A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Tuesday, November 19th 2019
Carriers Filter SMS Messages Sent By Applications https://isc.sans.edu/forums/diary/SMS+and+2FA+Another+Reason+to+Move+away+from+It/25526/ Intel Removing BIOS Downloads for EOL Hardware https://www.vogons.org/viewtopic.php?f=46&t=69184 https://news.ycombinator.com/item?id=21563309 Outlook 365 Remains Top Phishing Target https://info.phishlabs.com/blog/active-office-365-phishing-campaign-targeting-admin-credentials
ISC StormCast for Tuesday, November 19th 2019
Carriers Filter SMS Messages Sent By Applications https://isc.sans.edu/forums/diary/SMS+and+2FA+Another+Reason+to+Move+away+from+It/25526/ Intel Removing BIOS Downloads for EOL Hardware https://www.vogons.org/viewtopic.php?f=46&t=69184 https://news.ycombinator.com/item?id=21563309 Outlook 365 Remains Top Phishing Target https://info.phishlabs.com/blog/active-office-365-phishing-campaign-targeting-admin-credentials
ISC StormCast for Monday, November 18th 2019
TPM Fail Update https://downloadcenter.intel.com/download/28632 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html Office November Update Issues https://borncity.com/win/2019/11/13/office-november-2019-updates-are-causing-access-error-3340/ WhatsApp Stack Based Buffer Overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11931 Android Qualcom Data Exfiltration Bug https://research.checkpoint.com/the-road-to-qualcomm-trustzone-apps-fuzzing/ Nextcloud Ransomware NextCry https://www.bleepingcomputer.com/news/security/new-nextcry-ransomware-encrypts-data-on-nextcloud-linux-servers/
ISC StormCast for Monday, November 18th 2019
TPM Fail Update https://downloadcenter.intel.com/download/28632 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html Office November Update Issues https://borncity.com/win/2019/11/13/office-november-2019-updates-are-causing-access-error-3340/ WhatsApp Stack Based Buffer Overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11931 Android Qualcom Data Exfiltration Bug https://research.checkpoint.com/the-road-to-qualcomm-trustzone-apps-fuzzing/ Nextcloud Ransomware NextCry https://www.bleepingcomputer.com/news/security/new-nextcry-ransomware-encrypts-data-on-nextcloud-linux-servers/
ISC StormCast for Friday, November 15th 2019
LokiBot Update (November 2019) https://isc.sans.edu/forums/diary/An+example+of+malspam+pushing+Lokibot+malware+November+2019/25518/ Some Packet-Fu with Zeek https://isc.sans.edu/forums/diary/Some+packetfu+with+Zeek+previously+known+as+bro/25510/ TPM Leaks http://tpm.fail/ Zombieload 2.0 Vulnerability https://zombieloadattack.com/
ISC StormCast for Friday, November 15th 2019
LokiBot Update (November 2019) https://isc.sans.edu/forums/diary/An+example+of+malspam+pushing+Lokibot+malware+November+2019/25518/ Some Packet-Fu with Zeek https://isc.sans.edu/forums/diary/Some+packetfu+with+Zeek+previously+known+as+bro/25510/ TPM Leaks http://tpm.fail/ Zombieload 2.0 Vulnerability https://zombieloadattack.com/
ISC StormCast for Wednesday, November 13th 2019
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/November+2019+Microsoft+Patch+Tuesday/25516/ Adobe Update https://helpx.adobe.com/security.html Facebook Camera Bug https://www.cnet.com/news/facebook-bug-has-camera-activated-while-people-are-using-the-app McAfee Anti Virus Bypass and Persistance https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648
ISC StormCast for Wednesday, November 13th 2019
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/November+2019+Microsoft+Patch+Tuesday/25516/ Adobe Update https://helpx.adobe.com/security.html Facebook Camera Bug https://www.cnet.com/news/facebook-bug-has-camera-activated-while-people-are-using-the-app McAfee Anti Virus Bypass and Persistance https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648
ISC StormCast for Tuesday, November 12th 2019
