A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Wednesday, October 25th 2017
Stop Relying on File Extensions https://isc.sans.edu/forums/diary/Stop+relying+on+file+extensions/22962/ BadRabbit New Ransomware Wave Hitting Russia and Ukraine https://isc.sans.edu/forums/diary/BadRabbit+New+ransomware+wave+hitting+RU+UA/22964/ https://www.welivesecurity.com/2017/10/24/kiev-metro-hit-new-variant-infamous-diskcoder-ransomware/ Over 70% Of Web Traffic Now via TLS https://transparencyreport.google.com/https/overview?hl=en Static RNG Seeds in Fortinet Devices https://duhkattack.com
ISC StormCast for Tuesday, October 24th 2017
Is a Telco in Brazil Hosing An Epidemic of Open SOCKS Proxies? https://isc.sans.edu/forums/diary/Is+a+telco+in+Brazil+hosting+an+epidemic+of+open+SOCKS+proxies/22956/ Android May Be Adding DNS Over TLS https://www.xda-developers.com https://tools.ietf.org/html/rfc7858 Fake Crypto Currency Trading Applications https://www.welivesecurity.com/2017/10/23/fake-cryptocurrency-apps-google-harvesting-credentials/
ISC StormCast for Tuesday, October 24th 2017
Is a Telco in Brazil Hosing An Epidemic of Open SOCKS Proxies? https://isc.sans.edu/forums/diary/Is+a+telco+in+Brazil+hosting+an+epidemic+of+open+SOCKS+proxies/22956/ Android May Be Adding DNS Over TLS https://www.xda-developers.com https://tools.ietf.org/html/rfc7858 Fake Crypto Currency Trading Applications https://www.welivesecurity.com/2017/10/23/fake-cryptocurrency-apps-google-harvesting-credentials/
ISC StormCast for Sunday, October 22nd 2017
IoT "Reaper" Botnet http://blog.netlab.360.com/iot_reaper-a-rappid-spreading-new-iot-botnet-en/ https://research.checkpoint.com/new-iot-botnet-storm-coming/ Elmedia Player and Folx Infected with Proton Malware https://www.eltima.com/blog/2017/10/elmedia-player-and-folx-malware-threat-neutralized.html Google Expands Bug Bounty To Popular Android Apps https://www.google.com/about/appsecurity/play-rewards/index.html Increased Use of Last Week's Flash Vulnerability https://www.proofpoint.com/us/threat-insight/post/apt28-racing-exploit-cve-2017-11292-flash-vulnerability-patches-are-deployed
ISC StormCast for Sunday, October 22nd 2017
IoT "Reaper" Botnet http://blog.netlab.360.com/iot_reaper-a-rappid-spreading-new-iot-botnet-en/ https://research.checkpoint.com/new-iot-botnet-storm-coming/ Elmedia Player and Folx Infected with Proton Malware https://www.eltima.com/blog/2017/10/elmedia-player-and-folx-malware-threat-neutralized.html Google Expands Bug Bounty To Popular Android Apps https://www.google.com/about/appsecurity/play-rewards/index.html Increased Use of Last Week's Flash Vulnerability https://www.proofpoint.com/us/threat-insight/post/apt28-racing-exploit-cve-2017-11292-flash-vulnerability-patches-are-deployed
ISC StormCast for Friday, October 20th 2017
Locky Ransomware Updates https://isc.sans.edu/forums/diary/Necurs+Botnet+malspam+pushes+Locky+using+DDE+attack/22946/ https://isc.sans.edu/forums/diary/HSBCthemed+malspam+uses+ISO+attachments+to+push+Loki+Bot+malware/22942/ Authedmine To Replace Coinhive https://coinhive.com/blog/authedmine Attackers Scan for SSH Keys via Webexploits https://www.wordfence.com/blog/2017/10/ssh-key-website-scans/ Attacking Colocated Virtual Machines with Rowhammer https://thisissecurity.stormshield.com/2017/10/19/attacking-co-hosted-vm-hacker-hammer-two-memory-modules/
ISC StormCast for Friday, October 20th 2017
Locky Ransomware Updates https://isc.sans.edu/forums/diary/Necurs+Botnet+malspam+pushes+Locky+using+DDE+attack/22946/ https://isc.sans.edu/forums/diary/HSBCthemed+malspam+uses+ISO+attachments+to+push+Loki+Bot+malware/22942/ Authedmine To Replace Coinhive https://coinhive.com/blog/authedmine Attackers Scan for SSH Keys via Webexploits https://www.wordfence.com/blog/2017/10/ssh-key-website-scans/ Attacking Colocated Virtual Machines with Rowhammer https://thisissecurity.stormshield.com/2017/10/19/attacking-co-hosted-vm-hacker-hammer-two-memory-modules/
