A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Wednesday, December 28th 2016
Using Daemonlogger as a Software Tap https://isc.sans.edu/forums/diary/Using+daemonlogger+as+a+Software+Tap/21859/ CCC Conference https://events.ccc.de/congress/2016/wiki/Main_Page PHPMailer Exploit Released https://legalhackers.com/exploits/CVE-2016-10033/PHPMailer-RCE-exploit-poc.txt Patch For Exim Mail Server https://exim.org/static/doc/CVE-2016-9963.txt Signal Uses Domain Fronting To Evade Censor Ship https://whispersystems.org/blog/doodles-stickers-censorship/
ISC StormCast for Wednesday, December 28th 2016
Using Daemonlogger as a Software Tap https://isc.sans.edu/forums/diary/Using+daemonlogger+as+a+Software+Tap/21859/ CCC Conference https://events.ccc.de/congress/2016/wiki/Main_Page PHPMailer Exploit Released https://legalhackers.com/exploits/CVE-2016-10033/PHPMailer-RCE-exploit-poc.txt Patch For Exim Mail Server https://exim.org/static/doc/CVE-2016-9963.txt Signal Uses Domain Fronting To Evade Censor Ship https://whispersystems.org/blog/doodles-stickers-censorship/
ISC StormCast for Tuesday, December 27th 2016
Criticial RCE Flaw in PHPMailer https://isc.sans.edu/forums/diary/Critical+security+update+PHPMailer+5218+CVE201610033/21855/ Malware Delays Execution with "Ping" https://isc.sans.edu/forums/diary/Pinging+All+The+Way/21849/ Apple Extends TLS Deadline https://isc.sans.edu/forums/diary/Pinging+All+The+Way/21849/
ISC StormCast for Tuesday, December 27th 2016
Criticial RCE Flaw in PHPMailer https://isc.sans.edu/forums/diary/Critical+security+update+PHPMailer+5218+CVE201610033/21855/ Malware Delays Execution with "Ping" https://isc.sans.edu/forums/diary/Pinging+All+The+Way/21849/ Apple Extends TLS Deadline https://isc.sans.edu/forums/diary/Pinging+All+The+Way/21849/
ISC StormCast for Thursday, December 22nd 2016
Mirai Trying Various Telnet Alternatives https://isc.sans.edu/forums/diary/UPDATED+x1+Mirai+Scanning+for+Port+6789+Looking+for+New+Victims+Now+hitting+tcp23231/21833/ Ukraining Power Outages http://uawire.org/news/ukrenergo-claims-that-blackouts-in-kyiv-could-have-been-caused-by-hackers OurMine Hacks Netflix and Other Twitter Accounts http://www.bbc.com/news/technology-38390343?ocid=socialflow_twitter Methbot Generating Millions of Dollars With Click Fraud http://go.whiteops.com/rs/179-SQE-823/images/WO_Methbot_Operation_WP.pdf
ISC StormCast for Thursday, December 22nd 2016
Mirai Trying Various Telnet Alternatives https://isc.sans.edu/forums/diary/UPDATED+x1+Mirai+Scanning+for+Port+6789+Looking+for+New+Victims+Now+hitting+tcp23231/21833/ Ukraining Power Outages http://uawire.org/news/ukrenergo-claims-that-blackouts-in-kyiv-could-have-been-caused-by-hackers OurMine Hacks Netflix and Other Twitter Accounts http://www.bbc.com/news/technology-38390343?ocid=socialflow_twitter Methbot Generating Millions of Dollars With Click Fraud http://go.whiteops.com/rs/179-SQE-823/images/WO_Methbot_Operation_WP.pdf
ISC StormCast for Wednesday, December 21st 2016
vSphere Data Protection Known SSH Key http://www.vmware.com/security/advisories/VMSA-2016-0024.html nmap Update https://nmap.org/download.html SCCM Software Metering https://www.fireeye.com/blog/threat-research/2016/12/do_you_see_what_icc.html CryptXXX Version 3 Decryptor Available https://noransom.kaspersky.com Airline Inflight Entertainment System Hack http://blog.ioactive.com/2016/12/in-flight-hacking-system.html SEC503, Intrusion Detection in Depth: Brussles January 16th-21st 2017 https://www.sans.org/event/brussels-winter-2017/course/intrusion-detection-in-depth
ISC StormCast for Wednesday, December 21st 2016
vSphere Data Protection Known SSH Key http://www.vmware.com/security/advisories/VMSA-2016-0024.html nmap Update https://nmap.org/download.html SCCM Software Metering https://www.fireeye.com/blog/threat-research/2016/12/do_you_see_what_icc.html CryptXXX Version 3 Decryptor Available https://noransom.kaspersky.com Airline Inflight Entertainment System Hack http://blog.ioactive.com/2016/12/in-flight-hacking-system.html SEC503, Intrusion Detection in Depth: Brussles January 16th-21st 2017 https://www.sans.org/event/brussels-winter-2017/course/intrusion-detection-in-depth
