A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Tuesday, June 20th 2017
Stack Clash Vulnerability Affects Various Unix Based Operating Systems https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt Separation Of Duties / Malicious Administrators https://isc.sans.edu/forums/diary/As+Your+Admin+Walks+Out+the+Door/22530/ Progress in Sattelite Based Quantum Cryptography https://www.wired.com/story/chinese-satellite-relays-a-quantum-signal-between-cities/ https://www.helpnetsecurity.com/2017/06/19/extremely-secure-data-encryption/ Women Connect Event Minneapolis: https://www.sans.org/event/minneapolis-2017/bonus-sessions/12162
ISC StormCast for Tuesday, June 20th 2017
Stack Clash Vulnerability Affects Various Unix Based Operating Systems https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt Separation Of Duties / Malicious Administrators https://isc.sans.edu/forums/diary/As+Your+Admin+Walks+Out+the+Door/22530/ Progress in Sattelite Based Quantum Cryptography https://www.wired.com/story/chinese-satellite-relays-a-quantum-signal-between-cities/ https://www.helpnetsecurity.com/2017/06/19/extremely-secure-data-encryption/ Women Connect Event Minneapolis: https://www.sans.org/event/minneapolis-2017/bonus-sessions/12162
ISC StormCast for Monday, June 19th 2017
Uptick in Port 83 Traffic https://isc.sans.edu/forums/diary/What+is+going+on+with+Port+83/22524/ WINS DoS Vulnerability will not be fixed by Microsoft https://blog.fortinet.com/2017/06/14/wins-server-remote-memory-corruption-vulnerability-in-microsoft-windows-server Microsoft to Release Patch to Turn off SMB1 https://www.bleepingcomputer.com/news/microsoft/microsoft-to-disable-smbv1-in-windows-starting-this-fall/ UK Hacker Stole Personell Data For US Military Sattelite Network https://public-newsroom-nca-01.azurewebsites.net/news/hacker-stole-satellite-data-from-us-department-of-defence Sophos Web Appliance Will Now Update via https https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-2---security-and-defect-fix-rollup
ISC StormCast for Monday, June 19th 2017
Uptick in Port 83 Traffic https://isc.sans.edu/forums/diary/What+is+going+on+with+Port+83/22524/ WINS DoS Vulnerability will not be fixed by Microsoft https://blog.fortinet.com/2017/06/14/wins-server-remote-memory-corruption-vulnerability-in-microsoft-windows-server Microsoft to Release Patch to Turn off SMB1 https://www.bleepingcomputer.com/news/microsoft/microsoft-to-disable-smbv1-in-windows-starting-this-fall/ UK Hacker Stole Personell Data For US Military Sattelite Network https://public-newsroom-nca-01.azurewebsites.net/news/hacker-stole-satellite-data-from-us-department-of-defence Sophos Web Appliance Will Now Update via https https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-2---security-and-defect-fix-rollup
ISC StormCast for Friday, June 16th 2017
WikiLeaks Releases Documents About Cherry Blossom Wifi Hacking Toolkit https://wikileaks.org/vault7/#Cherry%20Blossom More DVR Vulnerabilities https://www.pentestpartners.com/security-blog/what-did-mirai-miss-making-a-better-bigger-botnet/ More Microsoft Windows Defender Vulnerabilities http://www.theregister.co.uk/2017/06/15/microsoft_how_about_sandboxing_windows_defenders_engine/ Decryption Utility For Jaff Crypto Ransomware https://noransom.kaspersky.com Preston Ackerman: Two Factor Authentication by Home End-Users https://www.sans.org/reading-room/whitepapers/authentication/impediments-adoption-two-factor-authentication-home-end-users-37607
ISC StormCast for Friday, June 16th 2017
WikiLeaks Releases Documents About Cherry Blossom Wifi Hacking Toolkit https://wikileaks.org/vault7/#Cherry%20Blossom More DVR Vulnerabilities https://www.pentestpartners.com/security-blog/what-did-mirai-miss-making-a-better-bigger-botnet/ More Microsoft Windows Defender Vulnerabilities http://www.theregister.co.uk/2017/06/15/microsoft_how_about_sandboxing_windows_defenders_engine/ Decryption Utility For Jaff Crypto Ransomware https://noransom.kaspersky.com Preston Ackerman: Two Factor Authentication by Home End-Users https://www.sans.org/reading-room/whitepapers/authentication/impediments-adoption-two-factor-authentication-home-end-users-37607
ISC StormCast for Thursday, June 15th 2017
