A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Thursday, May 16th 2019
Forbes Website Infected by Magecart https://twitter.com/bad_packets/status/1128517905765683201 Malware Randomizes TLS Ciphers https://blogs.akamai.com/sitr/2019/05/bots-tampering-with-tls-to-avoid-detection.html Google Recalls Titan Security Keys https://security.googleblog.com/2019/05/titan-keys-update.html SAMBA Update https://www.samba.org/samba/security/CVE-2018-16860.html SAP Patches https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032
ISC StormCast for Thursday, May 16th 2019
Forbes Website Infected by Magecart https://twitter.com/bad_packets/status/1128517905765683201 Malware Randomizes TLS Ciphers https://blogs.akamai.com/sitr/2019/05/bots-tampering-with-tls-to-avoid-detection.html Google Recalls Titan Security Keys https://security.googleblog.com/2019/05/titan-keys-update.html SAMBA Update https://www.samba.org/samba/security/CVE-2018-16860.html SAP Patches https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032
ISC StormCast for Wednesday, May 15th 2019
New Intel CPU Vulnerabilities https://cpu.fail/ Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+May+2019+Patch+Tuesday/24934/ Apple Updates https://support.apple.com/en-us/HT201222 Broken Trustseal https://twitter.com/gwillem/status/1127890329175244800 https://twitter.com/bestoftheweb/status/1128036593208524800
ISC StormCast for Wednesday, May 15th 2019
New Intel CPU Vulnerabilities https://cpu.fail/ Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+May+2019+Patch+Tuesday/24934/ Apple Updates https://support.apple.com/en-us/HT201222 Broken Trustseal https://twitter.com/gwillem/status/1127890329175244800 https://twitter.com/bestoftheweb/status/1128036593208524800
ISC StormCast for Tuesday, May 14th 2019
Linux Remote Code Execution When Closing TCP Sockets https://github.com/torvalds/linux/commit/cb66ddd156203daefb8d71158036b27b0e2caf63 WhatsApp Buffer Overflow Exploited to Install Spyware https://www.facebook.com/security/advisories/cve-2019-3568 Cisco Vulnerabilities Lead to Trust Anchor Module Exploit https://thrangrycat.com/ Linksys Unauthenticated Information Leak https://badpackets.net/over-25000-linksys-smart-wi-fi-routers-vulnerable-to-sensitive-information-disclosure-flaw/
ISC StormCast for Tuesday, May 14th 2019
Linux Remote Code Execution When Closing TCP Sockets https://github.com/torvalds/linux/commit/cb66ddd156203daefb8d71158036b27b0e2caf63 WhatsApp Buffer Overflow Exploited to Install Spyware https://www.facebook.com/security/advisories/cve-2019-3568 Cisco Vulnerabilities Lead to Trust Anchor Module Exploit https://thrangrycat.com/ Linksys Unauthenticated Information Leak https://badpackets.net/over-25000-linksys-smart-wi-fi-routers-vulnerable-to-sensitive-information-disclosure-flaw/
ISC StormCast for Monday, May 13th 2019
DSSuite - A Docker Container with Didier's Tools https://isc.sans.edu/forums/diary/DSSuite+A+Docker+Container+with+Didiers+Tools/24926/ Sqlite3 Vulnerability https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0777 NVidia Updates https://nvidia.custhelp.com/app/answers/detail/a_id/4797 Windows 10 FIDO2 Certified https://fidoalliance.org/microsoft-achieves-fido2-certification-for-windows-hello/ Google May Remove ADB Backup/Restore from Future Android Versions https://www.xda-developers.com/adb-backup-and-restore-depreciated/
ISC StormCast for Monday, May 13th 2019
DSSuite - A Docker Container with Didier's Tools https://isc.sans.edu/forums/diary/DSSuite+A+Docker+Container+with+Didiers+Tools/24926/ Sqlite3 Vulnerability https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0777 NVidia Updates https://nvidia.custhelp.com/app/answers/detail/a_id/4797 Windows 10 FIDO2 Certified https://fidoalliance.org/microsoft-achieves-fido2-certification-for-windows-hello/ Google May Remove ADB Backup/Restore from Future Android Versions https://www.xda-developers.com/adb-backup-and-restore-depreciated/
