A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Monday, October 28th 2019
Odd Double Base64 Endoded "BS_REAL_IP" Header https://isc.sans.edu/forums/diary/Unusual+Activity+with+Double+Base64+Encoding/25458/ DNS Archeology With PowerShell https://isc.sans.edu/forums/diary/More+on+DNS+Archeology+with+PowerShell/25452/ iOS Appstore Malware https://www.wandera.com/mobile-security/ios-trojan-malware/ British Law Enforcement Misses Malware Reports Due to Anti-Malware https://www.theregister.co.uk/2019/10/24/hmicfrs_report_cyber_crime/
ISC StormCast for Monday, October 28th 2019
Odd Double Base64 Endoded "BS_REAL_IP" Header https://isc.sans.edu/forums/diary/Unusual+Activity+with+Double+Base64+Encoding/25458/ DNS Archeology With PowerShell https://isc.sans.edu/forums/diary/More+on+DNS+Archeology+with+PowerShell/25452/ iOS Appstore Malware https://www.wandera.com/mobile-security/ios-trojan-malware/ British Law Enforcement Misses Malware Reports Due to Anti-Malware https://www.theregister.co.uk/2019/10/24/hmicfrs_report_cyber_crime/
ISC StormCast for Friday, October 25th 2019
XML External Entity Vuln in LSP4XML Affects Various Developer Tools https://www.shielder.it/blog/dont-open-that-xml-xxe-to-rce-in-xml-plugins-for-vs-code-eclipse-theia/?preview=true Google Chrome Will Make "SameSite" Default https://blog.chromium.org/2019/10/developers-get-ready-for-new.html Leftover Gigamon Configurations https://isc.sans.edu/forums/diary/Your+Supply+Chain+Doesnt+End+At+Receiving+How+Do+You+Decommission+Network+Equipment/25448/
ISC StormCast for Friday, October 25th 2019
XML External Entity Vuln in LSP4XML Affects Various Developer Tools https://www.shielder.it/blog/dont-open-that-xml-xxe-to-rce-in-xml-plugins-for-vs-code-eclipse-theia/?preview=true Google Chrome Will Make "SameSite" Default https://blog.chromium.org/2019/10/developers-get-ready-for-new.html Leftover Gigamon Configurations https://isc.sans.edu/forums/diary/Your+Supply+Chain+Doesnt+End+At+Receiving+How+Do+You+Decommission+Network+Equipment/25448/
ISC StormCast for Thursday, October 24th 2019
FTC Issues SIM Swapping Guidance https://www.consumer.ftc.gov/blog/2019/10/sim-swap-scams-how-protect-yourself Discord Used as Info Stealer Backdoor https://www.bleepingcomputer.com/news/security/discord-turned-into-an-info-stealing-backdoor-by-new-malware/ Cisco Exploit Code https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass Tails 4.0 Released https://tails.boum.org/news/version_4.0/index.en.html
ISC StormCast for Thursday, October 24th 2019
FTC Issues SIM Swapping Guidance https://www.consumer.ftc.gov/blog/2019/10/sim-swap-scams-how-protect-yourself Discord Used as Info Stealer Backdoor https://www.bleepingcomputer.com/news/security/discord-turned-into-an-info-stealing-backdoor-by-new-malware/ Cisco Exploit Code https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass Tails 4.0 Released https://tails.boum.org/news/version_4.0/index.en.html
ISC StormCast for Wednesday, October 23rd 2019
Testing TLS 1.3 And Supported Ciphers https://isc.sans.edu/forums/diary/Testing+TLSv13+and+supported+ciphers/25442/ Google Chrome 78 Released https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html Firefox 70 Released https://www.mozilla.org/en-US/firefox/70.0/releasenotes/ Cache Poisoning DoS https://cpdos.org/
ISC StormCast for Wednesday, October 23rd 2019
Testing TLS 1.3 And Supported Ciphers https://isc.sans.edu/forums/diary/Testing+TLSv13+and+supported+ciphers/25442/ Google Chrome 78 Released https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html Firefox 70 Released https://www.mozilla.org/en-US/firefox/70.0/releasenotes/ Cache Poisoning DoS https://cpdos.org/