Systemd Odd Defaults https://isc.sans.edu/forums/diary/Systemd+Could+Fallback+to+Google+DNS/22516/ Voice over LTE Vulnerabilities https://www.sstic.org/media/SSTIC2017/SSTIC-actes/remote_geolocation_and_tracing_of_subscribers_usin/SSTIC2017-Article-remote_geolocation_and_tracing_of_subscribers_using_4g_volte_android_phone-le-moal_ventuzelo_coudray.pdf Tails 3.0 Released https://tails.boum.org/install/download/index.en.html Nexus 9 Headphone Jack Vulnerability https://alephsecurity.com/2017/06/13/nexus9-ephemeral-fiq/
ISC StormCast for Thursday, June 15th 2017
Systemd Odd Defaults https://isc.sans.edu/forums/diary/Systemd+Could+Fallback+to+Google+DNS/22516/ Voice over LTE Vulnerabilities https://www.sstic.org/media/SSTIC2017/SSTIC-actes/remote_geolocation_and_tracing_of_subscribers_usin/SSTIC2017-Article-remote_geolocation_and_tracing_of_subscribers_using_4g_volte_android_phone-le-moal_ventuzelo_coudray.pdf Tails 3.0 Released https://tails.boum.org/install/download/index.en.html Nexus 9 Headphone Jack Vulnerability https://alephsecurity.com/2017/06/13/nexus9-ephemeral-fiq/
ISC StormCast for Wednesday, June 14th 2017
MSFT June Patchday Fixes Remaining Known NSA Vulnerabilities https://isc.sans.edu/forums/diary/Microsoft+and+Adobe+June+2017+Patch+Tuesday+Two+Exploited+Vulnerabilities+Patched/22512/ North Korea Building DDoS Botnet https://www.us-cert.gov/ncas/alerts/TA17-164A
ISC StormCast for Wednesday, June 14th 2017
MSFT June Patchday Fixes Remaining Known NSA Vulnerabilities https://isc.sans.edu/forums/diary/Microsoft+and+Adobe+June+2017+Patch+Tuesday+Two+Exploited+Vulnerabilities+Patched/22512/ North Korea Building DDoS Botnet https://www.us-cert.gov/ncas/alerts/TA17-164A
ISC StormCast for Tuesday, June 13th 2017
Industropyer / CrashOverride Malware Analysis From Power System Attacks https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/ https://dragos.com/blog/crashoverride/CrashOverride-01.pdf MacSpy Spyware As A Service For Macs http://www.alienvault.com/blogs/labs-research/macspy-os-x-rat-as-a-service VolUtility Memory Analysis Made Easy https://isc.sans.edu/forums/diary/An+Introduction+to+VolUtility/22508/ Google News Abused For Spam http://www.theregister.co.uk/2017/06/12/googles_news_algorithm_serves_up_penis_pills_for_all/
ISC StormCast for Tuesday, June 13th 2017
Industropyer / CrashOverride Malware Analysis From Power System Attacks https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/ https://dragos.com/blog/crashoverride/CrashOverride-01.pdf MacSpy Spyware As A Service For Macs http://www.alienvault.com/blogs/labs-research/macspy-os-x-rat-as-a-service VolUtility Memory Analysis Made Easy https://isc.sans.edu/forums/diary/An+Introduction+to+VolUtility/22508/ Google News Abused For Spam http://www.theregister.co.uk/2017/06/12/googles_news_algorithm_serves_up_penis_pills_for_all/
ISC StormCast for Monday, June 12th 2017
SAMBA Vulnerability Exploited To Install Bitcoin Miners https://securelist.com/78674/sambacry-is-coming/ Intel's AMT Technology Used For Covert Channel https://blogs.technet.microsoft.com/mmpc/2017/06/07/platinum-continues-to-evolve-find-ways-to-maintain-invisibility/ Broadcom Vulnerablities to be Announced https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets Release Lag In National Vulnerablity Database https://www.recordedfuture.com/vulnerability-disclosure-delay/
ISC StormCast for Monday, June 12th 2017
SAMBA Vulnerability Exploited To Install Bitcoin Miners https://securelist.com/78674/sambacry-is-coming/ Intel's AMT Technology Used For Covert Channel https://blogs.technet.microsoft.com/mmpc/2017/06/07/platinum-continues-to-evolve-find-ways-to-maintain-invisibility/ Broadcom Vulnerablities to be Announced https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets Release Lag In National Vulnerablity Database https://www.recordedfuture.com/vulnerability-disclosure-delay/
ISC StormCast for Friday, June 9th 2017
Cisco Prime Data Center Network Manager Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm1 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm2 Oracle Peoplesoft Default Accounts https://erpscan.com/press-center/blog/peoplesoft-default-accounts/ FOSCAM Camera Default Passwords and Other Vulnerabilities http://images.news.f-secure.com/Web/FSecure/%7B43df9e0d-20a8-404a-86d0-70dcca00b6e5%7D_vulnerabilities-in-foscam-IP-cameras_report.pdf Android Malware With Code Injections https://securelist.com/78648/dvmap-the-first-android-malware-with-code-injection/ STI Student John Dittmer: Legal Implication of Vulnerablity Scans https://www.sans.org/reading-room/whitepapers/legal/minimizing-legal-risk-cybersecurity-scanning-tools-37522