A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Tuesday, July 26th 2016
Python Malware - Part 4 https://isc.sans.edu/forums/diary/Python+Malware+Part+4/21297/ Powerware Decrypter https://github.com/pan-unit42/public_tools/blob/master/powerware/powerware_decrypt.py No More Ransomware https://www.nomoreransom.org Pangu iOS 9.3.3 Jailbrake http://en.pangu.io Safe Skies TSA Keys Duplicated http://www.3ders.org/articles/20160725-hackers-create-3d-printed-tsa-safe-skies-master-key-for-luggage-release-blueprints.html
ISC StormCast for Tuesday, July 26th 2016
Python Malware - Part 4 https://isc.sans.edu/forums/diary/Python+Malware+Part+4/21297/ Powerware Decrypter https://github.com/pan-unit42/public_tools/blob/master/powerware/powerware_decrypt.py No More Ransomware https://www.nomoreransom.org Pangu iOS 9.3.3 Jailbrake http://en.pangu.io Safe Skies TSA Keys Duplicated http://www.3ders.org/articles/20160725-hackers-create-3d-printed-tsa-safe-skies-master-key-for-luggage-release-blueprints.html
ISC StormCast for Monday, July 25th 2016
NIST Digital Authentication Guide Preview https://github.com/usnistgov/800-63-3 Powerware Ransomware Spoofing Locky http://researchcenter.paloaltonetworks.com/2016/07/unit42-powerware-ransomware-spoofing-locky-malware-family/ SAP HANA Security Advisory http://www.onapsis.com/research/security-advisories Pokemon Go Forensics https://www.gillware.com/forensics/blog/mobile-forensics/oh-no-pokemon-go-forensic-artifacts
ISC StormCast for Monday, July 25th 2016
NIST Digital Authentication Guide Preview https://github.com/usnistgov/800-63-3 Powerware Ransomware Spoofing Locky http://researchcenter.paloaltonetworks.com/2016/07/unit42-powerware-ransomware-spoofing-locky-malware-family/ SAP HANA Security Advisory http://www.onapsis.com/research/security-advisories Pokemon Go Forensics https://www.gillware.com/forensics/blog/mobile-forensics/oh-no-pokemon-go-forensic-artifacts
ISC StormCast for Friday, July 22nd 2016
A Practice ntds.dit File For Hash Extraction and Password Cracking https://isc.sans.edu/forums/diary/Practice+ntdsdit+File/21287/ Mozilla Further Reducing Flash Content https://blog.mozilla.org/futurereleases/2016/07/20/reducing-adobe-flash-usage-in-firefox/ Little Snitch Update https://www.obdev.at/products/littlesnitch/releasenotes.html PHP 7.0.9 / 5.6.24 Released (fixes httpoxy vulnerability) http://php.net/ChangeLog-7.php#7.0.9 http://www.php.net/ChangeLog-5.php#5.6.24 Google Chrome Update http://googlechromereleases.blogspot.com/search/label/Stable%20updates
ISC StormCast for Friday, July 22nd 2016
A Practice ntds.dit File For Hash Extraction and Password Cracking https://isc.sans.edu/forums/diary/Practice+ntdsdit+File/21287/ Mozilla Further Reducing Flash Content https://blog.mozilla.org/futurereleases/2016/07/20/reducing-adobe-flash-usage-in-firefox/ Little Snitch Update https://www.obdev.at/products/littlesnitch/releasenotes.html PHP 7.0.9 / 5.6.24 Released (fixes httpoxy vulnerability) http://php.net/ChangeLog-7.php#7.0.9 http://www.php.net/ChangeLog-5.php#5.6.24 Google Chrome Update http://googlechromereleases.blogspot.com/search/label/Stable%20updates
ISC StormCast for Thursday, July 21st 2016
Oracle Critical Patch Update http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html DNS Root Key Rotation http://schd.ws/hosted_files/icann562016/60/Matt%20Larson%20ICANN56%20KSK%20roll%20briefing.pdf Anti-Malware Codehooking Vulnerabilities http://breakingmalware.com/vulnerabilities/captain-hook-pirating-avs-bypass-exploit-mitigations/ More Details Regaring Apple's Image I/O Vulnerablity http://www.talosintelligence.com/reports/TALOS-2016-0171/ Hidden Backdoor in Dell Security Software https://www.digitaldefense.com/ddi-six-discoveries/