ISC StormCast for Tuesday, December 20th 2016
Mirai Likely Behind Port 6789 Scans. Yet Another Backdoor https://isc.sans.edu/forums/diary/Mirai+Scanning+for+Port+6789+Looking+for+New+Victims/21833/ OpenSSH update https://www.openssh.com/releasenotes.html#7.4 Google Releases Tool to Audit Crypto Libraries https://security.googleblog.com/2016/12/project-wycheproof.html Escaping A Restricted Shell https://humblesec.wordpress.com/2016/12/08/escaping-a-restricted-shell/
ISC StormCast for Tuesday, December 20th 2016
Mirai Likely Behind Port 6789 Scans. Yet Another Backdoor https://isc.sans.edu/forums/diary/Mirai+Scanning+for+Port+6789+Looking+for+New+Victims/21833/ OpenSSH update https://www.openssh.com/releasenotes.html#7.4 Google Releases Tool to Audit Crypto Libraries https://security.googleblog.com/2016/12/project-wycheproof.html Escaping A Restricted Shell https://humblesec.wordpress.com/2016/12/08/escaping-a-restricted-shell/
ISC StormCast for Monday, December 19th 2016
Verizon Webmail XSS Exploit https://randywestergren.com/persistent-xss-verizons-webmail-client/ Blocking Powershell Connections via Windows Firewall https://isc.sans.edu/forums/diary/Blocking+Powershell+Connection+via+Windows+Firewall/21829/ Exploit Kits Delivering Cerber Ransomware https://isc.sans.edu/forums/diary/One+if+by+email+and+two+if+by+EK+The+Cerbers+are+coming/21823/ More Security Companies joining "No More Ransom" https://www.nomoreransom.org IT Contractor Trying to Take Over Radio Station https://regmedia.co.uk/2016/12/16/kcohvtaylorfiling.pdf Holiday Safe Computing Tips https://isc.sans.edu/forums/diary/Holiday+Safe+Computing+Tips/21827/
ISC StormCast for Monday, December 19th 2016
Verizon Webmail XSS Exploit https://randywestergren.com/persistent-xss-verizons-webmail-client/ Blocking Powershell Connections via Windows Firewall https://isc.sans.edu/forums/diary/Blocking+Powershell+Connection+via+Windows+Firewall/21829/ Exploit Kits Delivering Cerber Ransomware https://isc.sans.edu/forums/diary/One+if+by+email+and+two+if+by+EK+The+Cerbers+are+coming/21823/ More Security Companies joining "No More Ransom" https://www.nomoreransom.org IT Contractor Trying to Take Over Radio Station https://regmedia.co.uk/2016/12/16/kcohvtaylorfiling.pdf Holiday Safe Computing Tips https://isc.sans.edu/forums/diary/Holiday+Safe+Computing+Tips/21827/
ISC StormCast for Friday, December 16th 2016
Domain Cops Malware Analysis https://isc.sans.edu/forums/diary/Domaincop+malpsam/21821/ OS X Filevault Password Retrieval http://blog.frizk.net/2016/12/filevault-password-retrieval.html QEMU/Xen Vulnerability http://xenbits.xen.org/xsa/advisory-199.html DNS Changer Attacking Home Routers https://www.proofpoint.com/us/threat-insight/post/home-routers-under-attack-malvertising-windows-android-devices
ISC StormCast for Friday, December 16th 2016
Domain Cops Malware Analysis https://isc.sans.edu/forums/diary/Domaincop+malpsam/21821/ OS X Filevault Password Retrieval http://blog.frizk.net/2016/12/filevault-password-retrieval.html QEMU/Xen Vulnerability http://xenbits.xen.org/xsa/advisory-199.html DNS Changer Attacking Home Routers https://www.proofpoint.com/us/threat-insight/post/home-routers-under-attack-malvertising-windows-android-devices
ISC StormCast for Thursday, December 15th 2016
Malicious JavaScript Bypasses UAC https://isc.sans.edu/forums/diary/UAC+Bypass+in+JScript+Dropper/21813/ Skype Unauthorized API Access Blocked https://www.trustwave.com/Resources/SpiderLabs-Blog/A-Backdoor-in-Skype-for-Mac-OS-X/?page=1&year=0&month=0 Facebook Anounces Certificate Transparency Monitoring Tool https://www.facebook.com/notes/protect-the-graph/introducing-our-certificate-transparency-monitoring-tool/1811919779048165 Another Tor Browser (and Firefox) Bug Fixed https://blog.torproject.org/blog/tor-browser-608-released Cheap Android Phones Arrive With Malware Preinstalled https://news.drweb.com/show/?i=10345&lng=en Exploit for Nagios https://legalhackers.com/advisories/Nagios-Exploit-Command-Injection-CVE-2016-9565-2008-4796.html