A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Android Bytes (powered by Esper)
Android Bytes (powered by Esper) is the podcast that dives deep into the engineering and business decisions behind the world’s most popular OS. https://www.esper.io
Android powers over 3 billion devices worldwide and is the platform of choice for over a thousand companies. You’ll find Android on smartphones, tablets, watches, TV, cars, kiosks, and so much more. How does Google architect Android to run on so many form factors, and how do companies fork AOSP to make it run on even more devices? These are the kinds of questions the Android Bytes podcast considers each week.
Join cohosts Mishaal Rahman and David Ruddock, two journalists with extensive knowledge covering the Android OS platform and ecosystem, as they speak to system architects, kernel engineers, app developers, and other distinguished experts in the Android space.
Get in touch with us at Esper.io if you’re looking to use Android for your product — we have the experience you need.
ISC StormCast for Friday, September 20th, 2024
Fake GitHub Site Targeting Developers https://isc.sans.edu/diary/Fake%20GitHub%20Site%20Targeting%20Developers/31282 Ivanti CSA 4.6 Advisory https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-4-6-Cloud-Services-Appliance-CVE-2024-8963?language=en_US German Police Deanonymizes Tor User https://blog.torproject.org/tor-is-still-safe/ Ever wonder how crooks get the credentials to unlock stolen phones? https://arstechnica.com/security/2024/09/cops-bust-website-crooks-used-to-unlock-1-2-million-stolen-mobile-phones/
ISC StormCast for Thursday, September 19th, 2024
Python Infostealer Patching Windows Exodus App https://isc.sans.edu/diary/Python%20Infostealer%20Patching%20Windows%20Exodus%20App/31276 Service Now Knoledge Bases Data Exposures https://appomni.com/ao-labs/servicenow-knowledge-bases-data-exposures-uncovered/ Gitlab Patch https://about.gitlab.com/releases/2024/09/17/patch-release-gitlab-17-3-3-released/ Aruba Patch https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US
ISC StormCast for Thursday, September 19th, 2024
Python Infostealer Patching Windows Exodus App https://isc.sans.edu/diary/Python%20Infostealer%20Patching%20Windows%20Exodus%20App/31276 Service Now Knoledge Bases Data Exposures https://appomni.com/ao-labs/servicenow-knowledge-bases-data-exposures-uncovered/ Gitlab Patch https://about.gitlab.com/releases/2024/09/17/patch-release-gitlab-17-3-3-released/ Aruba Patch https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US
ISC StormCast for Wednesday, September 18th, 2024
23:59, Time to Exfiltrate! https://isc.sans.edu/diary/23%3A59%2C%20Time%20to%20Exfiltrate!/31272 Critical VMWare VCenter Vulnerability https://blogs.vmware.com/cloud-foundation/2024/09/17/vmsa-2024-0019-questions-answers/ Zero-Click Calendar invite - Critical zero-click vulnerability chain in macOS https://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b Google Adds Latest Post Quantum Encryption Standard to Chrome https://security.googleblog.com/2024/09/a-new-path-for-kyber-on-web.html
ISC StormCast for Wednesday, September 18th, 2024
23:59, Time to Exfiltrate! https://isc.sans.edu/diary/23%3A59%2C%20Time%20to%20Exfiltrate!/31272 Critical VMWare VCenter Vulnerability https://blogs.vmware.com/cloud-foundation/2024/09/17/vmsa-2024-0019-questions-answers/ Zero-Click Calendar invite - Critical zero-click vulnerability chain in macOS https://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b Google Adds Latest Post Quantum Encryption Standard to Chrome https://security.googleblog.com/2024/09/a-new-path-for-kyber-on-web.html
ISC StormCast for Tuesday, September 17th, 2024
Managing PE Files with Overlays https://isc.sans.edu/forums/diary/Managing%20PE%20Files%20With%20Overlays/31268/ Apple Updates https://support.apple.com/en-us/100100 Ivanti EOL Cloud Service Appliances https://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance Microsoft Revises September Update https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43461 DLink Vulnerabilities https://www.twcert.org.tw/en/cp-139-8081-3fb39-2.html https://www.twcert.org.tw/en/cp-139-8091-bcd52-2.html https://www.twcert.org.tw/en/cp-139-8089-32df6-2.html
ISC StormCast for Tuesday, September 17th, 2024
Managing PE Files with Overlays https://isc.sans.edu/forums/diary/Managing%20PE%20Files%20With%20Overlays/31268/ Apple Updates https://support.apple.com/en-us/100100 Ivanti EOL Cloud Service Appliances https://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance Microsoft Revises September Update https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43461 DLink Vulnerabilities https://www.twcert.org.tw/en/cp-139-8081-3fb39-2.html https://www.twcert.org.tw/en/cp-139-8091-bcd52-2.html https://www.twcert.org.tw/en/cp-139-8089-32df6-2.html
