A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Android Bytes (powered by Esper)
Android Bytes (powered by Esper) is the podcast that dives deep into the engineering and business decisions behind the world’s most popular OS. https://www.esper.io
Android powers over 3 billion devices worldwide and is the platform of choice for over a thousand companies. You’ll find Android on smartphones, tablets, watches, TV, cars, kiosks, and so much more. How does Google architect Android to run on so many form factors, and how do companies fork AOSP to make it run on even more devices? These are the kinds of questions the Android Bytes podcast considers each week.
Join cohosts Mishaal Rahman and David Ruddock, two journalists with extensive knowledge covering the Android OS platform and ecosystem, as they speak to system architects, kernel engineers, app developers, and other distinguished experts in the Android space.
Get in touch with us at Esper.io if you’re looking to use Android for your product — we have the experience you need.
ISC StormCast for Wednesday, July 17th, 2024
Reply Chain Phishing With a Twist https://isc.sans.edu/diary/%22Reply-chain%20phishing%22%20with%20a%20twist/31084 Claroty TP-Link and Synology IP Camera Exploits https://claroty.com/team82/research/pivoting-from-wan-to-lan-synology-bc500-ip-camera https://claroty.com/team82/research/pwn2own-wan-to-lan-exploit-showcase Cosmic Sting Hits Adobe Commerce Stores https://sansec.io/research/cosmicsting-hitting-major-stores
ISC StormCast for Tuesday, July 16th, 2024
Protected OOXML Spreadsheets https://isc.sans.edu/diary/Protected%20OOXML%20Spreadsheets/31070 Leaked PyPi Secret Token Revealed in Binary https://jfrog.com/blog/leaked-pypi-secret-token-revealed-in-binary-preventing-suppy-chain-attack/ Microsoft 365 Defender Affected by June Update https://learn.microsoft.com/en-us/windows/release-health/status-windows-server-2022#network-data-reporting-from-microsoft-365-defender-may-be-interrupted
ISC StormCast for Tuesday, July 16th, 2024
Protected OOXML Spreadsheets https://isc.sans.edu/diary/Protected%20OOXML%20Spreadsheets/31070 Leaked PyPi Secret Token Revealed in Binary https://jfrog.com/blog/leaked-pypi-secret-token-revealed-in-binary-preventing-suppy-chain-attack/ Microsoft 365 Defender Affected by June Update https://learn.microsoft.com/en-us/windows/release-health/status-windows-server-2022#network-data-reporting-from-microsoft-365-defender-may-be-interrupted
ISC StormCast for Monday, July 15th, 2024
16-Bit Hash Collisions in XLS Spreadsheets https://isc.sans.edu/diary/16-bit%20Hash%20Collisions%20in%20.xls%20Spreadsheets/31066 Attacks against the "Nette" PHP framework CVE-2020-15227 https://isc.sans.edu/forums/diary/Attacks+against+the+Nette+PHP+framework+CVE202015227/31076/ Squarespace Hijacked Domains https://github.com/security-alliance/advisories/blob/main/2024-07-squarespace.pdf
ISC StormCast for Monday, July 15th, 2024
16-Bit Hash Collisions in XLS Spreadsheets https://isc.sans.edu/diary/16-bit%20Hash%20Collisions%20in%20.xls%20Spreadsheets/31066 Attacks against the "Nette" PHP framework CVE-2020-15227 https://isc.sans.edu/forums/diary/Attacks+against+the+Nette+PHP+framework+CVE202015227/31076/ Squarespace Hijacked Domains https://github.com/security-alliance/advisories/blob/main/2024-07-squarespace.pdf
ISC StormCast for Friday, July 12th, 2024
Understanding SSH Honeypot Logs: Attackers Fingerprinting Honeypots https://isc.sans.edu/diary/Understanding%20SSH%20Honeypot%20Logs%3A%20Attackers%20Fingerprinting%20Honeypots/31064 Patch or Peril: A Veeam Vulnerability Incident https://www.group-ib.com/blog/estate-ransomware/ Juniper Patches https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=%40sfcec_community_publish_date_formula__c%20descending&f:ctype=[Security%20Advisories] VMWare Aria Automation SQL Injection Vuln; https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598 Leaked SMS Messages https://www.ccc.de/de/updates/2024/2fa-sms
ISC StormCast for Friday, July 12th, 2024
Understanding SSH Honeypot Logs: Attackers Fingerprinting Honeypots https://isc.sans.edu/diary/Understanding%20SSH%20Honeypot%20Logs%3A%20Attackers%20Fingerprinting%20Honeypots/31064 Patch or Peril: A Veeam Vulnerability Incident https://www.group-ib.com/blog/estate-ransomware/ Juniper Patches https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=%40sfcec_community_publish_date_formula__c%20descending&f:ctype=[Security%20Advisories] VMWare Aria Automation SQL Injection Vuln; https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598 Leaked SMS Messages https://www.ccc.de/de/updates/2024/2fa-sms
ISC StormCast for Thursday, July 11th, 2024