ISC StormCast for Thursday, July 21st 2016
Oracle Critical Patch Update http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html DNS Root Key Rotation http://schd.ws/hosted_files/icann562016/60/Matt%20Larson%20ICANN56%20KSK%20roll%20briefing.pdf Anti-Malware Codehooking Vulnerabilities http://breakingmalware.com/vulnerabilities/captain-hook-pirating-avs-bypass-exploit-mitigations/ More Details Regaring Apple's Image I/O Vulnerablity http://www.talosintelligence.com/reports/TALOS-2016-0171/ Hidden Backdoor in Dell Security Software https://www.digitaldefense.com/ddi-six-discoveries/
ISC StormCast for Wednesday, July 20th 2016
Objective Systems ASN1C Compiler Creates Vulnerable Code https://github.com/programa-stic/security-advisories/tree/master/ObjSys/CVE-2016-5080 Office Maldoc Analysis https://isc.sans.edu/forums/diary/Office+Maldoc+Lets+Focus+on+the+VBA+Macros+Later/21275/ Defeating GMail's Malicious Macro Signatures https://warroom.securestate.com/bypassing-gmails-malicious-macro-signatures/
ISC StormCast for Wednesday, July 20th 2016
Objective Systems ASN1C Compiler Creates Vulnerable Code https://github.com/programa-stic/security-advisories/tree/master/ObjSys/CVE-2016-5080 Office Maldoc Analysis https://isc.sans.edu/forums/diary/Office+Maldoc+Lets+Focus+on+the+VBA+Macros+Later/21275/ Defeating GMail's Malicious Macro Signatures https://warroom.securestate.com/bypassing-gmails-malicious-macro-signatures/
ISC StormCast for Tuesday, July 19th 2016
httpoxy Vulnerability https://isc.sans.edu/forums/diary/HTTP+Proxy+Header+Vulnerability+httpoxy/21271/ Apple Security Updates https://support.apple.com/en-us/HT201222 Toll Number Calling via Two Factor Authentication https://www.arneswinnen.net/2016/07/how-i-could-steal-money-from-instagram-google-and-microsoft/
ISC StormCast for Tuesday, July 19th 2016
httpoxy Vulnerability https://isc.sans.edu/forums/diary/HTTP+Proxy+Header+Vulnerability+httpoxy/21271/ Apple Security Updates https://support.apple.com/en-us/HT201222 Toll Number Calling via Two Factor Authentication https://www.arneswinnen.net/2016/07/how-i-could-steal-money-from-instagram-google-and-microsoft/
ISC StormCast for Monday, July 18th 2016
More Python Malware Critical Juniper Vulnerability https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10755&actp=search MS16-053 Included in Neutrino Exploit Kit https://www.fireeye.com/blog/threat-research/2016/07/exploit_kits_quickly.html SSH Username Disclosure http://seclists.org/fulldisclosure/2016/Jul/51
ISC StormCast for Monday, July 18th 2016
More Python Malware Critical Juniper Vulnerability https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10755&actp=search MS16-053 Included in Neutrino Exploit Kit https://www.fireeye.com/blog/threat-research/2016/07/exploit_kits_quickly.html SSH Username Disclosure http://seclists.org/fulldisclosure/2016/Jul/51
ISC StormCast for Friday, July 15th 2016
The Power of Web Shells https://isc.sans.edu/forums/diary/The+Power+of+Web+Shells/21257/ Airtel India Intercepting Cloudflare Traffic https://medium.com/@karthikb351/airtel-is-sniffing-and-censoring-cloudflares-traffic-in-india-and-they-don-t-even-know-it-90935f7f6d98#.g78ucnpo6 WordPress SEO Pack Plugin Persistent Cross Site Scripting https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_all_in_one_seo_pack_wordpress_plugin.html Github Releases synsanity SYN Flood Defense http://githubengineering.com/syn-flood-mitigation-with-synsanity/ MS16-094 Prevents Booting Linux On Microsoft Surface http://www.theregister.co.uk/2016/07/15/windows_fix_closes_rt_unlock_loophole/