A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Thursday, March 8th 2018
Ransomware News: GlobeImposter Gets A Facelift, GandCrab is Still Out there https://isc.sans.edu/forums/diary/Ransomware+news+GlobeImposter+gets+a+facelift+GandCrab+is+still+out+there/23417/ How to Break Encryption https://blog.malwarebytes.com/threat-analysis/2018/03/encryption-101-how-to-break-encryption/ Bypassing Adobe Flash Security Protections https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/ Hundreds of Bitcoin Mining Servers Stolen in Iceland https://www.theguardian.com/world/2018/mar/07/hundreds-of-bitcoin-mining-servers-stolen-in-iceland Several Android Mail Apps Send Password To Developer (article in German) https://www.kuketz-blog.de/mail-apps-zahlreiche-android-apps-uebermitteln-login-passwort/
ISC StormCast for Wednesday, March 7th 2018
Exploit for CVE-2018-6789 https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/ Microsoft Fixes USB Issues Introduced By February Patches https://support.microsoft.com/en-us/help/4090913/march5-2018kb4090913osbuild16299-251 123 Reg Looses Backups https://www.bleepingcomputer.com/news/business/123-reg-backup-snafu-causes-clients-to-lose-files-since-august-2017/ Android March Security Bulletin https://source.android.com/security/bulletin/2018-03-01#media-framework
ISC StormCast for Wednesday, March 7th 2018
Exploit for CVE-2018-6789 https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/ Microsoft Fixes USB Issues Introduced By February Patches https://support.microsoft.com/en-us/help/4090913/march5-2018kb4090913osbuild16299-251 123 Reg Looses Backups https://www.bleepingcomputer.com/news/business/123-reg-backup-snafu-causes-clients-to-lose-files-since-august-2017/ Android March Security Bulletin https://source.android.com/security/bulletin/2018-03-01#media-framework
ISC StormCast for Tuesday, March 6th 2018
Malicious Bash Script with Multiple Features https://isc.sans.edu/forums/diary/Malicious+Bash+Script+with+Multiple+Features/23411/ More Memcached DDoS Attacks https://www.arbornetworks.com/blog/asert/netscout-arbor-confirms-1-7-tbps-ddos-attack-terabit-attack-era-upon-us/ Spring Framework Vulnerability https://lgtm.com/blog/spring_data_rest_CVE-2017-8046 LTE Vulnerabilities http://homepage.divms.uiowa.edu/~comarhaider/publications/LTE_NDSS18_paper.pdf
ISC StormCast for Tuesday, March 6th 2018
Malicious Bash Script with Multiple Features https://isc.sans.edu/forums/diary/Malicious+Bash+Script+with+Multiple+Features/23411/ More Memcached DDoS Attacks https://www.arbornetworks.com/blog/asert/netscout-arbor-confirms-1-7-tbps-ddos-attack-terabit-attack-era-upon-us/ Spring Framework Vulnerability https://lgtm.com/blog/spring_data_rest_CVE-2017-8046 LTE Vulnerabilities http://homepage.divms.uiowa.edu/~comarhaider/publications/LTE_NDSS18_paper.pdf
ISC StormCast for Monday, March 5th 2018
Protective Malicious Monero Crypto Coin Miners https://isc.sans.edu/forums/diary/The+Crypto+Miners+Fight+For+CPU+Cycles/23407/ memcached DDoS Attacks Ask For Ransom https://blogs.akamai.com/2018/03/memcached-now-with-extortion.html Cheap Android Trojans Come PreInstalled With Banking Malware https://news.drweb.com/show/?lng=en&i=11749&c=5 RedDrop Android Malware Installed via 3rd Party App Stores https://www.wandera.com/blog/reddrop-malware/
ISC StormCast for Monday, March 5th 2018
Protective Malicious Monero Crypto Coin Miners https://isc.sans.edu/forums/diary/The+Crypto+Miners+Fight+For+CPU+Cycles/23407/ memcached DDoS Attacks Ask For Ransom https://blogs.akamai.com/2018/03/memcached-now-with-extortion.html Cheap Android Trojans Come PreInstalled With Banking Malware https://news.drweb.com/show/?lng=en&i=11749&c=5 RedDrop Android Malware Installed via 3rd Party App Stores https://www.wandera.com/blog/reddrop-malware/
ISC StormCast for Friday, March 2nd 2018
