A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Thursday, January 12th 2017
Hancitor/Pny/Vawtrak installed by Malicious Word Document in Fake Parking Ticket E-Mail https://isc.sans.edu/forums/diary/HancitorPonyVawtrak+malspam/21919/ Godaddy Revokes > 6,000 SSL Certs After Validation Bug https://www.godaddy.com/garage/godaddy/information-about-ssl-bug/ DVR Master Password List Leaked https://www.pentestpartners.com/blog/leaked-dvr-creds-added-to-the-iot-fail-list/ Autofill Enables Information Leakage https://github.com/anttiviljami/browser-autofill-phishing
ISC StormCast for Wednesday, January 11th 2017
Microsoft Patch Tuesday Summary https://isc.sans.edu/forums/diary/January+2017+Microsoft+Patch+Tuesday/21915/ Adobe Patch Tuesday Summary https://isc.sans.edu/forums/diary/Adobe+January+2017+Patches/21917/ Port 37777 "MapTable" Requests https://isc.sans.edu/forums/diary/Port+37777+MapTable+Requests/21913/ CVE 2016-7200/7201 Exploit Included in Sundown Exploit Kit http://malware.dontneedcoffee.com/2017/01/CVE-2016-7200-7201.html
ISC StormCast for Wednesday, January 11th 2017
Microsoft Patch Tuesday Summary https://isc.sans.edu/forums/diary/January+2017+Microsoft+Patch+Tuesday/21915/ Adobe Patch Tuesday Summary https://isc.sans.edu/forums/diary/Adobe+January+2017+Patches/21917/ Port 37777 "MapTable" Requests https://isc.sans.edu/forums/diary/Port+37777+MapTable+Requests/21913/ CVE 2016-7200/7201 Exploit Included in Sundown Exploit Kit http://malware.dontneedcoffee.com/2017/01/CVE-2016-7200-7201.html
ISC StormCast for Tuesday, January 10th 2017
Damn Vulnerable Web Sockets (DVWS) Demonstrates WebSocket Vulnerabilities https://github.com/interference-security/DVWS St. Jude Medical Patches Vulnerable Cardiac Devices https://threatpost.com/st-jude-medical-patches-vulnerable-cardiac-devices/122955/ Cracking Hashes of Passwords 12 Characters and Longer http://www.netmux.com/blog/cracking-12-character-above-passwords VNC Library Update https://www.debian.org/security/2017/dsa-3753
ISC StormCast for Tuesday, January 10th 2017
Damn Vulnerable Web Sockets (DVWS) Demonstrates WebSocket Vulnerabilities https://github.com/interference-security/DVWS St. Jude Medical Patches Vulnerable Cardiac Devices https://threatpost.com/st-jude-medical-patches-vulnerable-cardiac-devices/122955/ Cracking Hashes of Passwords 12 Characters and Longer http://www.netmux.com/blog/cracking-12-character-above-passwords VNC Library Update https://www.debian.org/security/2017/dsa-3753
ISC StormCast for Monday, January 9th 2017
Careful With Security Tools That Submit Files to Virustotal https://isc.sans.edu/forums/diary/Great+Misadventures+of+Security+Vendors+Absurd+Sandboxing+Edition/21895/ Vulnerable Security Tools Can Be Used Against You https://isc.sans.edu/forums/diary/Using+Security+Tools+to+Compromize+a+Network/21903/ Elaborate Ransomware Attacks http://www.actionfraud.police.uk/news/department-of-education-ransomware-alert-jan17 E-Mail and iTunes Popup Extortion https://blog.malwarebytes.com/101/mac-the-basics/2017/01/tech-support-scam-page-attempts-denial-of-service-via-mail-app/
ISC StormCast for Monday, January 9th 2017
Careful With Security Tools That Submit Files to Virustotal https://isc.sans.edu/forums/diary/Great+Misadventures+of+Security+Vendors+Absurd+Sandboxing+Edition/21895/ Vulnerable Security Tools Can Be Used Against You https://isc.sans.edu/forums/diary/Using+Security+Tools+to+Compromize+a+Network/21903/ Elaborate Ransomware Attacks http://www.actionfraud.police.uk/news/department-of-education-ransomware-alert-jan17 E-Mail and iTunes Popup Extortion https://blog.malwarebytes.com/101/mac-the-basics/2017/01/tech-support-scam-page-attempts-denial-of-service-via-mail-app/
ISC StormCast for Friday, January 6th 2017