ISC StormCast for Monday, September 16th, 2024
Finding Honeypot Clusters Using DBSCAN https://isc.sans.edu/diary/Finding%20Honeypot%20Data%20Clusters%20Using%20DBSCAN%3A%20Part%202/31194 Auto IT Credential Flusher https://research.openanalysis.net/credflusher/kiosk/stealer/stealc/amadey/autoit/2024/09/11/cred-flusher.html Ivanti Patches https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_US https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29847-deep-dive-ivanti-endpoint-manager-agentportal-deserialization-of-untrusted-data-remote-code-execution-vulnerability/ File Sender Vulnerability https://filesender.org/vulnerability-in-filesender-versions-below-2-49-and-3-x-beta/ Docker Patches https://docs.docker.com/desktop/release-notes/#4342
ISC StormCast for Monday, September 16th, 2024
Finding Honeypot Clusters Using DBSCAN https://isc.sans.edu/diary/Finding%20Honeypot%20Data%20Clusters%20Using%20DBSCAN%3A%20Part%202/31194 Auto IT Credential Flusher https://research.openanalysis.net/credflusher/kiosk/stealer/stealc/amadey/autoit/2024/09/11/cred-flusher.html Ivanti Patches https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_US https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29847-deep-dive-ivanti-endpoint-manager-agentportal-deserialization-of-untrusted-data-remote-code-execution-vulnerability/ File Sender Vulnerability https://filesender.org/vulnerability-in-filesender-versions-below-2-49-and-3-x-beta/ Docker Patches https://docs.docker.com/desktop/release-notes/#4342
ISC StormCast for Friday, September 13th, 2024
Compromise of old hostname .mobi whois server https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/ Microsoft Reconsidering Security Tool API https://blogs.windows.com/windowsexperience/2024/09/12/taking-steps-that-drive-resiliency-and-security-for-windows-customers/ Microsoft implents PQC in SymCrypt https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-s-quantum-resistant-cryptography-is-here/ba-p/4238780 GitLab Patch https://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/#execute-environment-stop-actions-as-the-owner-of-the-stop-action-job
ISC StormCast for Friday, September 13th, 2024
Compromise of old hostname .mobi whois server https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/ Microsoft Reconsidering Security Tool API https://blogs.windows.com/windowsexperience/2024/09/12/taking-steps-that-drive-resiliency-and-security-for-windows-customers/ Microsoft implents PQC in SymCrypt https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-s-quantum-resistant-cryptography-is-here/ba-p/4238780 GitLab Patch https://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/#execute-environment-stop-actions-as-the-owner-of-the-stop-action-job
ISC StormCast for Wednesday, September 11th, 2024
Microsoft Patches https://isc.sans.edu/diary/Microsoft%20September%202024%20Patch%20Tuesday/31254 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html Ivanti Patches https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US
ISC StormCast for Wednesday, September 11th, 2024
Microsoft Patches https://isc.sans.edu/diary/Microsoft%20September%202024%20Patch%20Tuesday/31254 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html Ivanti Patches https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US
ISC StormCast for Tuesday, September 10th, 2024
Critical Loadmaster Security Vulnerability https://support.kemptechnologies.com/hc/en-us/articles/29196371689613-LoadMaster-Security-Vulnerability-CVE-2024-7591 HA Proxy Patch https://www.mail-archive.com/haproxy%40formilux.org/msg45280.html Akira Ransomware Campaign Targeting Sonicwall SSLVPN Accounts https://arcticwolf.com/resources/blog/arctic-wolf-observes-akira-ransomware-campaign-targeting-sonicwall-sslvpn-accounts/ Kibana Deserializatio Vulnerability https://discuss.elastic.co/t/kibana-8-15-1-security-update-esa-2024-27-esa-2024-28/366119 Stately Taurus Abuses VSCode https://unit42.paloaltonetworks.com/stately-taurus-abuses-vscode-southeast-asian-espionage/
ISC StormCast for Tuesday, September 10th, 2024
Critical Loadmaster Security Vulnerability https://support.kemptechnologies.com/hc/en-us/articles/29196371689613-LoadMaster-Security-Vulnerability-CVE-2024-7591 HA Proxy Patch https://www.mail-archive.com/haproxy%40formilux.org/msg45280.html Akira Ransomware Campaign Targeting Sonicwall SSLVPN Accounts https://arcticwolf.com/resources/blog/arctic-wolf-observes-akira-ransomware-campaign-targeting-sonicwall-sslvpn-accounts/ Kibana Deserializatio Vulnerability https://discuss.elastic.co/t/kibana-8-15-1-security-update-esa-2024-27-esa-2024-28/366119 Stately Taurus Abuses VSCode https://unit42.paloaltonetworks.com/stately-taurus-abuses-vscode-southeast-asian-espionage/