A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Wednesday, December 1st, 2021
Hunting for PHPUnit Installed via Composer https://isc.sans.edu/forums/diary/Hunting+for+PHPUnit+Installed+via+Composer/28084/ Microsoft Defender Scares Admins with Emotet False Positivies https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-scares-admins-with-emotet-false-positives/ Printing Shellz HP Printer Vulnerabilities https://blog.f-secure.com/hp-printer-vulnerabilities/?_ga=2.125707850.1160056027.1638325485-2056233716.1638325485 Unpatched Local Privilege Escalation in Mobile Device Management Service https://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html
ISC StormCast for Tuesday, November 30th, 2021
Wireshark 3.6.0 Released https://isc.sans.edu/forums/diary/Wireshark+360+Released/28076/ Google Cloud Security Report https://services.google.com/fh/files/misc/gcat_threathorizons_full_nov2021.pdf Zoom Patch https://explore.zoom.us/en/trust/security/security-bulletin/ Slack DNSSEC Experience Reports https://slack.engineering/what-happened-during-slacks-dnssec-rollout/
ISC StormCast for Tuesday, November 30th, 2021
Wireshark 3.6.0 Released https://isc.sans.edu/forums/diary/Wireshark+360+Released/28076/ Google Cloud Security Report https://services.google.com/fh/files/misc/gcat_threathorizons_full_nov2021.pdf Zoom Patch https://explore.zoom.us/en/trust/security/security-bulletin/ Slack DNSSEC Experience Reports https://slack.engineering/what-happened-during-slacks-dnssec-rollout/
ISC StormCast for Monday, November 29th, 2021
Phishing Pages Hiding Itself Using Dynamically Adjusted IP Based Allow List https://isc.sans.edu/forums/diary/Phishing+page+hiding+itself+using+dynamically+adjusted+IPbased+allow+list/28070/ Trickbot Phishing Checks Screen Resolution to Evade Researchers https://www.bleepingcomputer.com/news/security/trickbot-phishing-checks-screen-resolution-to-evade-researchers/ QNAP QVR Patch https://www.qnap.com/de-de/security-advisory/qsa-21-51 CronRAT Malware Hiding in cron https://sansec.io/research/cronrat
ISC StormCast for Monday, November 29th, 2021
Phishing Pages Hiding Itself Using Dynamically Adjusted IP Based Allow List https://isc.sans.edu/forums/diary/Phishing+page+hiding+itself+using+dynamically+adjusted+IPbased+allow+list/28070/ Trickbot Phishing Checks Screen Resolution to Evade Researchers https://www.bleepingcomputer.com/news/security/trickbot-phishing-checks-screen-resolution-to-evade-researchers/ QNAP QVR Patch https://www.qnap.com/de-de/security-advisory/qsa-21-51 CronRAT Malware Hiding in cron https://sansec.io/research/cronrat
ISC StormCast for Wednesday, November 24th, 2021
YARA Rule for OOXML Maldocs: Less False Positives https://isc.sans.edu/forums/diary/YARA+Rule+for+OOXML+Maldocs+Less+False+Positives/28066/ Zero-Day Windows Installer Exploit https://www.bleepingcomputer.com/news/security/malware-now-trying-to-exploit-new-windows-installer-zero-day/ VMWare VCenter Vulnerability and Patch https://www.vmware.com/security/advisories/VMSA-2021-0027.html
ISC StormCast for Wednesday, November 24th, 2021
YARA Rule for OOXML Maldocs: Less False Positives https://isc.sans.edu/forums/diary/YARA+Rule+for+OOXML+Maldocs+Less+False+Positives/28066/ Zero-Day Windows Installer Exploit https://www.bleepingcomputer.com/news/security/malware-now-trying-to-exploit-new-windows-installer-zero-day/ VMWare VCenter Vulnerability and Patch https://www.vmware.com/security/advisories/VMSA-2021-0027.html
ISC StormCast for Tuesday, November 23rd, 2021
