A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Wednesday, July 24th 2019
TLS Configuration https://isc.sans.edu/forums/diary/Verifying+SSLTLS+configuration+part+1/25162/ https://www.sans.org/webcasts/beast-poodle-celebrating-sweet32-111400 Apple Updates Everything https://support.apple.com/en-us/HT201222 QNAP/Synology Update Security Advise https://www.qnap.com/en-us/security-advisory/nas-201907-11 https://www.facebook.com/synologydeutschland/photos/a.1594837477441905/2417134061878905/ New Bluekeep Writeup https://github.com/0xeb-bp/bluekeep
ISC StormCast for Wednesday, July 24th 2019
TLS Configuration https://isc.sans.edu/forums/diary/Verifying+SSLTLS+configuration+part+1/25162/ https://www.sans.org/webcasts/beast-poodle-celebrating-sweet32-111400 Apple Updates Everything https://support.apple.com/en-us/HT201222 QNAP/Synology Update Security Advise https://www.qnap.com/en-us/security-advisory/nas-201907-11 https://www.facebook.com/synologydeutschland/photos/a.1594837477441905/2417134061878905/ New Bluekeep Writeup https://github.com/0xeb-bp/bluekeep
ISC StormCast for Tuesday, July 23rd 2019
Analyzing Compressed PowerShell Scripts https://isc.sans.edu/forums/diary/Analyzing+Compressed+PowerShell+Scripts/25158/ PaloAlto GlobalProtect PreAuth RCE http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html Fortinet Vulnerability https://fortiguard.com/psirt/FG-IR-19-144 ProFTPd Permission Bypass Vulnerability https://tbspace.de/cve201912815proftpd.html
ISC StormCast for Tuesday, July 23rd 2019
Analyzing Compressed PowerShell Scripts https://isc.sans.edu/forums/diary/Analyzing+Compressed+PowerShell+Scripts/25158/ PaloAlto GlobalProtect PreAuth RCE http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html Fortinet Vulnerability https://fortiguard.com/psirt/FG-IR-19-144 ProFTPd Permission Bypass Vulnerability https://tbspace.de/cve201912815proftpd.html
ISC StormCast for Monday, July 22nd 2019
PHP Malware https://isc.sans.edu/forums/diary/Malicious+PHP+Script+Back+on+Stage/25148/ Drupal Vulnerabilities https://www.drupal.org/sa-core-2019-008 iNSYNQ Breach https://www.insynq.com/support/#status
ISC StormCast for Monday, July 22nd 2019
PHP Malware https://isc.sans.edu/forums/diary/Malicious+PHP+Script+Back+on+Stage/25148/ Drupal Vulnerabilities https://www.drupal.org/sa-core-2019-008 iNSYNQ Breach https://www.insynq.com/support/#status
ISC StormCast for Friday, July 19th 2019
802.1x Tips https://isc.sans.edu/forums/diary/The+Other+Side+of+Critical+Control+1+8021x+Wired+Network+Access+Controls/25146/ Kazachstan TLS Interception https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/wnuKAhACo3E/cpsvHgcuDwAJ BEC Trends https://www.fincen.gov/sites/default/files/shared/FinCEN_Financial_Trend_Analysis_FINAL_508.pdf Cyclance Weakness https://skylightcyber.com/2019/07/18/cylance-i-kill-you/
ISC StormCast for Friday, July 19th 2019
802.1x Tips https://isc.sans.edu/forums/diary/The+Other+Side+of+Critical+Control+1+8021x+Wired+Network+Access+Controls/25146/ Kazachstan TLS Interception https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/wnuKAhACo3E/cpsvHgcuDwAJ BEC Trends https://www.fincen.gov/sites/default/files/shared/FinCEN_Financial_Trend_Analysis_FINAL_508.pdf Cyclance Weakness https://skylightcyber.com/2019/07/18/cylance-i-kill-you/
ISC StormCast for Thursday, July 18th 2019