ISC StormCast for Thursday, October 19th 2017
Baselining Servers to Detect Outliers https://isc.sans.edu/forums/diary/Baselining+Servers+to+Detect+Outliers/22940/ Test Script Available for KRACK Vulnerability https://github.com/vanhoefm/krackattacks-test-ap-ft WaterMiner Distributed With Gaming Mods https://minerva-labs.com/post/waterminer-a-new-evasive-crypto-miner Microsoft Releases Fall Creators Update https://blogs.windows.com/windowsexperience/2017/10/17/whats-new-windows-10-fall-creators-update/#76CQXoUYxT81RLJi.97
ISC StormCast for Thursday, October 19th 2017
Baselining Servers to Detect Outliers https://isc.sans.edu/forums/diary/Baselining+Servers+to+Detect+Outliers/22940/ Test Script Available for KRACK Vulnerability https://github.com/vanhoefm/krackattacks-test-ap-ft WaterMiner Distributed With Gaming Mods https://minerva-labs.com/post/waterminer-a-new-evasive-crypto-miner Microsoft Releases Fall Creators Update https://blogs.windows.com/windowsexperience/2017/10/17/whats-new-windows-10-fall-creators-update/#76CQXoUYxT81RLJi.97
ISC StormCast for Wednesday, October 18th 2017
Hancitor Malspam Uses DDE Attack To Spread Banking Malware https://isc.sans.edu/forums/diary/Hancitor+malspam+uses+DDE+attack/22936/ Infineon RSA Key Generation Weakness https://crocs.fi.muni.cz/public/papers/rsa_ccs17 Chrome Improving Security https://www.blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/
ISC StormCast for Wednesday, October 18th 2017
Hancitor Malspam Uses DDE Attack To Spread Banking Malware https://isc.sans.edu/forums/diary/Hancitor+malspam+uses+DDE+attack/22936/ Infineon RSA Key Generation Weakness https://crocs.fi.muni.cz/public/papers/rsa_ccs17 Chrome Improving Security https://www.blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/
ISC StormCast for Tuesday, October 17th 2017
WPA2 "Krack" Attack https://www.krackattacks.com/ https://securingthehuman.sans.org/blog/2017/10/16/28748/ Adobe Flash Player Update https://helpx.adobe.com/security/products/flash-player/apsb17-32.html Two (identical) uTorrent Binaries With Different Hashes https://isc.sans.edu/forums/diary/Its+in+the+signature/22928/
ISC StormCast for Tuesday, October 17th 2017
WPA2 "Krack" Attack https://www.krackattacks.com/ https://securingthehuman.sans.org/blog/2017/10/16/28748/ Adobe Flash Player Update https://helpx.adobe.com/security/products/flash-player/apsb17-32.html Two (identical) uTorrent Binaries With Different Hashes https://isc.sans.edu/forums/diary/Its+in+the+signature/22928/
ISC StormCast for Monday, October 16th 2017
Peeking Into an Outlook .msg File https://isc.sans.edu/forums/diary/Peeking+into+msg+files/22926/ Abandoned Domains / Equifax/Transunion Lead to Fake Falsh Update https://blog.malwarebytes.com/threat-analysis/2017/10/equifax-transunion-websites-push-fake-flash-player/ Microsoft Patch Causes Corrupted Systems https://support.microsoft.com/en-us/help/4049094 DoubleLocker Android Ransomware https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/ Chrome Extension Mines Crypto Currency https://www.bleepingcomputer.com/news/security/chrome-extension-uses-your-gmail-to-register-domains-names-and-injects-coinhive/
ISC StormCast for Monday, October 16th 2017
Peeking Into an Outlook .msg File https://isc.sans.edu/forums/diary/Peeking+into+msg+files/22926/ Abandoned Domains / Equifax/Transunion Lead to Fake Falsh Update https://blog.malwarebytes.com/threat-analysis/2017/10/equifax-transunion-websites-push-fake-flash-player/ Microsoft Patch Causes Corrupted Systems https://support.microsoft.com/en-us/help/4049094 DoubleLocker Android Ransomware https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/ Chrome Extension Mines Crypto Currency https://www.bleepingcomputer.com/news/security/chrome-extension-uses-your-gmail-to-register-domains-names-and-injects-coinhive/