SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

#news #technews #technology #news #dailynews

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

ISC StormCast for Wednesday, December 13th, 2023

December 12, 2023 6:03 5.38 MB Downloads: 0

Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20December%202023/30480 Microsoft Warns of Malicious OAUTH Applications https://www.microsoft.com/en-us/security/blog/2023/12/12/threat-actors-misuse-oauth-applications-to-automate-financially-driven-attacks/ Apache Struts2 Exploit CVE-2023-50164 https://xz.aliyun.com/t/13172

ISC StormCast for Tuesday, December 12th, 2023

December 11, 2023 5:35 5.0 MB Downloads: 0

What is Sitemap.xml and Why a Pentester Should Care https://isc.sans.edu/diary/What%20is%20sitemap.xml%2C%20and%20Why%20a%20Pentester%20Should%20Care/30472 Apple Patches Everything https://isc.sans.edu/forums/diary/Apple%20Patches%20Everything/30474/ Android Password Manager Auto Spill https://i.blackhat.com/EU-23/Presentations/EU-23-Gangwal-AutoSpill-Zero-Effort-Credential-Stealing.pdf

ISC StormCast for Monday, December 11th, 2023

December 10, 2023 6:15 5.55 MB Downloads: 0

IPv4 Mapped IPv6 Addresses https://isc.sans.edu/diary/IPv4-mapped%20IPv6%20Address%20Used%20For%20Obfuscation/30466 Honeypots From the Skeptical Beginner to the Tactical Enthusiast https://isc.sans.edu/diary/Honeypots%3A%20From%20the%20Skeptical%20Beginner%20to%20the%20Tactical%20Enthusiast/30468 Bluetooth Weakness CVE-2023-45866 https://github.com/skysafe/reblog/tree/main/cve-2023-45866 Syrus 4 IoT Gateway Vulnerability CVE-2023-6248 https://socradar.io/syrus4-iot-gateway-vulnerability-could-allow-code-execution-on-thousands-of-vehicles-simultaneously-cve-2023-6248/ Microsoft Edge Vulnerability CVE-2023-35618 https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#december-7-2023

ISC StormCast for Friday, December 8th, 2023

December 07, 2023 6:14 5.54 MB Downloads: 0

5G Vulnerabilities https://isc.sans.edu/diary/5Ghoul%3A%20Impacts%2C%20Implications%20and%20Next%20Steps/30462 Revealing the hidden Risks of QR Codes https://isc.sans.edu/diary/Revealing%20the%20Hidden%20Risks%20of%20QR%20Codes%20%5BGuest%20Diary%5D/30458 Window 10 End of Support https://techcommunity.microsoft.com/t5/windows-it-pro-blog/plan-for-windows-10-eos-with-windows-11-windows-365-and-esu/ba-p/4000414 Apache Struts 2 Vulnerability CVE-2023-50164 https://cwiki.apache.org/confluence/display/WW/S2-066

ISC StormCast for Thursday, December 7th, 2023

December 06, 2023 5:50 5.2 MB Downloads: 0

Whose packet is is anyway: a new RFC for attribution of internet probes https://isc.sans.edu/forums/diary/Whose%20packet%20is%20it%20anyway%3A%20a%20new%20RFC%20for%20attribution%20of%20internet%20probes/30456/ MLFlow Vulnerability https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security https://mlflow.org/category/news/index.html Abusing STS Tokens https://redcanary.com/blog/aws-sts/ Atlasian Vulnerabilities https://confluence.atlassian.com/security/security-advisories-bulletins-1236937381.html Holiday Hack Challenge https://www.sans.org/mlp/holiday-hack-challenge-2023/

ISC StormCast for Wednesday, December 6th, 2023

December 05, 2023 5:34 4.98 MB Downloads: 0

Cobalt Strike's "Runtime Configuration" https://isc.sans.edu/diary/Cobalt%20Strike%27s%20%22Runtime%20Configuration%22/30426 Adobe ColdFusion Exploit Abused https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a Atos Unify OpenScape Vulnerability https://sec-consult.com/vulnerability-lab/advisory/argument-injection-vulnerability-in-multiple-atos-unify-openscape-products/ ExtremeXOS Vulnerabilities https://rhinosecuritylabs.com/research/extreme-networks-extremexos-vulnerabilities/

ISC StormCast for Tuesday, December 5th, 2023

December 04, 2023 6:00 5.34 MB Downloads: 0

Zarya Hacktivists: More than just Sharepoint https://isc.sans.edu/diary/Zarya%20Hacktivists%3A%20More%20than%20just%20Sharepoint./30450 ICANN Registration Data Request Service (RDRS) https://rdrs.icann.org/ Android Updates https://source.android.com/docs/security/bulletin/2023-12-01 GitLab Patches https://about.gitlab.com/releases/2023/11/30/security-release-gitlab-16-6-1-released/