ISC StormCast for Tuesday, October 22nd 2019
DNS over TLS Scans https://isc.sans.edu/forums/diary/Whats+up+with+TCP+853+DNS+over+TLS/25438/ NordVPN and Others Compromised https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/ https://twitter.com/hexdefined/status/1186106695073726466 Trend Micro Bypass http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-(ATTK)-REMOTE-CODE-EXECUTION.txt Realtek Linux Wifi Driver Buffer Overflow https://twitter.com/nicowaisman/status/1184864519316758535
ISC StormCast for Tuesday, October 22nd 2019
DNS over TLS Scans https://isc.sans.edu/forums/diary/Whats+up+with+TCP+853+DNS+over+TLS/25438/ NordVPN and Others Compromised https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/ https://twitter.com/hexdefined/status/1186106695073726466 Trend Micro Bypass http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-(ATTK)-REMOTE-CODE-EXECUTION.txt Realtek Linux Wifi Driver Buffer Overflow https://twitter.com/nicowaisman/status/1184864519316758535
ISC StormCast for Monday, October 21st 2019
Attacks Against NVMS-9000 DVR Web Vulnerability https://isc.sans.edu/forums/diary/Scanning+Activity+for+NVMS9000+Digital+Video+Recorder/25434/ Pixel 4 Face Unlock Works with Eyes Shut https://www.bbc.com/news/technology-50085630 Samsung Galaxy S10 Fingerprint Unlock Bug https://www.bbc.com/news/technology-50080586 Alexa/Google Home Phishing https://srlabs.de/bites/smart-spies/
ISC StormCast for Monday, October 21st 2019
Attacks Against NVMS-9000 DVR Web Vulnerability https://isc.sans.edu/forums/diary/Scanning+Activity+for+NVMS9000+Digital+Video+Recorder/25434/ Pixel 4 Face Unlock Works with Eyes Shut https://www.bbc.com/news/technology-50085630 Samsung Galaxy S10 Fingerprint Unlock Bug https://www.bbc.com/news/technology-50080586 Alexa/Google Home Phishing https://srlabs.de/bites/smart-spies/
ISC StormCast for Friday, October 18th 2019
Phishing E-Mail Spoofing SPF Protected Domain https://isc.sans.edu/forums/diary/Phishing+email+spoofing+SPFenabled+domain/25426/ Purchased Domain Arrives with Paypal Accounts Linked to it https://www.theregister.co.uk/2019/10/17/paypal_account_domain/ Typosquatting Attacks Affect 2020 Presidential Election https://www.digitalshadows.com/blog-and-research/typosquatting-and-the-2020-u-s-presidential-election/ STI Student: Christopher Hurless Exploring Osquery, Fleet, and Elastic Stack as an Open-source solution to Endpoint Detection and Response https://www.sans.org/reading-room/whitepapers/detection/paper/39165
ISC StormCast for Friday, October 18th 2019
Phishing E-Mail Spoofing SPF Protected Domain https://isc.sans.edu/forums/diary/Phishing+email+spoofing+SPFenabled+domain/25426/ Purchased Domain Arrives with Paypal Accounts Linked to it https://www.theregister.co.uk/2019/10/17/paypal_account_domain/ Typosquatting Attacks Affect 2020 Presidential Election https://www.digitalshadows.com/blog-and-research/typosquatting-and-the-2020-u-s-presidential-election/ STI Student: Christopher Hurless Exploring Osquery, Fleet, and Elastic Stack as an Open-source solution to Endpoint Detection and Response https://www.sans.org/reading-room/whitepapers/detection/paper/39165
ISC StormCast for Thursday, October 17th 2019
Oracle CPU https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Jackson-Databind Vulnerablity https://github.com/FasterXML/jackson-databind/issues/2387 VMWare Cloud Foundation and VMware Harbor Container Registry Patch https://www.vmware.com/security/advisories/VMSA-2019-0016.html Wordpress Update https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/ Cryptominers Hiding in WAV Files https://threatvector.cylance.com/en_us/home/malicious-payloads-hiding-beneath-the-wav.html