A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Friday, December 7th 2018
Adobe Vulnerability PoC Released https://isc.sans.edu/forums/diary/Is+it+Time+to+Uninstall+Flash+If+you+havent+already/24382/ WatchOS Update https://support.apple.com/en-us/HT209343 Data Exfiltration During Pentests https://isc.sans.edu/forums/diary/Data+Exfiltration+in+Penetration+Tests/24354/ PoC Exploit for Kubernetes Vulnerability https://github.com/evict/poc_CVE-2018-1002105 Preston Ackerman: Marketing 2FA https://www.sans.org/reading-room/whitepapers/authentication/swipe-tap-marketing-easier-2fa-increase-adoption-38695
ISC StormCast for Thursday, December 6th 2018
Adobe Releases Emergency Flash Patch https://helpx.adobe.com/security/products/flash-player/apsb18-42.html Apple Updates Everything (but not WatchOS) https://support.apple.com/en-us/HT201222 New Privacy Issues Affecting 3G-5G protocols https://eprint.iacr.org/2018/1175
ISC StormCast for Thursday, December 6th 2018
Adobe Releases Emergency Flash Patch https://helpx.adobe.com/security/products/flash-player/apsb18-42.html Apple Updates Everything (but not WatchOS) https://support.apple.com/en-us/HT201222 New Privacy Issues Affecting 3G-5G protocols https://eprint.iacr.org/2018/1175
ISC StormCast for Wednesday, December 5th 2018
Fake Ransomware Decryption Service https://www.theregister.co.uk/2018/12/04/ransomware_helper_was_middleman_dr_shifro/ Latest Lokibot Malspam https://isc.sans.edu/forums/diary/Malspam+pushing+Lokibot+malware/24372/ Chrome 71 Released https://www.bleepingcomputer.com/news/google/chrome-71-released-with-abusive-ad-filtering-and-audio-blocking/ RSA Followup Webcast https://www.rsaconference.com/videos/virtual-session-the-5-most-dangerous-new-attack-techniques-and-whats-to-come
ISC StormCast for Wednesday, December 5th 2018
Fake Ransomware Decryption Service https://www.theregister.co.uk/2018/12/04/ransomware_helper_was_middleman_dr_shifro/ Latest Lokibot Malspam https://isc.sans.edu/forums/diary/Malspam+pushing+Lokibot+malware/24372/ Chrome 71 Released https://www.bleepingcomputer.com/news/google/chrome-71-released-with-abusive-ad-filtering-and-audio-blocking/ RSA Followup Webcast https://www.rsaconference.com/videos/virtual-session-the-5-most-dangerous-new-attack-techniques-and-whats-to-come
ISC StormCast for Tuesday, December 4th 2018
Word Maldoc: Yet Another Place to Hide a Command https://isc.sans.edu/forums/diary/Word+maldoc+yet+another+place+to+hide+a+command/24370/ US-Cert Releases SamSam Alerts https://www.us-cert.gov/ncas/alerts/AA18-337A Kubernetes Patches https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88 Malicious iOS App Tricks User in Payment https://www.welivesecurity.com/2018/12/03/scam-ios-apps-promise-fitness-steal-money-instead/
ISC StormCast for Tuesday, December 4th 2018
Word Maldoc: Yet Another Place to Hide a Command https://isc.sans.edu/forums/diary/Word+maldoc+yet+another+place+to+hide+a+command/24370/ US-Cert Releases SamSam Alerts https://www.us-cert.gov/ncas/alerts/AA18-337A Kubernetes Patches https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88 Malicious iOS App Tricks User in Payment https://www.welivesecurity.com/2018/12/03/scam-ios-apps-promise-fitness-steal-money-instead/
ISC StormCast for Monday, December 3rd 2018
KingMiner Improved Cryptomining https://research.checkpoint.com/kingminer-the-new-and-improved-cryptojacker/ Siglent Technologies Oscilloscope Vulnerabilities https://seclists.org/fulldisclosure/2018/Nov/68 Autocad Malware https://www.forcepoint.com/blog/security-labs/autocad-malware-computer-aided-theft ISC Stickers (login required. first 10 requests each day) https://isc.sans.edu/sticker.html
ISC StormCast for Monday, December 3rd 2018