Censoring Images At Scale in #WeChat https://isc.sans.edu/forums/diary/Why+Does+Emperor+Xi+Dislike+Winnie+the+Pooh+and+Scrambled+Eggs/23395/ Trustico Update: Certificate Revocation List Monitor https://isc.sans.edu/crls.html Memcached Update: Github Attack https://githubengineering.com/ddos-incident-report/ http://powerofcommunity.net/poc2017/shengbao.pdf Microsoft Releases Intel Spectre Microcode Updates https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates
ISC StormCast for Friday, March 2nd 2018
Censoring Images At Scale in #WeChat https://isc.sans.edu/forums/diary/Why+Does+Emperor+Xi+Dislike+Winnie+the+Pooh+and+Scrambled+Eggs/23395/ Trustico Update: Certificate Revocation List Monitor https://isc.sans.edu/crls.html Memcached Update: Github Attack https://githubengineering.com/ddos-incident-report/ http://powerofcommunity.net/poc2017/shengbao.pdf Microsoft Releases Intel Spectre Microcode Updates https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates
ISC StormCast for Thursday, March 1st 2018
How Did This Memcache Thing Happen? https://isc.sans.edu/forums/diary/How+did+this+Memcache+thing+happen/23391/ Trustico TLS Certificate Revocation https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/wxX4Yv0E3Mk/QZt8UPhKAwAJ Flash on Its Way Out https://www.bleepingcomputer.com/news/security/google-chrome-flash-usage-declines-from-80-percent-in-2014-to-under-8-percent-today/ DNSSEC Is Getting Better But Still Struggeling http://www.theregister.co.uk/2018/02/28/dutch_name_authority_dnssec_validation_errors_can_be_eliminated/ Smart TV Firmware Flaws https://www.av-comparatives.org/wp-content/uploads/2018/02/avc_sigma_medion_201802.pdf
ISC StormCast for Thursday, March 1st 2018
How Did This Memcache Thing Happen? https://isc.sans.edu/forums/diary/How+did+this+Memcache+thing+happen/23391/ Trustico TLS Certificate Revocation https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/wxX4Yv0E3Mk/QZt8UPhKAwAJ Flash on Its Way Out https://www.bleepingcomputer.com/news/security/google-chrome-flash-usage-declines-from-80-percent-in-2014-to-under-8-percent-today/ DNSSEC Is Getting Better But Still Struggeling http://www.theregister.co.uk/2018/02/28/dutch_name_authority_dnssec_validation_errors_can_be_eliminated/ Smart TV Firmware Flaws https://www.av-comparatives.org/wp-content/uploads/2018/02/avc_sigma_medion_201802.pdf
ISC StormCast for Wednesday, February 28th 2018
Memcached Servers Used in Reflective DDoS Attacks https://isc.sans.edu/forums/diary/Why+we+Dont+Deserve+the+Internet+Memcached+Reflected+DDoS+Attacks/23389/ Malspam Pushing Formbook Info Stealer https://isc.sans.edu/forums/diary/Malspam+pushing+Formbook+info+stealer/23387/ Various SAML Parsers Affected by Comment Parsing Vulnerability https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
ISC StormCast for Wednesday, February 28th 2018
Memcached Servers Used in Reflective DDoS Attacks https://isc.sans.edu/forums/diary/Why+we+Dont+Deserve+the+Internet+Memcached+Reflected+DDoS+Attacks/23389/ Malspam Pushing Formbook Info Stealer https://isc.sans.edu/forums/diary/Malspam+pushing+Formbook+info+stealer/23387/ Various SAML Parsers Affected by Comment Parsing Vulnerability https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
ISC StormCast for Tuesday, February 27th 2018
Enumerating S3 Buckets https://github.com/jordanpotti/AWSBucketDump Creating AWS Network Diagrams https://github.com/duo-labs/cloudmapper Selling Macs and "Find my Mac" Feature https://medium.com/@mulligan/how-i-sold-an-old-mac-and-unknowingly-tracked-its-location-for-over-3-years-9a35cd3ca4cf Apple Stopping Support for 1st Gen Apple TV and iTunes on Windows XP / Vista https://support.apple.com/en-us/HT208104
ISC StormCast for Tuesday, February 27th 2018
Enumerating S3 Buckets https://github.com/jordanpotti/AWSBucketDump Creating AWS Network Diagrams https://github.com/duo-labs/cloudmapper Selling Macs and "Find my Mac" Feature https://medium.com/@mulligan/how-i-sold-an-old-mac-and-unknowingly-tracked-its-location-for-over-3-years-9a35cd3ca4cf Apple Stopping Support for 1st Gen Apple TV and iTunes on Windows XP / Vista https://support.apple.com/en-us/HT208104