Finding Honeypot Data Clusters Using DBSCAN Part 1 https://isc.sans.edu/diary/Finding%20Honeypot%20Data%20Clusters%20Using%20DBSCAN%3A%20Part%201/31050 Second RegreSSHion Like OpenSSH Vulnerability https://lwn.net/ml/all/20240708162106.GA4920@openwall.com/ Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks in Internet Shortcut File CVE-2024-38112 https://research.checkpoint.com/2024/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112/ SharePoint Proof of Concept Exploit CVE-2024-38094 CVE-2024-38024 CVE-2024-38023 https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC/blob/main/poc_filtered.py Citrix Netscaler, Agent and SDX Security Bulletin CVE-2024-6235 CVE-2024-6236 https://support.citrix.com/article/CTX677998/netscaler-console-agent-and-sdx-security-bulletin-for-cve20246235-and-cve20246236 OpenVPN Updates https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/
ISC StormCast for Thursday, July 11th, 2024
Finding Honeypot Data Clusters Using DBSCAN Part 1 https://isc.sans.edu/diary/Finding%20Honeypot%20Data%20Clusters%20Using%20DBSCAN%3A%20Part%201/31050 Second RegreSSHion Like OpenSSH Vulnerability https://lwn.net/ml/all/20240708162106.GA4920@openwall.com/ Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks in Internet Shortcut File CVE-2024-38112 https://research.checkpoint.com/2024/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112/ SharePoint Proof of Concept Exploit CVE-2024-38094 CVE-2024-38024 CVE-2024-38023 https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC/blob/main/poc_filtered.py Citrix Netscaler, Agent and SDX Security Bulletin CVE-2024-6235 CVE-2024-6236 https://support.citrix.com/article/CTX677998/netscaler-console-agent-and-sdx-security-bulletin-for-cve20246235-and-cve20246236 OpenVPN Updates https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/
ISC StormCast for Wednesday, July 10th, 2024
Microsoft Patch Tuesday July 2024 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20July%202024/31058 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html RADIUS protocol susceptible to forgery attacks https://kb.cert.org/vuls/id/456537 https://www.inkbridgenetworks.com/blastradius/faq
ISC StormCast for Wednesday, July 10th, 2024
Microsoft Patch Tuesday July 2024 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20July%202024/31058 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html RADIUS protocol susceptible to forgery attacks https://kb.cert.org/vuls/id/456537 https://www.inkbridgenetworks.com/blastradius/faq
ISC StormCast for Tuesday, July 9th, 2024
Kunai: Keep an Eye on your Linux Hosts Activity https://isc.sans.edu/diary/Kunai%3A%20Keep%20an%20Eye%20on%20your%20Linux%20Hosts%20Activity/31054 Decryptor for DoNex Ransomware https://decoded.avast.io/threatresearch/decrypted-donex-ransomware-and-its-predecessors/ Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) https://www.oligo.security/blog/shelltorch-explained-multiple-vulnerabilities-in-pytorch-model-server Exim Bypass Attachment Inspection https://bugs.exim.org/show_bug.cgi?id=3099#c4 Toshiba/Sharp Printer vulnerabilities https://pierrekim.github.io/blog/2024-06-27-toshiba-mfp-40-vulnerabilities.html https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html
ISC StormCast for Tuesday, July 9th, 2024
Kunai: Keep an Eye on your Linux Hosts Activity https://isc.sans.edu/diary/Kunai%3A%20Keep%20an%20Eye%20on%20your%20Linux%20Hosts%20Activity/31054 Decryptor for DoNex Ransomware https://decoded.avast.io/threatresearch/decrypted-donex-ransomware-and-its-predecessors/ Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) https://www.oligo.security/blog/shelltorch-explained-multiple-vulnerabilities-in-pytorch-model-server Exim Bypass Attachment Inspection https://bugs.exim.org/show_bug.cgi?id=3099#c4 Toshiba/Sharp Printer vulnerabilities https://pierrekim.github.io/blog/2024-06-27-toshiba-mfp-40-vulnerabilities.html https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html
ISC StormCast for Monday, July 8th, 2024
OpenSSH RegreSSHion Vulnerability https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt https://isc.sans.edu/diary/SSH%20%22regreSSHion%22%20Remote%20Code%20Execution%20Vulnerability%20in%20OpenSSH./31046 Overlooked Domain Name Resliency Issues: Registrar Communications https://isc.sans.edu/diary/Overlooked%20Domain%20Name%20Resiliency%20Issues%3A%20Registrar%20Communications/31048 Cloudflare 1.1.1.1 incident on Juine 27th 2024 https://blog.cloudflare.com/cloudflare-1111-incident-on-june-27-2024
ISC StormCast for Monday, July 8th, 2024
OpenSSH RegreSSHion Vulnerability https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt https://isc.sans.edu/diary/SSH%20%22regreSSHion%22%20Remote%20Code%20Execution%20Vulnerability%20in%20OpenSSH./31046 Overlooked Domain Name Resliency Issues: Registrar Communications https://isc.sans.edu/diary/Overlooked%20Domain%20Name%20Resiliency%20Issues%3A%20Registrar%20Communications/31048 Cloudflare 1.1.1.1 incident on Juine 27th 2024 https://blog.cloudflare.com/cloudflare-1111-incident-on-june-27-2024