A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Wednesday, July 1st 2020
Window 10 / 2019 Server Out of Order Patch https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1425 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1457 MacOS Ransomare Arrives as Fake Little Snitch Software https://blog.malwarebytes.com/mac/2020/06/new-mac-ransomware-spreading-through-piracy/ VPN Privilege Escalation https://0xsha.io/posts/zombievpn-breaking-that-internet-security DNSSEC Phishing Scam https://nakedsecurity.sophos.com/2020/06/29/beware-secure-dns-scam-targeting-website-owners-and-bloggers/
ISC StormCast for Wednesday, July 1st 2020
Window 10 / 2019 Server Out of Order Patch https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1425 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1457 MacOS Ransomare Arrives as Fake Little Snitch Software https://blog.malwarebytes.com/mac/2020/06/new-mac-ransomware-spreading-through-piracy/ VPN Privilege Escalation https://0xsha.io/posts/zombievpn-breaking-that-internet-security DNSSEC Phishing Scam https://nakedsecurity.sophos.com/2020/06/29/beware-secure-dns-scam-targeting-website-owners-and-bloggers/
ISC StormCast for Tuesday, June 30th 2020
Sysmon 11.10 and ADS Logging https://isc.sans.edu/forums/diary/Sysmon+and+Alternate+Data+Streams/26292/ Paloalto PAN-OS SAML Vulnerability https://security.paloaltonetworks.com/CVE-2020-2021 Cisco Telnet Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telnetd-EFJrEzPx https://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html
ISC StormCast for Tuesday, June 30th 2020
Sysmon 11.10 and ADS Logging https://isc.sans.edu/forums/diary/Sysmon+and+Alternate+Data+Streams/26292/ Paloalto PAN-OS SAML Vulnerability https://security.paloaltonetworks.com/CVE-2020-2021 Cisco Telnet Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telnetd-EFJrEzPx https://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html
ISC StormCast for Monday, June 29th 2020
MacOS 11 Security Changes https://www.sentinelone.com/blog/macos-big-sur-9-big-surprises-for-enterprise-security/ Certificate Lifetime Limited to 1 Year Starting September https://chromium.googlesource.com/chromium/src/+/ae4d6809912f8171b23f6aa43c6a4e8e627de784 https://support.apple.com/en-us/HT211025 https://lists.cabforum.org/pipermail/servercert-wg/2020-June/002000.html
ISC StormCast for Monday, June 29th 2020
MacOS 11 Security Changes https://www.sentinelone.com/blog/macos-big-sur-9-big-surprises-for-enterprise-security/ Certificate Lifetime Limited to 1 Year Starting September https://chromium.googlesource.com/chromium/src/+/ae4d6809912f8171b23f6aa43c6a4e8e627de784 https://support.apple.com/en-us/HT211025 https://lists.cabforum.org/pipermail/servercert-wg/2020-June/002000.html
ISC StormCast for Friday, June 26th 2020
Recordings of the Tech Tuesday Workshop https://isc.sans.edu/forums/diary/Tech+Tuesday+Recap+Recordings+Part+2+Installing+the+Honeypot+release/26280/ https://www.youtube.com/channel/UCfbOsqPmWg1H_34hTjKEW2A Credit Card Skimmers Hide Code in Favicon EXIF Data https://blog.malwarebytes.com/threat-analysis/2020/06/web-skimmer-hides-within-exif-metadata-exfiltrates-credit-cards-via-image-files/ GeoVision Scanners Vulnerabilities https://thehackernews.com/2020/06/geovision-scanner-vulnerabilities.html Docker Images Containing Cryptojacking Malware https://unit42.paloaltonetworks.com/cryptojacking-docker-images-for-mining-monero/ SANS.edu Student Karim Lalji: https://www.sans.org/reading-room/whitepapers/threathunting/real-time-honeypot-forensic-investigation-german-organized-crime-network-39640
ISC StormCast for Friday, June 26th 2020
Recordings of the Tech Tuesday Workshop https://isc.sans.edu/forums/diary/Tech+Tuesday+Recap+Recordings+Part+2+Installing+the+Honeypot+release/26280/ https://www.youtube.com/channel/UCfbOsqPmWg1H_34hTjKEW2A Credit Card Skimmers Hide Code in Favicon EXIF Data https://blog.malwarebytes.com/threat-analysis/2020/06/web-skimmer-hides-within-exif-metadata-exfiltrates-credit-cards-via-image-files/ GeoVision Scanners Vulnerabilities https://thehackernews.com/2020/06/geovision-scanner-vulnerabilities.html Docker Images Containing Cryptojacking Malware https://unit42.paloaltonetworks.com/cryptojacking-docker-images-for-mining-monero/ SANS.edu Student Karim Lalji: https://www.sans.org/reading-room/whitepapers/threathunting/real-time-honeypot-forensic-investigation-german-organized-crime-network-39640
ISC StormCast for Thursday, June 25th 2020