Analysis of DNS TXT Records https://isc.sans.edu/forums/diary/Analyzis+of+DNS+TXT+Records/25142/ Evil Gnome Linux Malware https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/ New American Express Phishing Attacks https://cofense.com/phishing-attacker-takes-american-express-victims-credentials/
ISC StormCast for Thursday, July 18th 2019
Analysis of DNS TXT Records https://isc.sans.edu/forums/diary/Analyzis+of+DNS+TXT+Records/25142/ Evil Gnome Linux Malware https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/ New American Express Phishing Attacks https://cofense.com/phishing-attacker-takes-american-express-victims-credentials/
ISC StormCast for Wednesday, July 17th 2019
Zoom/Apple Patches Additional Software https://www.theverge.com/2019/7/16/20696529/apple-mac-silent-update-zoom-ringcentral-zhumu-vulnerabilty-patched Lenovo/IOMega NAS API Vulnerability https://www.theregister.co.uk/2019/07/16/iomega_nas_boxes/ Amadeus Vulnerability Allows Access to Boarding Passes https://www.7elements.co.uk/resources/technical-advisories/insecure-direct-object-reference-within-amadeus-check-in-application/ FBI Releases GandGrab Master Keys https://www.documentcloud.org/documents/6199678-GandCrab-Master-Decryption-Keys-FLASH.html Android Media File Jacking https://www.symantec.com/blogs/expert-perspectives/symantec-mobile-threat-defense-attackers-can-manipulate-your-whatsapp-and-telegram-media
ISC StormCast for Wednesday, July 17th 2019
Zoom/Apple Patches Additional Software https://www.theverge.com/2019/7/16/20696529/apple-mac-silent-update-zoom-ringcentral-zhumu-vulnerabilty-patched Lenovo/IOMega NAS API Vulnerability https://www.theregister.co.uk/2019/07/16/iomega_nas_boxes/ Amadeus Vulnerability Allows Access to Boarding Passes https://www.7elements.co.uk/resources/technical-advisories/insecure-direct-object-reference-within-amadeus-check-in-application/ FBI Releases GandGrab Master Keys https://www.documentcloud.org/documents/6199678-GandCrab-Master-Decryption-Keys-FLASH.html Android Media File Jacking https://www.symantec.com/blogs/expert-perspectives/symantec-mobile-threat-defense-attackers-can-manipulate-your-whatsapp-and-telegram-media
ISC StormCast for Tuesday, July 16th 2019
isodump.py and malicious ISO files https://isc.sans.edu/forums/diary/isodumppy+and+Malicious+ISO+Files/25134/ Atlassian Crowd Vulnerability Details https://www.corben.io/atlassian-crowd-rce/ Scrapy Vulnerabilities https://medium.com/alertot/web-scraping-considered-dangerous-leaking-files-from-the-spiders-host-bd508f81d498 iOS URL Scheme Susceptible to Hijacking https://blog.trendmicro.com/trendlabs-security-intelligence/ios-url-scheme-susceptible-to-hijacking/
ISC StormCast for Tuesday, July 16th 2019
isodump.py and malicious ISO files https://isc.sans.edu/forums/diary/isodumppy+and+Malicious+ISO+Files/25134/ Atlassian Crowd Vulnerability Details https://www.corben.io/atlassian-crowd-rce/ Scrapy Vulnerabilities https://medium.com/alertot/web-scraping-considered-dangerous-leaking-files-from-the-spiders-host-bd508f81d498 iOS URL Scheme Susceptible to Hijacking https://blog.trendmicro.com/trendlabs-security-intelligence/ios-url-scheme-susceptible-to-hijacking/
ISC StormCast for Monday, July 15th 2019
Magecart Targets S3 Buckets https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/ Atlassian Jira Vulnerability https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html Microsoft to Detect Phishing in Forms https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=52927 Tracking Anonymized Bluetooth Devices https://petsymposium.org/2019/files/papers/issue3/popets-2019-0036.pdf