A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Tuesday, May 21st, 2024
Analyzing MSG Files https://isc.sans.edu/diary/Analyzing%20MSG%20Files/30940 Linguistic Lumberjack: Fluent Bit Vulnerability CVE-2024-4323 https://www.tenable.com/blog/linguistic-lumberjack-attacking-cloud-services-via-logging-endpoints-fluent-bit-cve-2024-4323 Fortinet FortiSIEM Command Injection Deep-Dive CVE-2023-23992 https://www.horizon3.ai/attack-research/cve-2023-34992-fortinet-fortisiem-command-injection-deep-dive/ Git Vulnerability CVE-2024-32002 PoC https://amalmurali.me/posts/git-rce/ Google Chrome CVE-2024-4947 PoC https://buptsb.github.io/blog/post/CVE-2024-4947-%20v8%20incorrect%20AccessInfo%20for%20module%20namespace%20object%20causes%20Maglev%20type%20confusion.html
ISC StormCast for Monday, May 20th, 2024
Another PDF Streams Example: Extracting JPEGs https://isc.sans.edu/diary/Another%20PDF%20Streams%20Example%3A%20Extracting%20JPEGs/30924 QNAP QTS QNAPping At the Wheel https://labs.watchtowr.com/qnap-qts-qnapping-at-the-wheel-cve-2024-27130-and-friends/ May 2024 Security Update Problems with Windows 2019 https://learn.microsoft.com/en-us/windows/release-health/status-windows-10-1809-and-windows-server-2019#3299msgdesc Dlink Vulnerabilities Exploited https://www.cisa.gov/news-events/alerts/2024/05/16/cisa-adds-three-known-exploited-vulnerabilities-catalog Ivanti PoC Exploit CVE 2024-22026 https://www.redlinecybersecurity.com/blog/exploiting-cve-2024-22026-rooting-ivanti-epmm-mobileiron-core
ISC StormCast for Monday, May 20th, 2024
Another PDF Streams Example: Extracting JPEGs https://isc.sans.edu/diary/Another%20PDF%20Streams%20Example%3A%20Extracting%20JPEGs/30924 QNAP QTS QNAPping At the Wheel https://labs.watchtowr.com/qnap-qts-qnapping-at-the-wheel-cve-2024-27130-and-friends/ May 2024 Security Update Problems with Windows 2019 https://learn.microsoft.com/en-us/windows/release-health/status-windows-10-1809-and-windows-server-2019#3299msgdesc Dlink Vulnerabilities Exploited https://www.cisa.gov/news-events/alerts/2024/05/16/cisa-adds-three-known-exploited-vulnerabilities-catalog Ivanti PoC Exploit CVE 2024-22026 https://www.redlinecybersecurity.com/blog/exploiting-cve-2024-22026-rooting-ivanti-epmm-mobileiron-core
ISC StormCast for Friday, May 17th, 2024
Why yq? Adventurs in XML https://isc.sans.edu/diary/Why%20yq%3F%20%20Adventures%20in%20XML/30930 Black Basta Uses Quick Assist https://www.microsoft.com/en-us/security/blog/2024/05/15/threat-actors-misusing-quick-assist-in-social-engineering-attacks-leading-to-ransomware/ Various Chrome 0-Day Vulnerabilities https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html Android Theft Protection Improvement https://blog.google/products/android/android-theft-protection/ Critical Git Update https://github.blog/2024-05-14-securing-git-addressing-5-new-vulnerabilities/
ISC StormCast for Friday, May 17th, 2024
Why yq? Adventurs in XML https://isc.sans.edu/diary/Why%20yq%3F%20%20Adventures%20in%20XML/30930 Black Basta Uses Quick Assist https://www.microsoft.com/en-us/security/blog/2024/05/15/threat-actors-misusing-quick-assist-in-social-engineering-attacks-leading-to-ransomware/ Various Chrome 0-Day Vulnerabilities https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html Android Theft Protection Improvement https://blog.google/products/android/android-theft-protection/ Critical Git Update https://github.blog/2024-05-14-securing-git-addressing-5-new-vulnerabilities/
ISC StormCast for Thursday, May 16th, 2024
Got MFA? If not, now is the time! https://isc.sans.edu/diary/Got%20MFA%3F%20%20If%20not%2C%20Now%20is%20the%20Time!/30926 SSID Confusion: Making Wi-Fi Clients Connect to the Wrong Network CVE-2023-52424 https://www.top10vpn.com/assets/2024/05/Top10VPN-x-Vanhoef-SSID-Confusion.pdf FIDO2 MitM Session Hijacking https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/?web_view=true#but-first-some-background
ISC StormCast for Thursday, May 16th, 2024
