A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Android Bytes (powered by Esper)
Android Bytes (powered by Esper) is the podcast that dives deep into the engineering and business decisions behind the world’s most popular OS. https://www.esper.io
Android powers over 3 billion devices worldwide and is the platform of choice for over a thousand companies. You’ll find Android on smartphones, tablets, watches, TV, cars, kiosks, and so much more. How does Google architect Android to run on so many form factors, and how do companies fork AOSP to make it run on even more devices? These are the kinds of questions the Android Bytes podcast considers each week.
Join cohosts Mishaal Rahman and David Ruddock, two journalists with extensive knowledge covering the Android OS platform and ecosystem, as they speak to system architects, kernel engineers, app developers, and other distinguished experts in the Android space.
Get in touch with us at Esper.io if you’re looking to use Android for your product — we have the experience you need.
ISC StormCast for Monday, September 9th, 2024
Password Cracking Energy: More Details https://isc.sans.edu/diary/Password%20Cracking%20%26%20Energy%3A%20More%20Dedails/31242 Python Notpad ++ https://isc.sans.edu/diary/Python%20%26%20Notepad%2B%2B/31240 Fake LinkedIn Job Ads https://cloud.google.com/blog/topics/threat-intelligence/examining-web3-heists/ Android Crypto Passphrase Stealer with OCR https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/ Sextortion Scam Now use Your Chating Spouses Name as a Lure https://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-spouses-name-as-a-lure/
ISC StormCast for Monday, September 9th, 2024
Password Cracking Energy: More Details https://isc.sans.edu/diary/Password%20Cracking%20%26%20Energy%3A%20More%20Dedails/31242 Python Notpad ++ https://isc.sans.edu/diary/Python%20%26%20Notepad%2B%2B/31240 Fake LinkedIn Job Ads https://cloud.google.com/blog/topics/threat-intelligence/examining-web3-heists/ Android Crypto Passphrase Stealer with OCR https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/ Sextortion Scam Now use Your Chating Spouses Name as a Lure https://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-spouses-name-as-a-lure/
ISC StormCast for Friday, September 6th, 2024
Enrichment Data: Keeping it Fresh https://isc.sans.edu/diary/Enrichment%20Data%3A%20Keeping%20it%20Fresh/31236 Veeam Update https://www.veeam.com/kb4649 New OFBiz Vulnerabilities https://www.rapid7.com/blog/post/2024/09/05/cve-2024-45195-apache-ofbiz-unauthenticated-remote-code-execution-fixed/ Cisco Smart License Manager Patches https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
ISC StormCast for Friday, September 6th, 2024
Enrichment Data: Keeping it Fresh https://isc.sans.edu/diary/Enrichment%20Data%3A%20Keeping%20it%20Fresh/31236 Veeam Update https://www.veeam.com/kb4649 New OFBiz Vulnerabilities https://www.rapid7.com/blog/post/2024/09/05/cve-2024-45195-apache-ofbiz-unauthenticated-remote-code-execution-fixed/ Cisco Smart License Manager Patches https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
ISC StormCast for Thursday, September 5th, 2024
Scans for Moodle Learning Platform Following Recent Update https://isc.sans.edu/diary/Scans+for+Moodle+Learning+Platform+Following+Recent+Update/31230 PyPi Rivival HiJack https://jfrog.com/blog/revival-hijack-pypi-hijack-technique-exploited-22k-packages-at-risk/ Android Updates https://source.android.com/docs/security/bulletin/2024-09-01 Mediatec WAPPD PoC Exploit https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html#wrapping-up
ISC StormCast for Thursday, September 5th, 2024
Scans for Moodle Learning Platform Following Recent Update https://isc.sans.edu/diary/Scans+for+Moodle+Learning+Platform+Following+Recent+Update/31230 PyPi Rivival HiJack https://jfrog.com/blog/revival-hijack-pypi-hijack-technique-exploited-22k-packages-at-risk/ Android Updates https://source.android.com/docs/security/bulletin/2024-09-01 Mediatec WAPPD PoC Exploit https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html#wrapping-up
ISC StormCast for Wednesday, September 4th, 2024
Protected OOXML Text Documents https://isc.sans.edu/diary/Protected%20OOXML%20Text%20Documents/31078 Sextortion E-Mails with Photos https://krebsonsecurity.com/2024/09/sextortion-scams-now-include-photos-of-your-home/ Zyxel OS Command Injection Vulnerability https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024 D-Link DIR-846W Unpatched RCE Vulnerabilities https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10411 VMWare Priviledge Escalation Vulnerability CVe-2024-38811 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24939 YubiKey Sidechannel Attack https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf https://www.yubico.com/support/security-advisories/ysa-2024-03/
ISC StormCast for Wednesday, September 4th, 2024
