A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Tuesday, June 7th, 2022
MS-MSDT RTF Maldocs Analysis oledump Plugins https://isc.sans.edu/forums/diary/msmsdt+RTF+Maldoc+Analysis+oledump+Plugins/28718/ Cybercriminals Exploit Reverse Tunnel Services and URL Shorteners https://cloudsek.com/whitepapers_reports/cybercriminals-exploit-reverse-tunnel-services-and-url-shorteners-to-launch-large-scale-phishing-campaigns/ Unpatched Horde Webmail Bug https://blog.sonarsource.com/horde-webmail-rce-via-email/ Clickstudio (Passwordstate) Code Signing Cert Used by Follina Malware https://cloudsek.com/whitepapers_reports/cybercriminals-exploit-reverse-tunnel-services-and-url-shorteners-to-launch-large-scale-phishing-campaigns/
ISC StormCast for Tuesday, June 7th, 2022
MS-MSDT RTF Maldocs Analysis oledump Plugins https://isc.sans.edu/forums/diary/msmsdt+RTF+Maldoc+Analysis+oledump+Plugins/28718/ Cybercriminals Exploit Reverse Tunnel Services and URL Shorteners https://cloudsek.com/whitepapers_reports/cybercriminals-exploit-reverse-tunnel-services-and-url-shorteners-to-launch-large-scale-phishing-campaigns/ Unpatched Horde Webmail Bug https://blog.sonarsource.com/horde-webmail-rce-via-email/ Clickstudio (Passwordstate) Code Signing Cert Used by Follina Malware https://cloudsek.com/whitepapers_reports/cybercriminals-exploit-reverse-tunnel-services-and-url-shorteners-to-launch-large-scale-phishing-campaigns/
ISC StormCast for Monday, June 6th, 2022
Sandbox Evasion... With Just a Filename! https://isc.sans.edu/forums/diary/Sandbox+Evasion+With+Just+a+Filename/28708/ Atlassian Exploit Released https://www.rapid7.com/blog/post/2022/06/02/active-exploitation-of-confluence-cve-2022-26134/ GitLab Critical Security Release https://about.gitlab.com/releases/2022/06/01/critical-security-release-gitlab-15-0-1-released/ U-Boot Vulnerablities https://research.nccgroup.com/2022/06/03/technical-advisory-multiple-vulnerabilities-in-u-boot-cve-2022-30790-cve-2022-30552/ Unisoc Baseband Chip Vulnerability https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
ISC StormCast for Monday, June 6th, 2022
Sandbox Evasion... With Just a Filename! https://isc.sans.edu/forums/diary/Sandbox+Evasion+With+Just+a+Filename/28708/ Atlassian Exploit Released https://www.rapid7.com/blog/post/2022/06/02/active-exploitation-of-confluence-cve-2022-26134/ GitLab Critical Security Release https://about.gitlab.com/releases/2022/06/01/critical-security-release-gitlab-15-0-1-released/ U-Boot Vulnerablities https://research.nccgroup.com/2022/06/03/technical-advisory-multiple-vulnerabilities-in-u-boot-cve-2022-30790-cve-2022-30552/ Unisoc Baseband Chip Vulnerability https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
ISC StormCast for Friday, June 3rd, 2022
Quick Answers in Incident Response RECmd.exe https://isc.sans.edu/forums/diary/Quick+Answers+in+Incident+Response+RECmdexe/28706/ Zero-Day Exploitation of Atlassian Confluence https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/ https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html Korenix Technology JetPort Backdoor https://sec-consult.com/vulnerability-lab/advisory/backdoor-account-in-korenix-technology-jetport-series/ Elasticsearch Data Wiped https://www.secureworks.com/blog/unsecured-elasticsearch-data-replaced-with-ransom-note
ISC StormCast for Friday, June 3rd, 2022
Quick Answers in Incident Response RECmd.exe https://isc.sans.edu/forums/diary/Quick+Answers+in+Incident+Response+RECmdexe/28706/ Zero-Day Exploitation of Atlassian Confluence https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/ https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html Korenix Technology JetPort Backdoor https://sec-consult.com/vulnerability-lab/advisory/backdoor-account-in-korenix-technology-jetport-series/ Elasticsearch Data Wiped https://www.secureworks.com/blog/unsecured-elasticsearch-data-replaced-with-ransom-note
ISC StormCast for Thursday, June 2nd, 2022
HTML Phishing Attachments - Now With Anti-Analysis Features https://isc.sans.edu/forums/diary/HTML+phishing+attachments+now+with+antianalysis+features/28702/ Unofficial Patch for CVE-2022-30190 (Follina) https://blog.0patch.com/2022/06/free-micropatches-for-follina-microsoft.html Windows Search Vulnerability https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/ Call Forwarding Used to Compromise WhatsApp Accounts https://www.linkedin.com/posts/fb1h2s_beware-here-is-how-whatsapp-accounts-are-activity-6934386561048264704-NnFf/?utm_source=linkedin_share&utm_medium=member_desktop_web Badkeys in Fuji Xerox and Canon Printers https://fermatattack.secvuln.info