Google.com.br DNS Hijack https://www.linkedin.com/pulse/googlecombr-hacked-renato-marinho Attackers Use Stolen Passwords To Take Over Spreadshirt.com Accounts. https://www.heise.de/security/meldung/Angriff-auf-Spreadshirt-Konten-3589579.html (sorry, only in German) Ransomware Adding DDoS Component https://www.bleepingcomputer.com/news/security/firecrypt-ransomware-comes-with-a-ddos-component/ Old Malware Returning in Targeted Attacks https://blogs.forcepoint.com/security-labs/mm-core-memory-backdoor-returns-bigboss-and-sillygoose
ISC StormCast for Friday, January 6th 2017
Google.com.br DNS Hijack https://www.linkedin.com/pulse/googlecombr-hacked-renato-marinho Attackers Use Stolen Passwords To Take Over Spreadshirt.com Accounts. https://www.heise.de/security/meldung/Angriff-auf-Spreadshirt-Konten-3589579.html (sorry, only in German) Ransomware Adding DDoS Component https://www.bleepingcomputer.com/news/security/firecrypt-ransomware-comes-with-a-ddos-component/ Old Malware Returning in Targeted Attacks https://blogs.forcepoint.com/security-labs/mm-core-memory-backdoor-returns-bigboss-and-sillygoose
ISC StormCast for Thursday, January 5th 2017
GRE Packets May Be Related To Linux Kernel Bug http://www.openwall.com/lists/oss-security/2016/10/13/11 Insecure MongoDB Instances Hit By Fake Ransomware https://twitter.com/0xDUDE Android Security Update https://source.android.com/security/bulletin/2017-01-01.html Identifying WordPress Websites on Local Networks https://www.netsparker.com/blog/web-security/bruteforce-wordpress-local-networks-xshm-attack/
ISC StormCast for Thursday, January 5th 2017
GRE Packets May Be Related To Linux Kernel Bug http://www.openwall.com/lists/oss-security/2016/10/13/11 Insecure MongoDB Instances Hit By Fake Ransomware https://twitter.com/0xDUDE Android Security Update https://source.android.com/security/bulletin/2017-01-01.html Identifying WordPress Websites on Local Networks https://www.netsparker.com/blog/web-security/bruteforce-wordpress-local-networks-xshm-attack/
ISC StormCast for Wednesday, January 4th 2017
Removing "Ransom Ware" From Android Based LG TVs https://www.youtube.com/watch?v=0WZ4uLFTHEE libpng Patches 30 Year Old Bug http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.567619 Kaspersky Antivirus SSL Interception Vulnerability https://bugs.chromium.org/p/project-zero/issues/detail?id=978 Thunderbird Update Fixes Critical Vulnerability https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/
ISC StormCast for Wednesday, January 4th 2017
Removing "Ransom Ware" From Android Based LG TVs https://www.youtube.com/watch?v=0WZ4uLFTHEE libpng Patches 30 Year Old Bug http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.567619 Kaspersky Antivirus SSL Interception Vulnerability https://bugs.chromium.org/p/project-zero/issues/detail?id=978 Thunderbird Update Fixes Critical Vulnerability https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/
ISC StormCast for Tuesday, January 3rd 2017
AT&T 2G Network Shutdown https://www.att.com/esupport/article.html#!/wireless/KM1084805 Leap Second https://blog.cloudflare.com/how-and-why-the-leap-second-affected-cloudflare-dns/ Thunderbird Patch https://www.heise.de/security/meldung/Thunderbird-Mozilla-schliesst-mit-Sicherheitsupdate-kritische-Luecken-3583472.html iMessage Crash https://vincedes3.com/crash-message-app-iphone/ Truffle Hog https://github.com/dxa4481/truffleHog
ISC StormCast for Tuesday, January 3rd 2017
AT&T 2G Network Shutdown https://www.att.com/esupport/article.html#!/wireless/KM1084805 Leap Second https://blog.cloudflare.com/how-and-why-the-leap-second-affected-cloudflare-dns/ Thunderbird Patch https://www.heise.de/security/meldung/Thunderbird-Mozilla-schliesst-mit-Sicherheitsupdate-kritische-Luecken-3583472.html iMessage Crash https://vincedes3.com/crash-message-app-iphone/ Truffle Hog https://github.com/dxa4481/truffleHog