A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
ISC StormCast for Wednesday, November 3rd, 2021
Revisiting BrakTooth: Two Months Later https://isc.sans.edu/forums/diary/Revisiting+BrakTooth+Two+Months+Later/27992/ Escalating XSS to Sainthood with Nagios https://blog.grimm-co.com/2021/11/escalating-xss-to-sainthood-with-nagios.html Pentaho Business Analytics Vulnerablity https://hawsec.com/publications/pentaho/HVPENT210401-Pentaho-BA-Security-Assessment-Report-v1_1.pdf
ISC StormCast for Tuesday, November 2nd, 2021
Trojan Source: Invisible Vulnerabilities https://www.trojansource.codes/trojan-source.pdf Detecting HTTP Header Smuggling Vulnerabilities https://www.darkreading.com/application-security/free-tool-scans-web-servers-for-vulnerability-to-http-header-smuggling-attacks Kaspersky Lost Amazon Simple Email Service Token https://support.kaspersky.com/general/vulnerability.aspx?el=12430#01112021_phishing
ISC StormCast for Tuesday, November 2nd, 2021
Trojan Source: Invisible Vulnerabilities https://www.trojansource.codes/trojan-source.pdf Detecting HTTP Header Smuggling Vulnerabilities https://www.darkreading.com/application-security/free-tool-scans-web-servers-for-vulnerability-to-http-header-smuggling-attacks Kaspersky Lost Amazon Simple Email Service Token https://support.kaspersky.com/general/vulnerability.aspx?el=12430#01112021_phishing
ISC StormCast for Monday, November 1st, 2021
Remote Desktop Protocol RDP Discovery https://isc.sans.edu/forums/diary/Remote+Desktop+Protocol+RDP+Discovery/27984/ Sysmon Update https://isc.sans.edu/forums/diary/Sysinternals+Autoruns+and+Sysmon+updates/27986/ Google Chrome Updates https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html AbstractEmu Malware Roots Android https://blog.lookout.com/lookout-discovers-global-rooting-malware-campaign Microsoft Defender For Endpoint Web Content Filtering https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/web-content-filtering-now-generally-available-on-windows/ba-p/2893357
ISC StormCast for Monday, November 1st, 2021
Remote Desktop Protocol RDP Discovery https://isc.sans.edu/forums/diary/Remote+Desktop+Protocol+RDP+Discovery/27984/ Sysmon Update https://isc.sans.edu/forums/diary/Sysinternals+Autoruns+and+Sysmon+updates/27986/ Google Chrome Updates https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html AbstractEmu Malware Roots Android https://blog.lookout.com/lookout-discovers-global-rooting-malware-campaign Microsoft Defender For Endpoint Web Content Filtering https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/web-content-filtering-now-generally-available-on-windows/ba-p/2893357
ISC StormCast for Friday, October 29th, 2021
Critical Hikvision Patch https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/ Shrootless Vulnerability in MacOS https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/ More Malicious NPM Libraries https://www.theregister.com/2021/10/27/npm_roblox_ransomware/
ISC StormCast for Friday, October 29th, 2021
Critical Hikvision Patch https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/ Shrootless Vulnerability in MacOS https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/ More Malicious NPM Libraries https://www.theregister.com/2021/10/27/npm_roblox_ransomware/
ISC StormCast for Thursday, October 28th, 2021
Outlook Web Access Phishing https://isc.sans.edu/forums/diary/Hunting+for+Phishing+Sites+Masquerading+as+Outlook+Web+Access/27974/ Apple Security Updates Details Available https://support.apple.com/en-us/HT201222 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html PinkBot Botnet Uses DoH https://blog.netlab.360.com/pinkbot/ Jira Insight Patch https://confluence.atlassian.com/adminjiraserver/jira-service-management-security-advisory-2021-10-20-1085186548.html
ISC StormCast for Thursday, October 28th, 2021