Are We Going Back to TheMoon And How is Liquor Involved https://isc.sans.edu/forums/diary/Are+We+Going+Back+to+TheMoon+and+How+is+Liquor+Involved/25512/ New Update for Magento Shopping Cart https://magento.com/security/patches/latest-magento-security-update-helps-protect-recently-reported-rce-vulnerability https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update ZoneAlarm vBulletin Forum Breached https://thehackernews.com/2019/11/zonealarm-forum-data-breach.html CSS Injection in Slack to Log Keystrokes https://fletchto99.dev/2019/november/slack-vulnerability/
ISC StormCast for Tuesday, November 12th 2019
Are We Going Back to TheMoon And How is Liquor Involved https://isc.sans.edu/forums/diary/Are+We+Going+Back+to+TheMoon+and+How+is+Liquor+Involved/25512/ New Update for Magento Shopping Cart https://magento.com/security/patches/latest-magento-security-update-helps-protect-recently-reported-rce-vulnerability https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update ZoneAlarm vBulletin Forum Breached https://thehackernews.com/2019/11/zonealarm-forum-data-breach.html CSS Injection in Slack to Log Keystrokes https://fletchto99.dev/2019/november/slack-vulnerability/
ISC StormCast for Monday, November 11th 2019
Microsoft Applications Diverted from Their Main Use https://isc.sans.edu/forums/diary/Microsoft+Apps+Diverted+from+Their+Main+Use/25502/ Did Bluekeep Malware Afect Patching https://isc.sans.edu/forums/diary/Did+the+recent+malicious+BlueKeep+campaign+have+any+positive+impact+when+it+comes+to+patching/25506/ Pwn2Own Summary https://www.zerodayinitiative.com/blog/2019/11/7/pwn2own-tokyo-2019-day-two-final-results State of Javascript Framework Security https://snyk.io/wp-content/uploads/snyk-javascript_report_2019.pdf DShield/ISC Honeypot Update https://isc.sans.edu/honeypot.html
ISC StormCast for Monday, November 11th 2019
Microsoft Applications Diverted from Their Main Use https://isc.sans.edu/forums/diary/Microsoft+Apps+Diverted+from+Their+Main+Use/25502/ Did Bluekeep Malware Afect Patching https://isc.sans.edu/forums/diary/Did+the+recent+malicious+BlueKeep+campaign+have+any+positive+impact+when+it+comes+to+patching/25506/ Pwn2Own Summary https://www.zerodayinitiative.com/blog/2019/11/7/pwn2own-tokyo-2019-day-two-final-results State of Javascript Framework Security https://snyk.io/wp-content/uploads/snyk-javascript_report_2019.pdf DShield/ISC Honeypot Update https://isc.sans.edu/honeypot.html
ISC StormCast for Friday, November 8th 2019
Adobe Mobile SDK Update Fixes TLS Defaults https://wwws.nightwatchcybersecurity.com/2019/11/06/insecure-defaults-in-adobes-mobile-sdks/ QNAP Updates QSnatch Advisory https://www.qnap.com/en/security-advisory/nas-201911-01 Double Loaded ZIP Files Delivery Malware https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/double-loaded-zip-file-delivers-nanocore/ Ring Video Doorbell Leaks Wifi Password https://labs.bitdefender.com/2019/11/ring-video-doorbell-pro-under-the-scope/
ISC StormCast for Friday, November 8th 2019
Adobe Mobile SDK Update Fixes TLS Defaults https://wwws.nightwatchcybersecurity.com/2019/11/06/insecure-defaults-in-adobes-mobile-sdks/ QNAP Updates QSnatch Advisory https://www.qnap.com/en/security-advisory/nas-201911-01 Double Loaded ZIP Files Delivery Malware https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/double-loaded-zip-file-delivers-nanocore/ Ring Video Doorbell Leaks Wifi Password https://labs.bitdefender.com/2019/11/ring-video-doorbell-pro-under-the-scope/
ISC StormCast for Thursday, November 7th 2019
Google Improving PlayStore Security With Partners https://security.googleblog.com/2019/11/the-app-defense-alliance-bringing.html Xen Security Advisories https://xenbits.xen.org/xsa/ npcap pool corruption vulnerability https://github.com/nmap/nmap/issues/1568 TrendMicro Employee Selling Customer Data to Tech Support Scammers https://blog.trendmicro.com/trend-micro-discloses-insider-threat-impacting-some-of-its-consumer-customers/ SANS Security Awareness Newsletter https://www.sans.org/security-awareness-training/resources/shopping-online-securely-1