETresearch/status/1547166334651334657
ISC StormCast for Wednesday, July 13th, 2022
Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft+July+2022+Patch+Tuesday/28838 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html SAP Patches https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10 IBM Patches https://www.ibm.com/support/pages/node/6602255 https://www.ibm.com/support/pages/node/6602259 https://www.ibm.com/support/pages/node/6602251