A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Thursday, September 8th 2016
DShield Blocklist Update https://isc.sans.edu/forums/diary/Updated+DShield+Blocklist/21453/ Fortinet FortiWAN Load Balancer Mulitple Unpatched Vulnerabilities http://www.kb.cert.org/vuls/id/724487 Rapid7 Published NSM Vulnerabilities http://www.theregister.co.uk/2016/09/07/natwork_magement_vulns/ OPM Breached by Two Different Attackers https://oversight.house.gov/wp-content/uploads/2016/09/The-OPM-Data-Breach-How-the-Government-Jeopardized-Our-National-Security-for-More-than-a-Generation.pdf
ISC StormCast for Thursday, September 8th 2016
DShield Blocklist Update https://isc.sans.edu/forums/diary/Updated+DShield+Blocklist/21453/ Fortinet FortiWAN Load Balancer Mulitple Unpatched Vulnerabilities http://www.kb.cert.org/vuls/id/724487 Rapid7 Published NSM Vulnerabilities http://www.theregister.co.uk/2016/09/07/natwork_magement_vulns/ OPM Breached by Two Different Attackers https://oversight.house.gov/wp-content/uploads/2016/09/The-OPM-Data-Breach-How-the-Government-Jeopardized-Our-National-Security-for-More-than-a-Generation.pdf
ISC StormCast for Wednesday, September 7th 2016
Google September Android Security Update https://source.android.com/security/bulletin/2016-09-01.html Hard Coded Password / Key Issue Gets Worse http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html Snagging Credentials From Locked Machines (Windows and OS X) https://room362.com/post/2016/snagging-creds-from-locked-machines/
ISC StormCast for Wednesday, September 7th 2016
Google September Android Security Update https://source.android.com/security/bulletin/2016-09-01.html Hard Coded Password / Key Issue Gets Worse http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html Snagging Credentials From Locked Machines (Windows and OS X) https://room362.com/post/2016/snagging-creds-from-locked-machines/
ISC StormCast for Tuesday, September 6th 2016
Apple Patches OS X and Safari for Trident/Pegasus Vulnerabilities https://support.apple.com/en-us/HT201222 Malware Delivered via ".pub" Files https://isc.sans.edu/forums/diary/Malware+Delivered+via+pub+Files/21443/ Sophos Anti Virus False Positive Causes Blue Screen of Death https://community.sophos.com/kb/en-us/125000 Adobe Reviving Flash for Linux https://blogs.adobe.com/flashplayer/2016/08/beta-news-flash-player-npapi-for-linux.html Google Patches Nexuse 5X Vulnerability https://securityintelligence.com/undocumented-patched-vulnerability-in-nexus-5x-allowed-for-memory-dumping-via-usb/
ISC StormCast for Tuesday, September 6th 2016
Apple Patches OS X and Safari for Trident/Pegasus Vulnerabilities https://support.apple.com/en-us/HT201222 Malware Delivered via ".pub" Files https://isc.sans.edu/forums/diary/Malware+Delivered+via+pub+Files/21443/ Sophos Anti Virus False Positive Causes Blue Screen of Death https://community.sophos.com/kb/en-us/125000 Adobe Reviving Flash for Linux https://blogs.adobe.com/flashplayer/2016/08/beta-news-flash-player-npapi-for-linux.html Google Patches Nexuse 5X Vulnerability https://securityintelligence.com/undocumented-patched-vulnerability-in-nexus-5x-allowed-for-memory-dumping-via-usb/
ISC StormCast for Friday, September 2nd 2016
Malware Using Maxmind For Geolocation https://isc.sans.edu/forums/diary/Maxmindcom+Abused+As+AntiAnalysis+Technique/21435/ Content Security Policy of Limited Use in Real World https://research.google.com/pubs/pub45542.html CryptWare Bitlocker Enhancement Vulnerability https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160831-0_CryptWare_CryptoPro_Manipulation_of_pre-boot_authentication_v10.txt Google Releases Chrome 53 http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html
ISC StormCast for Friday, September 2nd 2016
Malware Using Maxmind For Geolocation https://isc.sans.edu/forums/diary/Maxmindcom+Abused+As+AntiAnalysis+Technique/21435/ Content Security Policy of Limited Use in Real World https://research.google.com/pubs/pub45542.html CryptWare Bitlocker Enhancement Vulnerability https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160831-0_CryptWare_CryptoPro_Manipulation_of_pre-boot_authentication_v10.txt Google Releases Chrome 53 http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html