Outlook Web Access Phishing https://isc.sans.edu/forums/diary/Hunting+for+Phishing+Sites+Masquerading+as+Outlook+Web+Access/27974/ Apple Security Updates Details Available https://support.apple.com/en-us/HT201222 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html PinkBot Botnet Uses DoH https://blog.netlab.360.com/pinkbot/ Jira Insight Patch https://confluence.atlassian.com/adminjiraserver/jira-service-management-security-advisory-2021-10-20-1085186548.html
ISC StormCast for Wednesday, October 27th, 2021
Apple Updates Everything (but no details yet) https://support.apple.com/en-sa/HT201222 Craigslist E-Mail Hijack https://www.inky.com/blog/urgency-mail-relay-serve-phishers-well-on-craigslist UltimaSMS Android Malware https://blog.avast.com/premium-sms-scam-apps-on-play-store-avast Firefox Proxy Malware https://blog.mozilla.org/security/2021/10/25/securing-the-proxy-api-for-firefox-add-ons/
ISC StormCast for Wednesday, October 27th, 2021
Apple Updates Everything (but no details yet) https://support.apple.com/en-sa/HT201222 Craigslist E-Mail Hijack https://www.inky.com/blog/urgency-mail-relay-serve-phishers-well-on-craigslist UltimaSMS Android Malware https://blog.avast.com/premium-sms-scam-apps-on-play-store-avast Firefox Proxy Malware https://blog.mozilla.org/security/2021/10/25/securing-the-proxy-api-for-firefox-add-ons/
ISC StormCast for Tuesday, October 26th, 2021
Decrypting Cobalt Strike Traffic https://isc.sans.edu/forums/diary/Decrypting+Cobalt+Strike+Traffic+With+a+Leaked+Private+Key/27968/ Critical Discourse Vulnerability https://us-cert.cisa.gov/ncas/current-activity/2021/10/24/critical-rce-vulnerability-discourse Discourse Discussion Platform RCE https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-pvpc-qgwq https://0day.click/recipe/discourse-sns-rce/ ua-parser-js malware https://github.com/advisories/GHSA-pjwm-rvh2-c87w Vulnerable Billing Software BillQuick Web Used to Deploy Ransomware https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware
ISC StormCast for Tuesday, October 26th, 2021
Decrypting Cobalt Strike Traffic https://isc.sans.edu/forums/diary/Decrypting+Cobalt+Strike+Traffic+With+a+Leaked+Private+Key/27968/ Critical Discourse Vulnerability https://us-cert.cisa.gov/ncas/current-activity/2021/10/24/critical-rce-vulnerability-discourse Discourse Discussion Platform RCE https://github.com/discourse/discourse/security/advisories/GHSA-jcjx-pvpc-qgwq https://0day.click/recipe/discourse-sns-rce/ ua-parser-js malware https://github.com/advisories/GHSA-pjwm-rvh2-c87w Vulnerable Billing Software BillQuick Web Used to Deploy Ransomware https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware
ISC StormCast for Monday, October 25th, 2021
Malware Quiz https://isc.sans.edu/forums/diary/October+2021+Contest+Forensic+Challenge/27960/ Odd Zip Files https://isc.sans.edu/forums/diary/Phishing+ZIP+With+Malformed+Filename/27966/ Decrypting Cobalt Strike Configurations Using Known Secret Keys https://blog.nviso.eu/2021/10/21/cobalt-strike-using-known-private-keys-to-decrypt-traffic-part-1/ Tracking BLE Fingerprints https://cseweb.ucsd.edu/~nibhaska/papers/sp22_paper.pdf GPS Software Bug https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/gps-daemon-gpsd-rollover-bug https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/
ISC StormCast for Monday, October 25th, 2021
Malware Quiz https://isc.sans.edu/forums/diary/October+2021+Contest+Forensic+Challenge/27960/ Odd Zip Files https://isc.sans.edu/forums/diary/Phishing+ZIP+With+Malformed+Filename/27966/ Decrypting Cobalt Strike Configurations Using Known Secret Keys https://blog.nviso.eu/2021/10/21/cobalt-strike-using-known-private-keys-to-decrypt-traffic-part-1/ Tracking BLE Fingerprints https://cseweb.ucsd.edu/~nibhaska/papers/sp22_paper.pdf GPS Software Bug https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/gps-daemon-gpsd-rollover-bug https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/