KingMiner Improved Cryptomining https://research.checkpoint.com/kingminer-the-new-and-improved-cryptojacker/ Siglent Technologies Oscilloscope Vulnerabilities https://seclists.org/fulldisclosure/2018/Nov/68 Autocad Malware https://www.forcepoint.com/blog/security-labs/autocad-malware-computer-aided-theft ISC Stickers (login required. first 10 requests each day) https://isc.sans.edu/sticker.html
ISC StormCast for Friday, November 30th 2018
Russian Language Malspam Pushing Shade (Troldesh) Ransomware https://isc.sans.edu/forums/diary/Russian+language+malspam+pushing+Shade+Troldesh+ransomware/24358/ Scamclub Malvertising Against iOS Users https://blog.confiant.com/malvertising-attack-hijacks-300-million-sessions-over-48-hours-9d0218fe02cd Andre Shori: To Block Or Not To Block? Impact and Analysis of Actively Blocking Shodan Scans http://www.sans.org/reading-room/whitepapers/networksecurity/block-block-impact-analysis-actively-blocking-shodan-scans-38645
ISC StormCast for Friday, November 30th 2018
Russian Language Malspam Pushing Shade (Troldesh) Ransomware https://isc.sans.edu/forums/diary/Russian+language+malspam+pushing+Shade+Troldesh+ransomware/24358/ Scamclub Malvertising Against iOS Users https://blog.confiant.com/malvertising-attack-hijacks-300-million-sessions-over-48-hours-9d0218fe02cd Andre Shori: To Block Or Not To Block? Impact and Analysis of Actively Blocking Shodan Scans http://www.sans.org/reading-room/whitepapers/networksecurity/block-block-impact-analysis-actively-blocking-shodan-scans-38645
ISC StormCast for Thursday, November 29th 2018
Obfuscated Shell Scripts: Fake MacOS Flash Updates https://isc.sans.edu/forums/diary/More+obfuscated+shell+scripts+Fake+MacOS+Flash+update/24352/ Sennheiser HeadSetup Certificate Authority Install https://www.secorvo.de/publikationen/headsetup-vulnerability-report-secorvo-2018.pdf Microsoft Fixes Shared Folder Permission Deletion Problem https://support.microsoft.com/en-us/help/4467684/windows-10-update-kb4467684 3ve Botnet Dismanteled https://services.google.com/fh/files/blogs/3ve_google_whiteops_whitepaper_final_nov_2018.pdf
ISC StormCast for Thursday, November 29th 2018
Obfuscated Shell Scripts: Fake MacOS Flash Updates https://isc.sans.edu/forums/diary/More+obfuscated+shell+scripts+Fake+MacOS+Flash+update/24352/ Sennheiser HeadSetup Certificate Authority Install https://www.secorvo.de/publikationen/headsetup-vulnerability-report-secorvo-2018.pdf Microsoft Fixes Shared Folder Permission Deletion Problem https://support.microsoft.com/en-us/help/4467684/windows-10-update-kb4467684 3ve Botnet Dismanteled https://services.google.com/fh/files/blogs/3ve_google_whiteops_whitepaper_final_nov_2018.pdf
ISC StormCast for Wednesday, November 28th 2018
Obfuscated QNAP bash Malware; https://isc.sans.edu/forums/diary/Obfuscated+bash+script+targeting+QNap+boxes/24348/ Half of All Phishing Sites Use HTTPS https://krebsonsecurity.com/2018/11/half-of-all-phishing-sites-now-have-the-padlock/ Chrome and Firefox to Remove FTP Support https://www.bleepingcomputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/ California Wildfire Used in BEC Scams https://www.agari.com/identity-intelligence-blog/california-wildfire-email-scams/
ISC StormCast for Wednesday, November 28th 2018
Obfuscated QNAP bash Malware; https://isc.sans.edu/forums/diary/Obfuscated+bash+script+targeting+QNap+boxes/24348/ Half of All Phishing Sites Use HTTPS https://krebsonsecurity.com/2018/11/half-of-all-phishing-sites-now-have-the-padlock/ Chrome and Firefox to Remove FTP Support https://www.bleepingcomputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/ California Wildfire Used in BEC Scams https://www.agari.com/identity-intelligence-blog/california-wildfire-email-scams/