A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Wednesday, August 17th 2016
Cryptoanalysis of a Fully Homomorphic Encryption Scheme http://eprint.iacr.org/2016/775.pdf Recreating Android App Displays from Memory https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_saltaformaggio.pdf Various Router Exploits Released https://medium.com/@msuiche/shadow-brokers-nsa-exploits-of-the-week-3f7e17bdc216#.mnoyydmeu
ISC StormCast for Wednesday, August 17th 2016
Cryptoanalysis of a Fully Homomorphic Encryption Scheme http://eprint.iacr.org/2016/775.pdf Recreating Android App Displays from Memory https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_saltaformaggio.pdf Various Router Exploits Released https://medium.com/@msuiche/shadow-brokers-nsa-exploits-of-the-week-3f7e17bdc216#.mnoyydmeu
ISC StormCast for Tuesday, August 16th 2016
Starting October 2016, Microsoft Will Use Montly Rollup Updates for Win 7/8.1 https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/ Updated Group Policies To Block Macros in Office 2013 https://isc.sans.edu/forums/diary/MS+Office+2013+New+Macro+Controls+Sorta/21371/ Bypassing Application Whitelisting using WinDbg http://www.exploit-monday.com/2016/08/windbg-cdb-shellcode-runner.html Bypassing UAC without writing to disk https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/
ISC StormCast for Tuesday, August 16th 2016
Starting October 2016, Microsoft Will Use Montly Rollup Updates for Win 7/8.1 https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/ Updated Group Policies To Block Macros in Office 2013 https://isc.sans.edu/forums/diary/MS+Office+2013+New+Macro+Controls+Sorta/21371/ Bypassing Application Whitelisting using WinDbg http://www.exploit-monday.com/2016/08/windbg-cdb-shellcode-runner.html Bypassing UAC without writing to disk https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/
ISC StormCast for Monday, August 15th 2016
Most Android Devices Protected From Quadrooter By Default http://www.androidcentral.com/google-confirms-verify-apps-can-block-apps-quadrooter-exploits Dangers of IP Geolocation https://nakedsecurity.sophos.com/2016/08/11/couple-sue-over-ip-glitch-that-repeatedly-sent-feds-to-their-house/ Microsoft Secure Boot Key Bypass https://rol.im/securegoldenkeyboot/ (careful. highly annoying but harmless)
ISC StormCast for Monday, August 15th 2016
Most Android Devices Protected From Quadrooter By Default http://www.androidcentral.com/google-confirms-verify-apps-can-block-apps-quadrooter-exploits Dangers of IP Geolocation https://nakedsecurity.sophos.com/2016/08/11/couple-sue-over-ip-glitch-that-repeatedly-sent-feds-to-their-house/ Microsoft Secure Boot Key Bypass https://rol.im/securegoldenkeyboot/ (careful. highly annoying but harmless)
ISC StormCast for Friday, August 12th 2016
Bling Spoofing of TCP Connections CVE-2016-5696 http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf Fingerprinting TLS Using TShark https://isc.sans.edu/forums/diary/Profiling+SSL+Clients+with+tshark/21361/ Forensics Artifcats on iOS Messaging Apps https://isc.sans.edu/forums/diary/Looking+for+the+insider+Forensic+Artifacts+on+iOS+Messaging+App/21363/ Vulnerable VW Remote Keyless Unlock https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/garcia
ISC StormCast for Friday, August 12th 2016
Bling Spoofing of TCP Connections CVE-2016-5696 http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf Fingerprinting TLS Using TShark https://isc.sans.edu/forums/diary/Profiling+SSL+Clients+with+tshark/21361/ Forensics Artifcats on iOS Messaging Apps https://isc.sans.edu/forums/diary/Looking+for+the+insider+Forensic+Artifacts+on+iOS+Messaging+App/21363/ Vulnerable VW Remote Keyless Unlock https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/garcia
