A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Thursday, September 27th 2018
Emotet Malware Delivery Service Update https://isc.sans.edu/forums/diary/One+Emotet+infection+leads+to+three+followup+malware+infections/24140/ Fedora Crypto Policy Update Causes SSH Issues https://bugzilla.redhat.com/show_bug.cgi?id=1631970 Android Banking Trojan Impersonates QRecorder https://lukasstefanko.com/2018/09/banking-trojan-found-on-google-play-stole-10000-euros-from-victims.html Google Reverts Changes to Chrome https://www.blog.google/products/chrome/product-updates-based-your-feedback/amp/
ISC StormCast for Thursday, September 27th 2018
Emotet Malware Delivery Service Update https://isc.sans.edu/forums/diary/One+Emotet+infection+leads+to+three+followup+malware+infections/24140/ Fedora Crypto Policy Update Causes SSH Issues https://bugzilla.redhat.com/show_bug.cgi?id=1631970 Android Banking Trojan Impersonates QRecorder https://lukasstefanko.com/2018/09/banking-trojan-found-on-google-play-stole-10000-euros-from-victims.html Google Reverts Changes to Chrome https://www.blog.google/products/chrome/product-updates-based-your-feedback/amp/
ISC StormCast for Wednesday, September 26th 2018
Firefox Haveibeenpwned Monitor https://blog.mozilla.org/blog/2018/09/25/introducing-firefox-monitor-helping-people-take-control-after-a-data-breach/ Chrome 69 Privacy Issues https://www.bleepingcomputer.com/news/google/chrome-69-keeps-googles-cookies-after-you-clear-browser-data/ Cisco FragmentSmack Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment Micorsoft Bitlocker Turns itself Off During Updates https://social.technet.microsoft.com/Forums/en-US/0e48536f-40ff-4046-bd08-ed4a39b4840f/bitlocker-automatically-suspending-during-updates?forum=win10itprosecurity
ISC StormCast for Wednesday, September 26th 2018
Firefox Haveibeenpwned Monitor https://blog.mozilla.org/blog/2018/09/25/introducing-firefox-monitor-helping-people-take-control-after-a-data-breach/ Chrome 69 Privacy Issues https://www.bleepingcomputer.com/news/google/chrome-69-keeps-googles-cookies-after-you-clear-browser-data/ Cisco FragmentSmack Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment Micorsoft Bitlocker Turns itself Off During Updates https://social.technet.microsoft.com/Forums/en-US/0e48536f-40ff-4046-bd08-ed4a39b4840f/bitlocker-automatically-suspending-during-updates?forum=win10itprosecurity
ISC StormCast for Tuesday, September 25th 2018
More Sextortion Emails https://isc.sans.edu/forums/diary/Sextortion+Spam+and+the+Infinite+Monkey+Theorem/24136/ MacOS 10.14 (Mojahve) Security Fixes https://support.apple.com/en-us/HT209139 Mojave Privacy Protection Bypass https://vimeo.com/291491984 Cloudflare Supporting Encrypted SNI https://blog.cloudflare.com/esni/
ISC StormCast for Tuesday, September 25th 2018
More Sextortion Emails https://isc.sans.edu/forums/diary/Sextortion+Spam+and+the+Infinite+Monkey+Theorem/24136/ MacOS 10.14 (Mojahve) Security Fixes https://support.apple.com/en-us/HT209139 Mojave Privacy Protection Bypass https://vimeo.com/291491984 Cloudflare Supporting Encrypted SNI https://blog.cloudflare.com/esni/
ISC StormCast for Monday, September 24th 2018
Odd DNS Requests from Firewalls https://isc.sans.edu/forums/diary/Suspicious+DNS+Requests+Issued+by+a+Firewall/24128/ Securing API Connections https://isc.sans.edu/forums/diary/The+danger+of+sending+information+for+API+consumption+without+adequate+security+measures/24130/ Microsoft JET Database 0day https://www.zerodayinitiative.com/advisories/ZDI-18-1075/ Western Digital Releases Patch for MyCloud Drives https://support.wdc.com/knowledgebase/answer.aspx?ID=25952&s Job Offers With Malware Attachment https://www.bleepingcomputer.com/news/security/malware-disguised-as-job-offers-distributed-on-freelance-sites/
ISC StormCast for Monday, September 24th 2018
Odd DNS Requests from Firewalls https://isc.sans.edu/forums/diary/Suspicious+DNS+Requests+Issued+by+a+Firewall/24128/ Securing API Connections https://isc.sans.edu/forums/diary/The+danger+of+sending+information+for+API+consumption+without+adequate+security+measures/24130/ Microsoft JET Database 0day https://www.zerodayinitiative.com/advisories/ZDI-18-1075/ Western Digital Releases Patch for MyCloud Drives https://support.wdc.com/knowledgebase/answer.aspx?ID=25952&s Job Offers With Malware Attachment https://www.bleepingcomputer.com/news/security/malware-disguised-as-job-offers-distributed-on-freelance-sites/
