A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Friday, June 17th, 2022
Houdini is Back Delivered Through a JavaScript Dropper https://isc.sans.edu/forums/diary/Houdini+is+Back+Delivered+Through+a+JavaScript+Dropper/28746/ Drifting Cloud: Zero-Day Sophos Firewall Exploitation https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach/ Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack https://www.zerodayinitiative.com/blog/2022/6/15/cve-2022-23088-exploiting-a-heap-overflow-in-the-freebsd-wi-fi-stack Cisco Email Security Appliance and Cisco Secure Email and Web Manager https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-esa-auth-bypass-66kEcxQD Analyzing the Fastjson "Auto Type Bypass" RCE vulnerability https://jfrog.com/blog/cve-2022-25845-analyzing-the-fastjson-auto-type-bypass-rce-vulnerability/
ISC StormCast for Thursday, June 16th, 2022
Terraforming Honeypots: Using IaaC & Cloud to Attract Attacks https://isc.sans.edu/forums/diary/Terraforming+Honeypots+Installing+DShield+Sensors+in+the+Cloud/28748/ Zimbra Email - Stealing Clear=Text Credenitals via Memcache Injection https://blog.sonarsource.com/zimbra-mail-stealing-clear-text-credentials-via-memcache-injection/ Cloud Middleware Dataset https://github.com/wiz-sec/cloud-middleware-dataset CVE-2022-26937 Windows Network File System NLM Portmap Stack Buffer Overflow https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow Citrix Application Delivery Management Security Bulletin https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512 Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch https://sec-consult.com/vulnerability-lab/advisory/hardcoded-backdoor-user-outdated-software-components-nexans-ftto-gigaswitch/
ISC StormCast for Thursday, June 16th, 2022
Terraforming Honeypots: Using IaaC & Cloud to Attract Attacks https://isc.sans.edu/forums/diary/Terraforming+Honeypots+Installing+DShield+Sensors+in+the+Cloud/28748/ Zimbra Email - Stealing Clear=Text Credenitals via Memcache Injection https://blog.sonarsource.com/zimbra-mail-stealing-clear-text-credentials-via-memcache-injection/ Cloud Middleware Dataset https://github.com/wiz-sec/cloud-middleware-dataset CVE-2022-26937 Windows Network File System NLM Portmap Stack Buffer Overflow https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow Citrix Application Delivery Management Security Bulletin https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512 Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch https://sec-consult.com/vulnerability-lab/advisory/hardcoded-backdoor-user-outdated-software-components-nexans-ftto-gigaswitch/
ISC StormCast for Wednesday, June 15th, 2022
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+June+2022+Patch+Tuesday/28742/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html SynLapse Vulnerability https://orca.security/resources/blog/synlapse-critical-azure-synapse-analytics-service-vulnerability/ Hertzbleed Attack https://www.hertzbleed.com
ISC StormCast for Wednesday, June 15th, 2022
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+June+2022+Patch+Tuesday/28742/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html SynLapse Vulnerability https://orca.security/resources/blog/synlapse-critical-azure-synapse-analytics-service-vulnerability/ Hertzbleed Attack https://www.hertzbleed.com
ISC StormCast for Tuesday, June 14th, 2022
Translating Saitama's DNS Tunneling https://isc.sans.edu/forums/diary/Translating+Saitamas+DNS+tunneling+messages/28738/ Travis CI Logs Expose Users to Cyber Attacks https://blog.aquasec.com/travis-ci-security Linux Threat Hunting: "Syslogk" a kernel rootkit found under development in the wild https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/ Mitel Desk Phone Backdoor https://blog.syss.com/posts/rooting-mitel-desk-phones-through-the-backdoor/
ISC StormCast for Tuesday, June 14th, 2022
Translating Saitama's DNS Tunneling https://isc.sans.edu/forums/diary/Translating+Saitamas+DNS+tunneling+messages/28738/ Travis CI Logs Expose Users to Cyber Attacks https://blog.aquasec.com/travis-ci-security Linux Threat Hunting: "Syslogk" a kernel rootkit found under development in the wild https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/ Mitel Desk Phone Backdoor https://blog.syss.com/posts/rooting-mitel-desk-phones-through-the-backdoor/
