A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Friday, August 5th 2016
Surge in Scans for Netis Router https://isc.sans.edu/forums/diary/Surge+in+Exploit+Attempts+for+Netis+Router+Backdoor+UDP53413/21337/ iPhone Thieves Use Targeted Phishing https://hackernoon.com/this-is-what-apple-should-tell-you-when-you-lose-your-iphone-8f07cf73cf82#.spgmbaejk NUUO/ReadyNAS Video Recorder Vulnerabilities https://raw.githubusercontent.com/pedrib/PoC/master/advisories/nuuo-nvr-vulns.txt mixed-blend-mode Browser History Leak https://lcamtuf.blogspot.com/2016/08/css-mix-blend-mode-is-bad-for-keeping.html
ISC StormCast for Thursday, August 4th 2016
The Dark Side of Certificate Transparency https://isc.sans.edu/forums/diary/The+Dark+Side+of+Certificate+Transparency/21329/ Ouch Security Awareness Newsletter https://securingthehuman.sans.org/resources/newsletters/ouch/2016 HTTP/2 Vulnerabilities http://www.imperva.com/docs/Imperva_HII_HTTP2.pdf
ISC StormCast for Thursday, August 4th 2016
The Dark Side of Certificate Transparency https://isc.sans.edu/forums/diary/The+Dark+Side+of+Certificate+Transparency/21329/ Ouch Security Awareness Newsletter https://securingthehuman.sans.org/resources/newsletters/ouch/2016 HTTP/2 Vulnerabilities http://www.imperva.com/docs/Imperva_HII_HTTP2.pdf
ISC StormCast for Wednesday, August 3rd 2016
Windows 10 Aniversary Update Feedback https://kc.mcafee.com/corporate/index?page=content&id=KB87536 Android Updates https://source.android.com/security/bulletin/2016-08-01.html Unlocking Murder Victim Phone With Printed Fingerprint http://msutoday.msu.edu/news/2016/accessing-a-murder-victims-smartphone-to-help-solve-a-crime/ signout.live.com remote code execution vulnerability http://www.kernelpicnic.net/2016/07/24/Microsoft-signout.live.com-Remote-Code-Execution-Write-Up.html Edge/IE Still Leak NTLM Credentials (since 1997!) hxxp://witch.valdikss.org.ru (careful: test site will try to grab credentials)
ISC StormCast for Wednesday, August 3rd 2016
Windows 10 Aniversary Update Feedback https://kc.mcafee.com/corporate/index?page=content&id=KB87536 Android Updates https://source.android.com/security/bulletin/2016-08-01.html Unlocking Murder Victim Phone With Printed Fingerprint http://msutoday.msu.edu/news/2016/accessing-a-murder-victims-smartphone-to-help-solve-a-crime/ signout.live.com remote code execution vulnerability http://www.kernelpicnic.net/2016/07/24/Microsoft-signout.live.com-Remote-Code-Execution-Write-Up.html Edge/IE Still Leak NTLM Credentials (since 1997!) hxxp://witch.valdikss.org.ru (careful: test site will try to grab credentials)
ISC StormCast for Tuesday, August 2nd 2016
Are You Getting I-CANNED? https://isc.sans.edu/forums/diary/Are+you+getting+ICANNED/21323/ Windows 10 Anniversary Edition https://blogs.windows.com/windowsexperience/2016/06/29/windows-10-anniversary-update-available-august-2/ Pangu Jailbreak Leading To Compromised Accounts? https://www.reddit.com/r/jailbreak/comments/4v9cju/discussion_is_pangus_jailbreak_safe_an_hour_after/ https://twitter.com/PanguTeam/status/759729314577342468 SANS Boston "Security Impact of IPv6" https://www.sans.org/event/boston-2016/bonus-sessions/9392/#bonus-box
ISC StormCast for Tuesday, August 2nd 2016
Are You Getting I-CANNED? https://isc.sans.edu/forums/diary/Are+you+getting+ICANNED/21323/ Windows 10 Anniversary Edition https://blogs.windows.com/windowsexperience/2016/06/29/windows-10-anniversary-update-available-august-2/ Pangu Jailbreak Leading To Compromised Accounts? https://www.reddit.com/r/jailbreak/comments/4v9cju/discussion_is_pangus_jailbreak_safe_an_hour_after/ https://twitter.com/PanguTeam/status/759729314577342468 SANS Boston "Security Impact of IPv6" https://www.sans.org/event/boston-2016/bonus-sessions/9392/#bonus-box
ISC StormCast for Monday, August 1st 2016
rtfobj Update https://isc.sans.edu/forums/diary/rtfobj/21317/ Comodo SSL Certificates Mixup https://thehackerblog.com/keeping-positive-obtaining-arbitrary-wildcard-ssl-certificates-from-comodo-via-dangling-markup-injection/index.html SwiftKey Keyboard May Leak Private Data to Other Users https://blog.swiftkey.com/important-information-relating-to-the-status-of-our-sync-services/ New Version of OPNSense Released https://forum.opnsense.org/index.php?topic=3428.0 WhatsApp Does Not Delete All Chats http://www.zdziarski.com/blog/?p=6143