Got MFA? If not, now is the time! https://isc.sans.edu/diary/Got%20MFA%3F%20%20If%20not%2C%20Now%20is%20the%20Time!/30926 SSID Confusion: Making Wi-Fi Clients Connect to the Wrong Network CVE-2023-52424 https://www.top10vpn.com/assets/2024/05/Top10VPN-x-Vanhoef-SSID-Confusion.pdf FIDO2 MitM Session Hijacking https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/?web_view=true#but-first-some-background
ISC StormCast for Wednesday, May 15th, 2024
Microsoft Patches https://isc.sans.edu/diary/Microsoft%20May%202024%20Patch%20Tuesday/30920 Detecting Bluetooth Trackers https://security.googleblog.com/2024/05/google-and-apple-deliver-support-for.html Adobe Patches https://helpx.adobe.com/security/products/acrobat/apsb24-29.html VMWare Updates https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 Revoking Vulnerability Windows Boot Managers https://techcommunity.microsoft.com/t5/windows-it-pro-blog/revoking-vulnerable-windows-boot-managers/ba-p/4121735
ISC StormCast for Wednesday, May 15th, 2024
Microsoft Patches https://isc.sans.edu/diary/Microsoft%20May%202024%20Patch%20Tuesday/30920 Detecting Bluetooth Trackers https://security.googleblog.com/2024/05/google-and-apple-deliver-support-for.html Adobe Patches https://helpx.adobe.com/security/products/acrobat/apsb24-29.html VMWare Updates https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 Revoking Vulnerability Windows Boot Managers https://techcommunity.microsoft.com/t5/windows-it-pro-blog/revoking-vulnerable-windows-boot-managers/ba-p/4121735
ISC StormCast for Tuesday, May 14th, 2024
Apple Updates Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20macOS%2C%20iOS%2C%20iPadOS%2C%20watchOS%2C%20tvOS%20updated./30916 Juniper OpenSSH Update https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH?language=en_US Malicious Go Binary Delivered via Steganography in PyPi https://blog.phylum.io/malicious-go-binary-delivered-via-steganography-in-pypi/
ISC StormCast for Tuesday, May 14th, 2024
Apple Updates Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20macOS%2C%20iOS%2C%20iPadOS%2C%20watchOS%2C%20tvOS%20updated./30916 Juniper OpenSSH Update https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH?language=en_US Malicious Go Binary Delivered via Steganography in PyPi https://blog.phylum.io/malicious-go-binary-delivered-via-steganography-in-pypi/
ISC StormCast for Monday, May 13th, 2024
DNS Suffixes on Windows https://isc.sans.edu/diary/DNS%20Suffixes%20on%20Windows/30912 Black Basta Ransomware Advisory https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-131a Possible Exploitation of Arcserve Unified Data Protection Vuln https://digital.nhs.uk/cyber-alerts/2024/cc-4487 Chrome Patches 0-Day https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html Solarwinds ARM Vulnerablities https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-4_release_notes.htm
ISC StormCast for Monday, May 13th, 2024
DNS Suffixes on Windows https://isc.sans.edu/diary/DNS%20Suffixes%20on%20Windows/30912 Black Basta Ransomware Advisory https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-131a Possible Exploitation of Arcserve Unified Data Protection Vuln https://digital.nhs.uk/cyber-alerts/2024/cc-4487 Chrome Patches 0-Day https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html Solarwinds ARM Vulnerablities https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-4_release_notes.htm
ISC StormCast for Friday, May 10th, 2024
Analyzing PDF Streams https://isc.sans.edu/diary/Analyzing%20PDF%20Streams/30908 F5 Next Central Manager Vulnerabilities https://eclypsium.com/blog/big-vulnerabilities-in-next-gen-big-ip/ Veeam Patches https://www.veeam.com/kb4441 https://www.veeam.com/kb4509 Citrix Hypervisor Security Update CVE-2024-31497 https://support.citrix.com/article/CTX633416/citrix-hypervisor-security-update-for-cve202431497
ISC StormCast for Friday, May 10th, 2024
Analyzing PDF Streams https://isc.sans.edu/diary/Analyzing%20PDF%20Streams/30908 F5 Next Central Manager Vulnerabilities https://eclypsium.com/blog/big-vulnerabilities-in-next-gen-big-ip/ Veeam Patches https://www.veeam.com/kb4441 https://www.veeam.com/kb4509 Citrix Hypervisor Security Update CVE-2024-31497 https://support.citrix.com/article/CTX633416/citrix-hypervisor-security-update-for-cve202431497