ISC StormCast for Friday, May 10th 2019
US DHS Warns of North Korean ELECTRICFISH Malware https://www.us-cert.gov/ncas/analysis-reports/AR19-129A Fake KeePass Site Spreading Malware https://twitter.com/berkcgoksel/status/1125727590440931329 Google Android Security Bulletin https://source.android.com/security/bulletin/2019-05-01 Three Anti-Virus Companies Breached https://www.advanced-intel.com/blog/top-tier-russian-hacking-collective-claims-breaches-of-three-major-anti-virus-companies
ISC StormCast for Friday, May 10th 2019
US DHS Warns of North Korean ELECTRICFISH Malware https://www.us-cert.gov/ncas/analysis-reports/AR19-129A Fake KeePass Site Spreading Malware https://twitter.com/berkcgoksel/status/1125727590440931329 Google Android Security Bulletin https://source.android.com/security/bulletin/2019-05-01 Three Anti-Virus Companies Breached https://www.advanced-intel.com/blog/top-tier-russian-hacking-collective-claims-breaches-of-three-major-anti-virus-companies
ISC StormCast for Thursday, May 9th 2019
EMail Roulette May 2019 https://isc.sans.edu/forums/diary/Email+roulette+May+2019/24918/ Turla Lightneuron https://www.welivesecurity.com/wp-content/uploads/2019/05/ESET-LightNeuron.pdf Alpine Linux Docker Image root User Hard Coded Credentials https://talosintelligence.com/vulnerability_reports/TALOS-2019-0782 Worpress 5.2 Adds Digitially Signed Updates https://wordpress.org/support/wordpress-version/version-5-2/
ISC StormCast for Thursday, May 9th 2019
EMail Roulette May 2019 https://isc.sans.edu/forums/diary/Email+roulette+May+2019/24918/ Turla Lightneuron https://www.welivesecurity.com/wp-content/uploads/2019/05/ESET-LightNeuron.pdf Alpine Linux Docker Image root User Hard Coded Credentials https://talosintelligence.com/vulnerability_reports/TALOS-2019-0782 Worpress 5.2 Adds Digitially Signed Updates https://wordpress.org/support/wordpress-version/version-5-2/
ISC StormCast for Wednesday, May 8th 2019
Jenkins Exploit Mines Cryptocurrencies https://isc.sans.edu/forums/diary/Vulnerable+Apache+Jenkins+exploited+in+the+wild/24916/ Confluence Vulnerablity Exploited to Delivery Cryptocurrency Miner with Rootkit https://blog.trendmicro.com/trendlabs-security-intelligence/cve-2019-3396-redux-confluence-vulnerability-exploited-to-deliver-cryptocurrency-miner-with-rootkit/ Cisco Elastic Services Controller REST API Authentication Bypass https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190507-esc-authbypass Google Chrome History Manipulation Prevention https://groups.google.com/a/chromium.org/forum/?#!msg/blink-dev/T8d4_BRb2xQ/WSdOiOFcBAAJ
ISC StormCast for Wednesday, May 8th 2019
Jenkins Exploit Mines Cryptocurrencies https://isc.sans.edu/forums/diary/Vulnerable+Apache+Jenkins+exploited+in+the+wild/24916/ Confluence Vulnerablity Exploited to Delivery Cryptocurrency Miner with Rootkit https://blog.trendmicro.com/trendlabs-security-intelligence/cve-2019-3396-redux-confluence-vulnerability-exploited-to-deliver-cryptocurrency-miner-with-rootkit/ Cisco Elastic Services Controller REST API Authentication Bypass https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190507-esc-authbypass Google Chrome History Manipulation Prevention https://groups.google.com/a/chromium.org/forum/?#!msg/blink-dev/T8d4_BRb2xQ/WSdOiOFcBAAJ
ISC StormCast for Tuesday, May 7th 2019
Decoding UTF-16 in UDF Files https://isc.sans.edu/forums/diary/Text+and+TNULeNULxNULtNUL/24912/ VMWare Fusion 11 Guest VM RCE https://theevilbit.github.io/posts/vmware_fusion_11_guest_vm_rce_cve-2019-5514/ Hackers Are Using Bad Passwords Too https://www.ankitanubhav.info/post/c2bruting Amazon S3 Discontinues Path Style Access https://www.bleepingcomputer.com/news/security/amazon-to-disable-s3-path-style-access-used-to-bypass-censorship/