ISC StormCast for Monday, August 1st 2016
rtfobj Update https://isc.sans.edu/forums/diary/rtfobj/21317/ Comodo SSL Certificates Mixup https://thehackerblog.com/keeping-positive-obtaining-arbitrary-wildcard-ssl-certificates-from-comodo-via-dangling-markup-injection/index.html SwiftKey Keyboard May Leak Private Data to Other Users https://blog.swiftkey.com/important-information-relating-to-the-status-of-our-sync-services/ New Version of OPNSense Released https://forum.opnsense.org/index.php?topic=3428.0 WhatsApp Does Not Delete All Chats http://www.zdziarski.com/blog/?p=6143
ISC StormCast for Friday, July 29th 2016
Verifying SSL/TLS Certificates Manually https://isc.sans.edu/forums/diary/Verifying+SSLTLS+certificates+manually/21311/ LastPass Security Updates https://blog.lastpass.com/2016/07/lastpass-security-updates.html/ Android Linux Kernel Defenses https://security.googleblog.com/2016/07/protecting-android-with-more-linux.html Update to ISC Suspicious Domain List https://isc.sans.edu/suspicious_domains.html
ISC StormCast for Friday, July 29th 2016
Verifying SSL/TLS Certificates Manually https://isc.sans.edu/forums/diary/Verifying+SSLTLS+certificates+manually/21311/ LastPass Security Updates https://blog.lastpass.com/2016/07/lastpass-security-updates.html/ Android Linux Kernel Defenses https://security.googleblog.com/2016/07/protecting-android-with-more-linux.html Update to ISC Suspicious Domain List https://isc.sans.edu/suspicious_domains.html
ISC StormCast for Thursday, July 28th 2016
Linux Bot Analysis https://isc.sans.edu/forums/diary/Analyze+of+a+Linux+botnet+client+source+code/21305/ Critical XEN PV Guests Vulnerability https://isc.sans.edu/forums/diary/Critical+Xen+PV+guests+vulnerabilities/21307/ LastPass Vulnerability https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-your-passwords/ Chimera Ransomware Keys Leaked https://blog.malwarebytes.com/cybercrime/2016/07/keys-to-chimera-ransomware-leaked/ Fiat/Chrysler Software Recall http://www.thecarconnection.com/news/1105198_2015-chrysler-200-jeep-renegade-2014-2015-jeep-cherokee-recalled-410000-vehicles-affected?preview=true Defending Web Applications Security Essentials (DEV522) in Vegas! https://www.sans.org/event/network-security-2016/course/defending-web-applications-security-essentials
ISC StormCast for Thursday, July 28th 2016
Linux Bot Analysis https://isc.sans.edu/forums/diary/Analyze+of+a+Linux+botnet+client+source+code/21305/ Critical XEN PV Guests Vulnerability https://isc.sans.edu/forums/diary/Critical+Xen+PV+guests+vulnerabilities/21307/ LastPass Vulnerability https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-your-passwords/ Chimera Ransomware Keys Leaked https://blog.malwarebytes.com/cybercrime/2016/07/keys-to-chimera-ransomware-leaked/ Fiat/Chrysler Software Recall http://www.thecarconnection.com/news/1105198_2015-chrysler-200-jeep-renegade-2014-2015-jeep-cherokee-recalled-410000-vehicles-affected?preview=true Defending Web Applications Security Essentials (DEV522) in Vegas! https://www.sans.org/event/network-security-2016/course/defending-web-applications-security-essentials
ISC StormCast for Wednesday, July 27th 2016
DNS Cmd and Ctrl via AAAA Records https://isc.sans.edu/forums/diary/Command+and+Control+Channels+Using+AAAA+DNS+Records/21301/ Microsoft Authenticator https://blogs.technet.microsoft.com/enterprisemobility/2016/07/25/microsoft-authenticator-coming-august-15th/ WPAD May Leak HTTPS URLs http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-crypto-works-on-macs-windows-and-linux/ HOnions: Tor Servers To Discover Snooping Tor Nodes https://regmedia.co.uk/2016/07/25/10_honions-sanatinia.pdf
ISC StormCast for Wednesday, July 27th 2016
DNS Cmd and Ctrl via AAAA Records https://isc.sans.edu/forums/diary/Command+and+Control+Channels+Using+AAAA+DNS+Records/21301/ Microsoft Authenticator https://blogs.technet.microsoft.com/enterprisemobility/2016/07/25/microsoft-authenticator-coming-august-15th/ WPAD May Leak HTTPS URLs http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-crypto-works-on-macs-windows-and-linux/ HOnions: Tor Servers To Discover Snooping Tor Nodes https://regmedia.co.uk/2016/07/25/10_honions-sanatinia.pdf