ISC StormCast for Monday, June 13th, 2022
EPSScall: An Exploit Prediction Scoring System App https://isc.sans.edu/forums/diary/EPSScall+An+Exploit+Prediction+Scoring+System+App/28732/ PACMan Attack https://pacmanattack.com https://twitter.com/wdormann/status/1535245913857351680 Carrier LenelS2 HID Mercury access panel vulnerability https://www.cisa.gov/uscert/ics/advisories/icsa-22-153-01 Malicious Python Modules https://www.bleepingcomputer.com/news/security/pypi-package-keep-mistakenly-included-a-password-stealer/
ISC StormCast for Monday, June 13th, 2022
EPSScall: An Exploit Prediction Scoring System App https://isc.sans.edu/forums/diary/EPSScall+An+Exploit+Prediction+Scoring+System+App/28732/ PACMan Attack https://pacmanattack.com https://twitter.com/wdormann/status/1535245913857351680 Carrier LenelS2 HID Mercury access panel vulnerability https://www.cisa.gov/uscert/ics/advisories/icsa-22-153-01 Malicious Python Modules https://www.bleepingcomputer.com/news/security/pypi-package-keep-mistakenly-included-a-password-stealer/
ISC StormCast for Friday, June 10th, 2022
TA570 QBot attempts to exploit CVE-2022-30190 (Follina) https://isc.sans.edu/forums/diary/TA570+Qakbot+Qbot+tries+CVE202230190+Follina+exploit+msmsdt/28728/ Analysis of a Facebook Phishing Campaign https://pixmsecurity.com/blog/blog/phishing-tactics-how-a-threat-actor-stole-1m-credentials-in-4-months/ Zyxel Security Advisory https://www.zyxel.com/support/Zyxel-security-advisory-for-CRLF-injection-vulnerability-in-some-legacy-firewalls.shtml Fujitsu Centricstor Vulnerability https://research.nccgroup.com/2022/05/27/technical-advisory-fujitsu-centricstor-control-center-v8-1-unauthenticated-command-injection/ Meeting Owl Vulnerablities https://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf
ISC StormCast for Friday, June 10th, 2022
TA570 QBot attempts to exploit CVE-2022-30190 (Follina) https://isc.sans.edu/forums/diary/TA570+Qakbot+Qbot+tries+CVE202230190+Follina+exploit+msmsdt/28728/ Analysis of a Facebook Phishing Campaign https://pixmsecurity.com/blog/blog/phishing-tactics-how-a-threat-actor-stole-1m-credentials-in-4-months/ Zyxel Security Advisory https://www.zyxel.com/support/Zyxel-security-advisory-for-CRLF-injection-vulnerability-in-some-legacy-firewalls.shtml Fujitsu Centricstor Vulnerability https://research.nccgroup.com/2022/05/27/technical-advisory-fujitsu-centricstor-control-center-v8-1-unauthenticated-command-injection/ Meeting Owl Vulnerablities https://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf
ISC StormCast for Thursday, June 9th, 2022
SANS RSA Panel (sorry, video no longer available) Atlassian Confluence Attacks https://isc.sans.edu/forums/diary/Atlassian+Confluence+Exploits+Seen+By+Our+Honeypots+CVE202226134/28722/ Fake CClenaer Malvertisements https://blog.avast.com/fakecrack-campaign Weakness in Verbatim Keypad Secure USB Drive https://blog.syss.com/posts/hacking-usb-flash-drives-part-1/
ISC StormCast for Thursday, June 9th, 2022
SANS RSA Panel (sorry, video no longer available) Atlassian Confluence Attacks https://isc.sans.edu/forums/diary/Atlassian+Confluence+Exploits+Seen+By+Our+Honeypots+CVE202226134/28722/ Fake CClenaer Malvertisements https://blog.avast.com/fakecrack-campaign Weakness in Verbatim Keypad Secure USB Drive https://blog.syss.com/posts/hacking-usb-flash-drives-part-1/
ISC StormCast for Wednesday, June 8th, 2022
The Trouble With Microsoft's Troubleshooters https://irsl.medium.com/the-trouble-with-microsofts-troubleshooters-6e32fc80b8bd QBot Uses Follina https://twitter.com/threatinsight/status/1534227444915482625 Deadbolt Ransomware https://www.trendmicro.com/en_us/research/22/f/closing-the-door-deadbolt-ransomware-locks-out-vendors-with-mult.html Google Android Updates https://source.android.com/security/bulletin/2022-06-01?hl=en
ISC StormCast for Wednesday, June 8th, 2022
The Trouble With Microsoft's Troubleshooters https://irsl.medium.com/the-trouble-with-microsofts-troubleshooters-6e32fc80b8bd QBot Uses Follina https://twitter.com/threatinsight/status/1534227444915482625 Deadbolt Ransomware https://www.trendmicro.com/en_us/research/22/f/closing-the-door-deadbolt-ransomware-locks-out-vendors-with-mult.html Google Android Updates https://source.android.com/security/bulletin/2022-06-01?hl=en