Using Shell Links as zero-touch downloaders and to initiate network connections https://isc.sans.edu/forums/diary/Using+Shell+Links+as+zerotouch+downloaders+and+to+initiate+network+connections/26276/ Chrome Updates Released https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_22.html QNAP Updates for Helpdesk https://www.qnap.com/de-de/security-advisory/qsa-20-03 Magento Update https://helpx.adobe.com/security/products/magento/apsb20-41.html Attacks Against Microsoft Exchange Servers https://www.microsoft.com/security/blog/2020/06/24/defending-exchange-servers-under-attack/
ISC StormCast for Thursday, June 25th 2020
Using Shell Links as zero-touch downloaders and to initiate network connections https://isc.sans.edu/forums/diary/Using+Shell+Links+as+zerotouch+downloaders+and+to+initiate+network+connections/26276/ Chrome Updates Released https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_22.html QNAP Updates for Helpdesk https://www.qnap.com/de-de/security-advisory/qsa-20-03 Magento Update https://helpx.adobe.com/security/products/magento/apsb20-41.html Attacks Against Microsoft Exchange Servers https://www.microsoft.com/security/blog/2020/06/24/defending-exchange-servers-under-attack/
ISC StormCast for Wednesday, June 24th 2020
Analysis Of Traffic Targeting CyberBunker IP Space https://isc.sans.edu/forums/diary/Cyberbunker+20+Analysis+of+the+Remnants+of+a+Bullet+Proof+Hosting+Provider/26266/ Microsoft Offering Enterprise Security Products for Linux/Android https://techcommunity.microsoft.com/t5/microsoft-defender-atp/announcing-microsoft-defender-atp-for-android/ba-p/1480787 https://techcommunity.microsoft.com/t5/microsoft-defender-atp/microsoft-defender-atp-for-linux-is-now-generally-available/ba-p/1482344 Microsoft Safe Documents https://techcommunity.microsoft.com/t5/microsoft-365-blog/safe-documents-is-generally-available/ba-p/1480401
ISC StormCast for Wednesday, June 24th 2020
Analysis Of Traffic Targeting CyberBunker IP Space https://isc.sans.edu/forums/diary/Cyberbunker+20+Analysis+of+the+Remnants+of+a+Bullet+Proof+Hosting+Provider/26266/ Microsoft Offering Enterprise Security Products for Linux/Android https://techcommunity.microsoft.com/t5/microsoft-defender-atp/announcing-microsoft-defender-atp-for-android/ba-p/1480787 https://techcommunity.microsoft.com/t5/microsoft-defender-atp/microsoft-defender-atp-for-linux-is-now-generally-available/ba-p/1482344 Microsoft Safe Documents https://techcommunity.microsoft.com/t5/microsoft-365-blog/safe-documents-is-generally-available/ba-p/1480401
ISC StormCast for Tuesday, June 23rd 2020
Comparing Office Documents with WinMerge https://isc.sans.edu/forums/diary/Comparing+Office+Documents+with+WinMerge/26268/ VMWare Tools and Microsoft Office Updates for macOS https://www.vmware.com/security/advisories/VMSA-2020-0014.html https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1225 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1226 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1229 Remote Code Execution Vulnerability in Bitdefender https://palant.info/2020/06/22/exploiting-bitdefender-antivirus-rce-from-any-website/ Google Analytics Used to Exfiltrate Data https://www.perimeterx.com/tech-blog/2020/bypassing-csp-exflitrate-data/
ISC StormCast for Tuesday, June 23rd 2020
Comparing Office Documents with WinMerge https://isc.sans.edu/forums/diary/Comparing+Office+Documents+with+WinMerge/26268/ VMWare Tools and Microsoft Office Updates for macOS https://www.vmware.com/security/advisories/VMSA-2020-0014.html https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1225 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1226 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1229 Remote Code Execution Vulnerability in Bitdefender https://palant.info/2020/06/22/exploiting-bitdefender-antivirus-rce-from-any-website/ Google Analytics Used to Exfiltrate Data https://www.perimeterx.com/tech-blog/2020/bypassing-csp-exflitrate-data/
ISC StormCast for Monday, June 22nd 2020
Sigma Rules! The Generic Signature Format for SIEM Systems https://isc.sans.edu/forums/diary/Sigma+rules+The+generic+signature+format+for+SIEM+systems/26258/ Pi Zero Honeypot https://isc.sans.edu/forums/diary/Pi+Zero+HoneyPot/26260/ Ransomware Operators Lurk on Your Network https://www.bleepingcomputer.com/news/security/ransomware-operators-lurk-on-your-network-after-their-attack/ Discord Modified to Steal Accounts https://www.bleepingcomputer.com/news/security/discord-modified-to-steal-accounts-by-new-nitrohack-malware/