Protected OOXML Text Documents https://isc.sans.edu/diary/Protected%20OOXML%20Text%20Documents/31078 Sextortion E-Mails with Photos https://krebsonsecurity.com/2024/09/sextortion-scams-now-include-photos-of-your-home/ Zyxel OS Command Injection Vulnerability https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024 D-Link DIR-846W Unpatched RCE Vulnerabilities https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10411 VMWare Priviledge Escalation Vulnerability CVe-2024-38811 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24939 YubiKey Sidechannel Attack https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf https://www.yubico.com/support/security-advisories/ysa-2024-03/
ISC StormCast for Tuesday, September 3rd, 2024
Wireshark 4.4: Converting Display Filters to BPF Capture Filters https://isc.sans.edu/diary/Wireshark+44+Converting+Display+Filters+to+BPF+Capture+Filters/31224 GitHub Comments Used to Spread Malware https://www.reddit.com/r/Malware/comments/1f2n1h4/comment/lkbi5gi/ Voldemort Malware Curses Orgs Using Global Tax Authorities https://www.darkreading.com/threat-intelligence/voldemort-malware-curses-orgs-global-tax-authorities Analysis of CVE-2024-43044 From file read to RCE in Jenkins through agents https://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/
ISC StormCast for Tuesday, September 3rd, 2024
Wireshark 4.4: Converting Display Filters to BPF Capture Filters https://isc.sans.edu/diary/Wireshark+44+Converting+Display+Filters+to+BPF+Capture+Filters/31224 GitHub Comments Used to Spread Malware https://www.reddit.com/r/Malware/comments/1f2n1h4/comment/lkbi5gi/ Voldemort Malware Curses Orgs Using Global Tax Authorities https://www.darkreading.com/threat-intelligence/voldemort-malware-curses-orgs-global-tax-authorities Analysis of CVE-2024-43044 From file read to RCE in Jenkins through agents https://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/
ISC StormCast for Friday, August 30th, 2024
Live Patching DLLs with Python https://isc.sans.edu/diary/Live%20Patching%20DLLs%20with%20Python/31218 Global Protect Phishing https://www.trendmicro.com/en_us/research/24/h/threat-actors-target-middle-east-using-fake-tool.html BlackByte Ransomware Update https://blog.talosintelligence.com/blackbyte-blends-tried-and-true-tradecraft-with-newly-disclosed-vulnerabilities-to-support-ongoing-attacks/ The Risks Lurking in Publicly Exposed GenAI Development Services https://www.legitsecurity.com/blog/the-risks-lurking-in-publicly-exposed-genai-development-services Finding Lateral Movement of Adversaries Through the Noise of Systems Administration https://www.sans.edu/cyber-research/finding-lateral-movement-adversaries-through-noise-systems-administration/ YouTube Channel: https://www.youtube.com/c/CyberAttackDefense
ISC StormCast for Friday, August 30th, 2024
Live Patching DLLs with Python https://isc.sans.edu/diary/Live%20Patching%20DLLs%20with%20Python/31218 Global Protect Phishing https://www.trendmicro.com/en_us/research/24/h/threat-actors-target-middle-east-using-fake-tool.html BlackByte Ransomware Update https://blog.talosintelligence.com/blackbyte-blends-tried-and-true-tradecraft-with-newly-disclosed-vulnerabilities-to-support-ongoing-attacks/ The Risks Lurking in Publicly Exposed GenAI Development Services https://www.legitsecurity.com/blog/the-risks-lurking-in-publicly-exposed-genai-development-services Finding Lateral Movement of Adversaries Through the Noise of Systems Administration https://www.sans.edu/cyber-research/finding-lateral-movement-adversaries-through-noise-systems-administration/ YouTube Channel: https://www.youtube.com/c/CyberAttackDefense
ISC StormCast for Thursday, August 29th, 2024
Vega-Lite With Kibana To Parse and Display IP Activity Over Time https://isc.sans.edu/diary/Vega-Lite%20with%20Kibana%20to%20Parse%20and%20Display%20IP%20Activity%20over%20Time/31210 Attack tool update impairs Windows computers https://news.sophos.com/en-us/2024/08/27/burnt-cigar-2/ Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a Confluence Vulnerabilty Exploited for Crypto Miners https://www.trendmicro.com/en_us/research/24/h/cve-2023-22527-cryptomining.html Fortra FileCatalyst Workflow Hard Coded HSQLDB Credentials https://www.fortra.com/security/advisories/product-security/fi-2024-011
ISC StormCast for Thursday, August 29th, 2024
Vega-Lite With Kibana To Parse and Display IP Activity Over Time https://isc.sans.edu/diary/Vega-Lite%20with%20Kibana%20to%20Parse%20and%20Display%20IP%20Activity%20over%20Time/31210 Attack tool update impairs Windows computers https://news.sophos.com/en-us/2024/08/27/burnt-cigar-2/ Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a Confluence Vulnerabilty Exploited for Crypto Miners https://www.trendmicro.com/en_us/research/24/h/cve-2023-22527-cryptomining.html Fortra FileCatalyst Workflow Hard Coded HSQLDB Credentials https://www.fortra.com/security/advisories/product-security/fi-2024-011
ISC StormCast for Wednesday, August 28th, 2024
Why is Python so Popular to Infect Windows Hosts https://isc.sans.edu/diary/Why%20Is%20Python%20so%20Popular%20to%20Infect%20Windows%20Hosts%3F/31208 OFBiz Vulnerability Update https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://nvd.nist.gov/vuln/detail/CVE-2024-38856 Versa Directory Vulnerability Exploited https://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/ Google Chrome Vulnerability Exploited https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html SGX Key Leak https://x.com/_markel___/status/1828112469010596347