A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Friday, May 8th 2020
Scanning With NMAP NSE Scripts https://isc.sans.edu/forums/diary/Scanning+with+nmaps+NSE+scripts/26096/ iOS Psychic Paper Vulerability https://siguza.github.io/psychicpaper/ World Password Day https://www.microsoft.com/security/blog/2020/05/07/protect-accounts-smarter-ways-sign-in-world-passwordless-day https://tails.boum.org/news/version_4.6/index.en.html Cisco Kerberos Bypass https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS
ISC StormCast for Thursday, May 7th 2020
Keeping an Eye on Malicious Files Life Time https://isc.sans.edu/forums/diary/Keeping+an+Eye+on+Malicious+Files+Life+Time/26092/ Fake Crypto Wallet Chrome Extensions https://www.theregister.co.uk/2020/05/06/chrome_malicious_extensions/ Favicon Hides Credit Card Skimmer https://blog.malwarebytes.com/threat-analysis/2020/05/credit-card-skimmer-masquerades-as-favicon/ WebEx Phishing https://abnormalsecurity.com/blog/abnormal-attack-stories-cisco-webex-phishing/
ISC StormCast for Thursday, May 7th 2020
Keeping an Eye on Malicious Files Life Time https://isc.sans.edu/forums/diary/Keeping+an+Eye+on+Malicious+Files+Life+Time/26092/ Fake Crypto Wallet Chrome Extensions https://www.theregister.co.uk/2020/05/06/chrome_malicious_extensions/ Favicon Hides Credit Card Skimmer https://blog.malwarebytes.com/threat-analysis/2020/05/credit-card-skimmer-masquerades-as-favicon/ WebEx Phishing https://abnormalsecurity.com/blog/abnormal-attack-stories-cisco-webex-phishing/
ISC StormCast for Wednesday, May 6th 2020
Do Cloud Security Features Replace Pesonnel Security Capabilities? https://isc.sans.edu/forums/diary/Cloud+Security+Features+Dont+Replace+the+Need+for+Personnel+Security+Capabilities/26088/ Citrix ShareFile Storage Zones Controller Update https://support.citrix.com/article/CTX269106 Android Update https://source.android.com/security/bulletin/2020-05-01 Firefox Update https://www.mozilla.org/en-US/firefox/76.0/releasenotes/ Dell OS Recovery Image Insecure Inherited Permissions https://www.dell.com/support/article/de-de/sln321036/dsa-2020-059-dell-os-recovery-image-insecure-inherited-permissions-vulnerability?lang=en WordPress Update https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
ISC StormCast for Wednesday, May 6th 2020
Do Cloud Security Features Replace Pesonnel Security Capabilities? https://isc.sans.edu/forums/diary/Cloud+Security+Features+Dont+Replace+the+Need+for+Personnel+Security+Capabilities/26088/ Citrix ShareFile Storage Zones Controller Update https://support.citrix.com/article/CTX269106 Android Update https://source.android.com/security/bulletin/2020-05-01 Firefox Update https://www.mozilla.org/en-US/firefox/76.0/releasenotes/ Dell OS Recovery Image Insecure Inherited Permissions https://www.dell.com/support/article/de-de/sln321036/dsa-2020-059-dell-os-recovery-image-insecure-inherited-permissions-vulnerability?lang=en WordPress Update https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
ISC StormCast for Tuesday, May 5th 2020
Exploring the Sysmon 11 File Deletion Protection https://isc.sans.edu/forums/diary/Sysmon+and+File+Deletion/26084/ Digicert CT Compromise https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/aKNbZuJzwfM WebLogic Flaw (new one..) Exploited in the Wild https://blogs.oracle.com/security/apply-april-2020-cpu
ISC StormCast for Tuesday, May 5th 2020
Exploring the Sysmon 11 File Deletion Protection https://isc.sans.edu/forums/diary/Sysmon+and+File+Deletion/26084/ Digicert CT Compromise https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/aKNbZuJzwfM WebLogic Flaw (new one..) Exploited in the Wild https://blogs.oracle.com/security/apply-april-2020-cpu
ISC StormCast for Monday, May 4th 2020