ISC StormCast for Thursday, June 2nd, 2022
HTML Phishing Attachments - Now With Anti-Analysis Features https://isc.sans.edu/forums/diary/HTML+phishing+attachments+now+with+antianalysis+features/28702/ Unofficial Patch for CVE-2022-30190 (Follina) https://blog.0patch.com/2022/06/free-micropatches-for-follina-microsoft.html Windows Search Vulnerability https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/ Call Forwarding Used to Compromise WhatsApp Accounts https://www.linkedin.com/posts/fb1h2s_beware-here-is-how-whatsapp-accounts-are-activity-6934386561048264704-NnFf/?utm_source=linkedin_share&utm_medium=member_desktop_web Badkeys in Fuji Xerox and Canon Printers https://fermatattack.secvuln.info
ISC StormCast for Wednesday, June 1st, 2022
Follina Update https://isc.sans.edu/forums/diary/First+Exploitation+of+Follina+Seen+in+the+Wild/28698/ https://isc.sans.edu/forums/diary/New+Microsoft+Office+Attack+Vector+via+msmsdt+Protocol+Scheme+CVE202230190/28694/ Open Automation Software Platform Vulnerability https://blog.talosintelligence.com/2022/05/vuln-spotlight-open-automation-platform.html Over 3.6 million MySQL servers found exposed on the Internet https://www.bleepingcomputer.com/news/security/over-36-million-mysql-servers-found-exposed-on-the-internet/
ISC StormCast for Wednesday, June 1st, 2022
Follina Update https://isc.sans.edu/forums/diary/First+Exploitation+of+Follina+Seen+in+the+Wild/28698/ https://isc.sans.edu/forums/diary/New+Microsoft+Office+Attack+Vector+via+msmsdt+Protocol+Scheme+CVE202230190/28694/ Open Automation Software Platform Vulnerability https://blog.talosintelligence.com/2022/05/vuln-spotlight-open-automation-platform.html Over 3.6 million MySQL servers found exposed on the Internet https://www.bleepingcomputer.com/news/security/over-36-million-mysql-servers-found-exposed-on-the-internet/
ISC StormCast for Tuesday, May 31st, 2022
New Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme https://isc.sans.edu/forums/diary/New+Microsoft+Office+Attack+Vector+via+msmsdt+Protocol+Scheme/28694/
ISC StormCast for Tuesday, May 31st, 2022
New Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme https://isc.sans.edu/forums/diary/New+Microsoft+Office+Attack+Vector+via+msmsdt+Protocol+Scheme/28694/
ISC StormCast for Friday, May 27th, 2022
Huge Signed PE Files https://isc.sans.edu/forums/diary/Huge+Signed+PE+File/28686/ VMWare Authentication Bypass PoC https://www.horizon3.ai/vmware-authentication-bypass-vulnerability-cve-2022-22972-technical-deep-dive/ Quanta Server BMC Vulnerability https://eclypsium.com/2022/05/26/quanta-servers-still-vulnerable-to-pantsdown/ Windows 11 and Server 2022 Update Prevent Trend Micro Ransomware Protection https://success.trendmicro.com/dcx/s/solution/000291066?language=en_US Nate Street: Advancing SIEM Log Management Strategies through Vendor-Agnostic Measurement https://www.sans.edu/cyber-research/38685/
ISC StormCast for Friday, May 27th, 2022
Huge Signed PE Files https://isc.sans.edu/forums/diary/Huge+Signed+PE+File/28686/ VMWare Authentication Bypass PoC https://www.horizon3.ai/vmware-authentication-bypass-vulnerability-cve-2022-22972-technical-deep-dive/ Quanta Server BMC Vulnerability https://eclypsium.com/2022/05/26/quanta-servers-still-vulnerable-to-pantsdown/ Windows 11 and Server 2022 Update Prevent Trend Micro Ransomware Protection https://success.trendmicro.com/dcx/s/solution/000291066?language=en_US Nate Street: Advancing SIEM Log Management Strategies through Vendor-Agnostic Measurement https://www.sans.edu/cyber-research/38685/
ISC StormCast for Thursday, May 26th, 2022
Using NMAP to Assess Hosts in Load Balanced Clusters https://isc.sans.edu/forums/diary/Using+NMAP+to+Assess+Hosts+in+Load+Balanced+Clusters/28682/ Attacker Modifying Libraries Claims "Research" https://www.bleepingcomputer.com/news/security/hacker-says-hijacking-libraries-stealing-aws-keys-was-ethical-research/ Heroku GitHub Integration Re-Enabled Again https://blog.heroku.com/github-integration-update Serious security vulnerablity in Tails 5.0 https://tails.boum.org/security/prototype_pollution/index.en.html Google Chrome Update https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html