Simple YARA Rules for Office Maldocs https://isc.sans.edu/forums/diary/Simple+YARA+Rules+for+Office+Maldocs/28062/ Retailers Urged to Patch Magento https://www.theregister.com/2021/11/22/ncsc_magento_updates_black_friday_reminder/ PoC of CVE-2021-42321: pop mspaint.exe on the target https://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398 BeC Via Exchange Flaws https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html Windows Priv. Escalation PoC https://github.com/klinix5/InstallerFileTakeOver PHP deserialize vulnerablity in CloudLinux Imunity360 https://blog.talosintelligence.com/2021/11/vulnerability-spotlight-php-deserialize.html
ISC StormCast for Tuesday, November 23rd, 2021
Simple YARA Rules for Office Maldocs https://isc.sans.edu/forums/diary/Simple+YARA+Rules+for+Office+Maldocs/28062/ Retailers Urged to Patch Magento https://www.theregister.com/2021/11/22/ncsc_magento_updates_black_friday_reminder/ PoC of CVE-2021-42321: pop mspaint.exe on the target https://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398 BeC Via Exchange Flaws https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html Windows Priv. Escalation PoC https://github.com/klinix5/InstallerFileTakeOver PHP deserialize vulnerablity in CloudLinux Imunity360 https://blog.talosintelligence.com/2021/11/vulnerability-spotlight-php-deserialize.html
ISC StormCast for Monday, November 22nd, 2021
Hikvision Security Cameras Potentially Exposed to Remote Code Execution https://isc.sans.edu/forums/diary/Hikvision+Security+Cameras+Potentially+Exposed+to+Remote+Code+Execution/28056/ Detecting PAM Backdoors https://isc.sans.edu/forums/diary/Backdooring+PAM/28058/ Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem https://dl.acm.org/doi/pdf/10.1145/3460120.3484768 CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest/
ISC StormCast for Monday, November 22nd, 2021
Hikvision Security Cameras Potentially Exposed to Remote Code Execution https://isc.sans.edu/forums/diary/Hikvision+Security+Cameras+Potentially+Exposed+to+Remote+Code+Execution/28056/ Detecting PAM Backdoors https://isc.sans.edu/forums/diary/Backdooring+PAM/28058/ Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem https://dl.acm.org/doi/pdf/10.1145/3460120.3484768 CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest/
ISC StormCast for Friday, November 19th, 2021
JavaScript Downloader Delivers Agent Tesla Trojan https://isc.sans.edu/forums/diary/JavaScript+Downloader+Delivers+Agent+Tesla+Trojan/28050/ Exposed Firefox cookies.sqlite Databases https://www.theregister.com/2021/11/18/firefox_cookies_github/ FBI Warns of Fatpipe VPN Exploits https://www.ic3.gov/Media/News/2021/211117-2.pdf Abusing ClouDNS https://blog.netlab.360.com/the-pitfall-of-threat-intelligence-whitelisting-specter-botnet-is-taking-over-top-legit-dns-domains-by-using-cloudns-service/
ISC StormCast for Friday, November 19th, 2021
JavaScript Downloader Delivers Agent Tesla Trojan https://isc.sans.edu/forums/diary/JavaScript+Downloader+Delivers+Agent+Tesla+Trojan/28050/ Exposed Firefox cookies.sqlite Databases https://www.theregister.com/2021/11/18/firefox_cookies_github/ FBI Warns of Fatpipe VPN Exploits https://www.ic3.gov/Media/News/2021/211117-2.pdf Abusing ClouDNS https://blog.netlab.360.com/the-pitfall-of-threat-intelligence-whitelisting-specter-botnet-is-taking-over-top-legit-dns-domains-by-using-cloudns-service/
ISC StormCast for Thursday, November 18th, 2021
DDS Protocol Implementation Vulnerabilities https://us-cert.cisa.gov/ics/advisories/icsa-21-315-02 Siemens TCP/IP Flaws https://www.forescout.com/blog/new-critical-vulnerabilities-found-on-nucleus-tcp-ip-stack/ Netgear UPNP Stack Based Buffer Overflow https://blog.grimm-co.com/2021/11/seamlessly-discovering-netgear.html
ISC StormCast for Thursday, November 18th, 2021
DDS Protocol Implementation Vulnerabilities https://us-cert.cisa.gov/ics/advisories/icsa-21-315-02 Siemens TCP/IP Flaws https://www.forescout.com/blog/new-critical-vulnerabilities-found-on-nucleus-tcp-ip-stack/ Netgear UPNP Stack Based Buffer Overflow https://blog.grimm-co.com/2021/11/seamlessly-discovering-netgear.html