ISC StormCast for Friday, September 21st 2018
Hunting for Suspicious Processes with OSSEC https://isc.sans.edu/forums/diary/Hunting+for+Suspicious+Processes+with+OSSEC/24122/ NSSLabs Sues Crowdstrike, Symantec, ESET https://www.nsslabs.com/blog/company/advancing-transparency-and-accountability-in-the-cybersecurity-industry/ Bitcoin Core Vulnerability https://motherboard.vice.com/amp/en_us/article/qvakp3/a-major-bug-in-bitcoin-software-could-have-crashed-the-currency?__twitter_impression=true WebAuthn Standard https://paragonie.com/blog/2018/08/security-concerns-surrounding-webauthn-don-t-implement-ecdaa-yet https://fidoalliance.org/
ISC StormCast for Friday, September 21st 2018
Hunting for Suspicious Processes with OSSEC https://isc.sans.edu/forums/diary/Hunting+for+Suspicious+Processes+with+OSSEC/24122/ NSSLabs Sues Crowdstrike, Symantec, ESET https://www.nsslabs.com/blog/company/advancing-transparency-and-accountability-in-the-cybersecurity-industry/ Bitcoin Core Vulnerability https://motherboard.vice.com/amp/en_us/article/qvakp3/a-major-bug-in-bitcoin-software-could-have-crashed-the-currency?__twitter_impression=true WebAuthn Standard https://paragonie.com/blog/2018/08/security-concerns-surrounding-webauthn-don-t-implement-ecdaa-yet https://fidoalliance.org/
ISC StormCast for Thursday, September 20th 2018
Adobe Releases Special Patch for Acrobat and Reader https://helpx.adobe.com/security/products/acrobat/apsb18-34.html Akamai State of the Internet Report https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/global-state-of-the-internet-security-ddos-attack-reports.jsp Peekabo DVR Vulnerability https://www.tenable.com/blog/tenable-research-advisory-peekaboo-critical-vulnerability-in-nuuo-network-video-recorder
ISC StormCast for Thursday, September 20th 2018
Adobe Releases Special Patch for Acrobat and Reader https://helpx.adobe.com/security/products/acrobat/apsb18-34.html Akamai State of the Internet Report https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/global-state-of-the-internet-security-ddos-attack-reports.jsp Peekabo DVR Vulnerability https://www.tenable.com/blog/tenable-research-advisory-peekaboo-critical-vulnerability-in-nuuo-network-video-recorder
ISC StormCast for Wednesday, September 19th 2018
Certificate Transparency Tools https://isc.sans.edu/forums/diary/Using+Certificate+Transparency+as+an+Attack+Defense+Tool/24114/ Kodi Malicious Add-Ons https://www.welivesecurity.com/2018/09/13/kodi-add-ons-launch-cryptomining-campaign/ Cloudflare Making DNSSEC Adoption Easier https://blog.cloudflare.com/automatically-provision-and-maintain-dnssec/ Western Digital MyCloud Unauthenticated Admin Access https://www.securify.nl/advisory/SFY20180102/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges.html
ISC StormCast for Wednesday, September 19th 2018
Certificate Transparency Tools https://isc.sans.edu/forums/diary/Using+Certificate+Transparency+as+an+Attack+Defense+Tool/24114/ Kodi Malicious Add-Ons https://www.welivesecurity.com/2018/09/13/kodi-add-ons-launch-cryptomining-campaign/ Cloudflare Making DNSSEC Adoption Easier https://blog.cloudflare.com/automatically-provision-and-maintain-dnssec/ Western Digital MyCloud Unauthenticated Admin Access https://www.securify.nl/advisory/SFY20180102/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges.html
ISC StormCast for Tuesday, September 18th 2018
Analyzing Office Docs https://isc.sans.edu/forums/diary/Dissecting+Malicious+MS+Office+Docs/24108/ Apple Updates Everything but macOS https://support.apple.com/en-us/HT201220 FBot Botnet https://blog.netlab.360.com/threat-alert-a-new-worm-fbot-cleaning-adbminer-is-using-a-blockchain-based-dns-en/ Related STI Paper: Botnet Reciliency via Private Blockchain (Jonathan Sweeny) https://www.sans.org/reading-room/whitepapers/covert/botnet-resiliency-private-blockchains-38050