ISC StormCast for Monday, December 4th, 2023

December 03, 2023 6:01 5.36 MB Downloads: 0

UEFI Exploit via Boot Image https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.html Fake Phishing Scan Tricks Users into Installing Backdoor Plugin https://www.wordfence.com/blog/2023/12/psa-fake-cve-2023-45124-phishing-scam-tricks-users-into-installing-backdoor-plugin/ Qlik Sense Exploited by Cactus Ransomware https://arcticwolf.com/resources/blog/qlik-sense-exploited-in-cactus-ransomware-campaign/ https://www.praetorian.com/blog/qlik-sense-technical-exploit/ VMWare Vulnerability Patched https://www.vmware.com/security/advisories/VMSA-2023-0026.html

ISC StormCast for Friday, December 1st, 2023

November 30, 2023 5:35 5.0 MB Downloads: 0

Apple Updates https://isc.sans.edu/diary/Apple+Patches+Exploited+WebKit+Vulnerabilitiues+in+iOSiPadOSmacOS/30444 Prophetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today https://isc.sans.edu/forums/diary/Prophetic+Post+by+Intern+on+CVE20231389+Foreshadows+Mirai+Botnet+Expansion+Today/30442/ Zyxel Vulnerabilities https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products Solarwinds Update https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-4_release_notes.htm#link3 DNS Looking Glass https://isc.sans.edu/tools/dnslookup/

ISC StormCast for Thursday, November 30th, 2023

November 29, 2023 5:31 4.93 MB Downloads: 0

Decoding the Patterns: Analzying DShield Honeypot Activity https://isc.sans.edu/diary/Decoding%20the%20Patterns%3A%20Analyzing%20DShield%20Honeypot%20Activity%20%5BGuest%20Diary%5D/30428 Arcserve Unified Data Protection Multiple Vulnerabilities https://www.tenable.com/security/research/tra-2023-37 Hikvision Vulnerabilities https://www.hikvision.com/hk/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-products/ Assessing Prompt Injection Risks in 200+ Custom GPTs https://arxiv.org/pdf/2311.11538.pdf

ISC StormCast for Wednesday, November 29th, 2023

November 28, 2023 5:36 5.01 MB Downloads: 0

Pro-Russian Attackers Scanning for Sharepoint Servers to Exploit CVE-2023-29357 https://isc.sans.edu/diary/Pro%20Russian%20Attackers%20Scanning%20for%20Sharepoint%20Servers%20to%20Exploit%20CVE-2023-29357/30436 Microsoft Deprecates Microsoft Defender Application Guard for Office https://learn.microsoft.com/en-us/windows/whats-new/deprecated-features Synology Vulnerability https://www.synology.com/en-global/security/advisory/Synology_SA_23_16 Apache Tomcat Request Smuggling Vulnerability CVE-2023-46589 https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr

ISC StormCast for Tuesday, November 28th, 2023

November 27, 2023 6:37 5.86 MB Downloads: 0

Scans for ownCloud Vulnerability (CVE-2023-49103) https://isc.sans.edu/diary/Scans%20for%20ownCloud%20Vulnerability%20%28CVE-2023-49103%29/30432 Windows Hello Fingerprint Reader Weakness https://blackwinghq.com/blog/posts/a-touch-of-pwn-part-i/

ISC StormCast for Monday, November 27th, 2023

November 26, 2023 6:01 5.35 MB Downloads: 0

DShield Birthday https://isc.sans.edu/diary/Happy%20Birthday%20DShield/30420 Mirai uses CVE-2023-1389 https://isc.sans.edu/diary/CVE-2023-1389%3A%20A%20New%20Means%20to%20Expand%20Botnets/30418 More Mirai Vulnerabilities https://www.akamai.com/blog/security-research/new-rce-botnet-spreads-mirai-via-zero-days Analyzing OVA Files https://isc.sans.edu/diary/OVA%20Files/30424 Static Code Injections in OpenCart (CVE-2023-47444) https://github.com/opencart/opencart/issues/12947 Holiday Hackchallenge https://www.sans.org/mlp/holiday-hack-challenge-2023/

ISC StormCast for Friday, November 17th, 2023

November 16, 2023 15:24 13.24 MB Downloads: 0

Beyond -n: Optimizign tcpdump performance https://isc.sans.edu/forums/diary/Beyond%20-n%3A%20Optimizing%20tcpdump%20performance/30408/ Zimbra 0-day used to target international government organizations https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/ FortiSIEM OS command injection in Report Server https://www.fortiguard.com/psirt/FG-IR-23-135 AI Exploit Collection https://github.com/protectai/ai-exploits CrushFTP Remote Code Execution https://convergetp.com/2023/11/16/crushftp-zero-day-cve-2023-43177-discovered/ Scott Poley: The Cyber Date Paradox: Storing Less, Discovering More https://www.sans.edu/cyber-research/cyber-data-paradox-storing-less-discovering-more/

ISC StormCast for Thursday, November 16th, 2023

November 15, 2023 5:57 5.3 MB Downloads: 0

Redline Dropped Through MSIX Package https://isc.sans.edu/diary/Redline%20Dropped%20Through%20MSIX%20Package/30404 ChatGPT Code Interpreter Security Hole https://www.tomshardware.com/news/chatgpt-code-interpreter-security-hole Directory Traversal in Reactor Netty CVE-2023-34062 https://spring.io/security/cve-2023-34062 Aruba Networking Product Vulnerabilities https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt HARArmor https://harmor.dev/

Add New Podcast

Subscribe to this podcast