ISC StormCast for Wednesday, August 10th 2016
MSFT Patch Tuesday Summary https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+August+2016/21357/ Adobe Patch for Adobe Experience Manager https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html Avast Anti Virus Conflict With Windows 10 Anniversary Update https://forum.avast.com/index.php?topic=189403.0
ISC StormCast for Wednesday, August 10th 2016
MSFT Patch Tuesday Summary https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+August+2016/21357/ Adobe Patch for Adobe Experience Manager https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html Avast Anti Virus Conflict With Windows 10 Anniversary Update https://forum.avast.com/index.php?topic=189403.0
ISC StormCast for Tuesday, August 9th 2016
Using File Entropy to Identify "Ransomwared" Files https://isc.sans.edu/forums/diary/Using+File+Entropy+to+Identify+Ransomwared+Files/21351/ Bypassing Windows Digital Signatures https://www.blackhat.com/docs/us-16/materials/us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digitally-Signed-Executable-wp.pdf Quadrooter Android Vulnerability http://blog.checkpoint.com/2016/08/07/quadrooter/ Defcon Slides Online https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/ Philips Hue Exploit (Video) http://colinoflynn.com/wp-content/uploads/2016/08/us-16-OFlynn-A-Lightbulb-Worm-wp.pdf
ISC StormCast for Tuesday, August 9th 2016
Using File Entropy to Identify "Ransomwared" Files https://isc.sans.edu/forums/diary/Using+File+Entropy+to+Identify+Ransomwared+Files/21351/ Bypassing Windows Digital Signatures https://www.blackhat.com/docs/us-16/materials/us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digitally-Signed-Executable-wp.pdf Quadrooter Android Vulnerability http://blog.checkpoint.com/2016/08/07/quadrooter/ Defcon Slides Online https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/ Philips Hue Exploit (Video) http://colinoflynn.com/wp-content/uploads/2016/08/us-16-OFlynn-A-Lightbulb-Worm-wp.pdf
ISC StormCast for Monday, August 8th 2016
Analyzing Malicious RTF Files https://isc.sans.edu/forums/diary/rtfdump/21347/ Monitors Vulnerable To Remote Code Execution http://motherboard.vice.com/read/hackers-could-break-into-your-monitor-to-spy-on-you-and-manipulate-your-pixels Brute Forcing Encrypted Hard drive Protections https://www.blackhat.com/docs/us-16/materials/us-16-OFlynn-Brute-Forcing-Lockdown-Harddrive-PIN-Codes.pdf What is Using Your Webcam http://www.welivesecurity.com/2016/08/04/afraid-someone-misusing-webcam/
ISC StormCast for Monday, August 8th 2016
Analyzing Malicious RTF Files https://isc.sans.edu/forums/diary/rtfdump/21347/ Monitors Vulnerable To Remote Code Execution http://motherboard.vice.com/read/hackers-could-break-into-your-monitor-to-spy-on-you-and-manipulate-your-pixels Brute Forcing Encrypted Hard drive Protections https://www.blackhat.com/docs/us-16/materials/us-16-OFlynn-Brute-Forcing-Lockdown-Harddrive-PIN-Codes.pdf What is Using Your Webcam http://www.welivesecurity.com/2016/08/04/afraid-someone-misusing-webcam/
ISC StormCast for Friday, August 5th 2016
Surge in Scans for Netis Router https://isc.sans.edu/forums/diary/Surge+in+Exploit+Attempts+for+Netis+Router+Backdoor+UDP53413/21337/ iPhone Thieves Use Targeted Phishing https://hackernoon.com/this-is-what-apple-should-tell-you-when-you-lose-your-iphone-8f07cf73cf82#.spgmbaejk NUUO/ReadyNAS Video Recorder Vulnerabilities https://raw.githubusercontent.com/pedrib/PoC/master/advisories/nuuo-nvr-vulns.txt mixed-blend-mode Browser History Leak https://lcamtuf.blogspot.com/2016/08/css-mix-blend-mode-is-bad-for-keeping.html