ZIP Files and AES https://isc.sans.edu/forums/diary/ZIP+AES/26080/ Saltstack Vulnerability Exploited in the Wild https://status.ghost.org/ Mobile Device Manager Compromise https://research.checkpoint.com/2020/first-seen-in-the-wild-mobile-as-attack-vector-using-mdm/
ISC StormCast for Monday, May 4th 2020
ZIP Files and AES https://isc.sans.edu/forums/diary/ZIP+AES/26080/ Saltstack Vulnerability Exploited in the Wild https://status.ghost.org/ Mobile Device Manager Compromise https://research.checkpoint.com/2020/first-seen-in-the-wild-mobile-as-attack-vector-using-mdm/
ISC StormCast for Friday, May 1st 2020
Collecting IOCs from IMAP Folder https://isc.sans.edu/forums/diary/Collecting+IOCs+from+IMAP+Folder/26070/ Attack Traffic on TCP Port 9673 https://isc.sans.edu/forums/diary/Attack+traffic+on+TCP+port+9673/26074/ Saltstack Authorization Bypass https://labs.f-secure.com/advisories/saltstack-authorization-bypass Mac Sandbox Escape https://lapcatsoftware.com/articles/sandbox-escape.html
ISC StormCast for Friday, May 1st 2020
Collecting IOCs from IMAP Folder https://isc.sans.edu/forums/diary/Collecting+IOCs+from+IMAP+Folder/26070/ Attack Traffic on TCP Port 9673 https://isc.sans.edu/forums/diary/Attack+traffic+on+TCP+port+9673/26074/ Saltstack Authorization Bypass https://labs.f-secure.com/advisories/saltstack-authorization-bypass Mac Sandbox Escape https://lapcatsoftware.com/articles/sandbox-escape.html
ISC StormCast for Thursday, April 30th 2020
Privacy Preserving Protocols to Trace Covid19 Exposure https://isc.sans.edu/forums/diary/Privacy+Preserving+Protocols+to+Trace+Covid19+Exposure/26066/ Google Chrome Update https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security Updated Version of Sysmon https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon https://techcommunity.microsoft.com/t5/sysinternals-blog/sysmon-v11-0-livekd-v5-63-process-explorer-v16-32-coreinfo-v3-5/ba-p/1345153 Shade Ransomware Keys Released https://github.com/shade-team/keys/blob/master/README.md Exploiting the Exploiters https://medium.com/@curtbraz/exploiting-the-exploiters-46fd0d620fd8
ISC StormCast for Thursday, April 30th 2020
Privacy Preserving Protocols to Trace Covid19 Exposure https://isc.sans.edu/forums/diary/Privacy+Preserving+Protocols+to+Trace+Covid19+Exposure/26066/ Google Chrome Update https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security Updated Version of Sysmon https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon https://techcommunity.microsoft.com/t5/sysinternals-blog/sysmon-v11-0-livekd-v5-63-process-explorer-v16-32-coreinfo-v3-5/ba-p/1345153 Shade Ransomware Keys Released https://github.com/shade-team/keys/blob/master/README.md Exploiting the Exploiters https://medium.com/@curtbraz/exploiting-the-exploiters-46fd0d620fd8
ISC StormCast for Wednesday, April 29th 2020
Agent Tesla Delivered by the Same Phishing Campagin for Over a Year https://isc.sans.edu/forums/diary/Agent+Tesla+delivered+by+the+same+phishing+campaign+for+over+a+year/26062/ VMWare ESXi Patch https://www.vmware.com/security/advisories/VMSA-2020-0008.html Microsoft Guidance For Ransomware Response https://www.microsoft.com/security/blog/2020/04/28/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk/ Adobe Security Patches https://helpx.adobe.com/security.html
ISC StormCast for Wednesday, April 29th 2020
Agent Tesla Delivered by the Same Phishing Campagin for Over a Year https://isc.sans.edu/forums/diary/Agent+Tesla+delivered+by+the+same+phishing+campaign+for+over+a+year/26062/ VMWare ESXi Patch https://www.vmware.com/security/advisories/VMSA-2020-0008.html Microsoft Guidance For Ransomware Response https://www.microsoft.com/security/blog/2020/04/28/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk/ Adobe Security Patches https://helpx.adobe.com/security.html