ISC StormCast for Thursday, September 1st 2016
Abobe ColdFusion Update https://helpx.adobe.com/security/products/coldfusion/apsb16-30.html OS X Bittorrent Client Transmission Backdoored http://www.welivesecurity.com/2016/08/30/osxkeydnap-spreads-via-signed-transmission-application/ Arrested Lurk Hacking Group Likely Developed Angler Exploit Kit https://securelist.com/analysis/publications/75944/the-hunt-for-lurk/ Vulnerable REDIS Instances Used by Fake Ransomware https://duo.com/blog/over-18-000-redis-instances-targeted-by-fake-ransomware
ISC StormCast for Thursday, September 1st 2016
Abobe ColdFusion Update https://helpx.adobe.com/security/products/coldfusion/apsb16-30.html OS X Bittorrent Client Transmission Backdoored http://www.welivesecurity.com/2016/08/30/osxkeydnap-spreads-via-signed-transmission-application/ Arrested Lurk Hacking Group Likely Developed Angler Exploit Kit https://securelist.com/analysis/publications/75944/the-hunt-for-lurk/ Vulnerable REDIS Instances Used by Fake Ransomware https://duo.com/blog/over-18-000-redis-instances-targeted-by-fake-ransomware
ISC StormCast for Wednesday, August 31st 2016
Today's Locky Variant Arrives as a Windows Script File https://isc.sans.edu/forums/diary/Todays+Locky+Variant+Arrives+as+a+Windows+Script+File/21423/ OneLogin Breached and Secure Notes Lost https://www.onelogin.com/blog/august-2016-incident USB Memory Stick Can Be Used to Exfiltrate Data Wireless http://cyber.bgu.ac.il/t/USBee.pdf Jail Break App in Apple's App Store https://www.reddit.com/r/jailbreak/comments/506eyp/release_ppjailbreak_on_the_appstore/
ISC StormCast for Wednesday, August 31st 2016
Today's Locky Variant Arrives as a Windows Script File https://isc.sans.edu/forums/diary/Todays+Locky+Variant+Arrives+as+a+Windows+Script+File/21423/ OneLogin Breached and Secure Notes Lost https://www.onelogin.com/blog/august-2016-incident USB Memory Stick Can Be Used to Exfiltrate Data Wireless http://cyber.bgu.ac.il/t/USBee.pdf Jail Break App in Apple's App Store https://www.reddit.com/r/jailbreak/comments/506eyp/release_ppjailbreak_on_the_appstore/
ISC StormCast for Tuesday, August 30th 2016
CA WoSign Law Validation Policy https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/k9PBmyLCi8I FBI Warns Of Vulnerabilities in State Election Websites https://www.scribd.com/document/322473050/FBI-Flash-Aug-2016#from_embed Bug in "Keeper" Password Safe Allows Attackers to Steal Passwords https://bugs.chromium.org/p/project-zero/issues/detail?id=917 Bank ATMs Compromised via Malicious EMV Chip https://www.fireeye.com/blog/threat-research/2016/08/ripper_atm_malwarea.html
ISC StormCast for Tuesday, August 30th 2016
CA WoSign Law Validation Policy https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/k9PBmyLCi8I FBI Warns Of Vulnerabilities in State Election Websites https://www.scribd.com/document/322473050/FBI-Flash-Aug-2016#from_embed Bug in "Keeper" Password Safe Allows Attackers to Steal Passwords https://bugs.chromium.org/p/project-zero/issues/detail?id=917 Bank ATMs Compromised via Malicious EMV Chip https://www.fireeye.com/blog/threat-research/2016/08/ripper_atm_malwarea.html
ISC StormCast for Monday, August 29th 2016
Spam with Obfuscated Javascript https://isc.sans.edu/forums/diary/Spam+with+Obfuscated+Javascript/21415/ Another Day - Another Ransomware Sample https://isc.sans.edu/forums/diary/Another+Day+Another+Ransomware+Sample/21413/ OpenSSL Update https://www.openssl.org/news/openssl-1.1.0-notes.html Opera Sync Server Breached https://www.opera.com/blogs/security/2016/08/opera-server-breach-incident/ Fake Windows Update Delivers Ransomware http://www.bleepingcomputer.com/news/security/fantom-ransomware-encrypts-your-files-while-pretending-to-be-windows-update/ Dropbox Resets Old Passwords After Data Leak https://www.dropbox.com/help/9257?oref=e