A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Thursday, February 15th, 2024
Guest Diary: Learning by Doing An Interative Adventure in Troubleshooting https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Learning%20by%20doing%3A%20Iterative%20adventures%20in%20troubleshooting/30648 Snap Trap: The Hidden Dangers within Ubuntu's Package Suggestion System https://www.aquasec.com/blog/snap-trap-the-hidden-dangers-within-ubuntus-package-suggestion-system/ The Risks of the Monikerlink Bug in Microsoft Outlook https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html AMD Patches https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7009.html
ISC StormCast for Thursday, February 15th, 2024
Guest Diary: Learning by Doing An Interative Adventure in Troubleshooting https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Learning%20by%20doing%3A%20Iterative%20adventures%20in%20troubleshooting/30648 Snap Trap: The Hidden Dangers within Ubuntu's Package Suggestion System https://www.aquasec.com/blog/snap-trap-the-hidden-dangers-within-ubuntus-package-suggestion-system/ The Risks of the Monikerlink Bug in Microsoft Outlook https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html AMD Patches https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7009.html
ISC StormCast for Wednesday, February 14th, 2024
Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20February%202024%20Patch%20Tuesday/30646 DNSSEC DoS Vulnerability CVE-2023-50387 https://www.presseportal.de/pm/173495/5713546 Zoom Desktop Client Vuln https://www.zoom.com/en/trust/security-bulletin QNAP Vulnerablity https://www.qnap.com/de-de/security-advisory/qsa-23-57 https://unit42.paloaltonetworks.com/qnap-qts-firmware-cve-2023-50358/
ISC StormCast for Wednesday, February 14th, 2024
Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20February%202024%20Patch%20Tuesday/30646 DNSSEC DoS Vulnerability CVE-2023-50387 https://www.presseportal.de/pm/173495/5713546 Zoom Desktop Client Vuln https://www.zoom.com/en/trust/security-bulletin QNAP Vulnerablity https://www.qnap.com/de-de/security-advisory/qsa-23-57 https://unit42.paloaltonetworks.com/qnap-qts-firmware-cve-2023-50358/
ISC StormCast for Tuesday, February 13th, 2024
Exploit Against Unnamed BYTEVALUE Router Vulnerablity Included in Mirai https://isc.sans.edu/diary/Exploit%20against%20Unnamed%20%22Bytevalue%22%20router%20vulnerability%20included%20in%20Mirai%20Bot/30642 Senior Executives Targeted in Ongoing Azure Account Takeover https://www.darkreading.com/cloud-security/senior-executives-targeted-ongoing-azure-account-takeover CISA Parners With OpenSSF To Secure Software Repositories https://www.cisa.gov/news-events/alerts/2024/02/08/cisa-partners-openssf-securing-software-repositories-working-group-release-principles-package PostgreSQL Vulnerability https://www.postgresql.org/support/security/CVE-2024-0985/ Microsoft Defender Bypass via Comma https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART2.txt
ISC StormCast for Tuesday, February 13th, 2024
Exploit Against Unnamed BYTEVALUE Router Vulnerablity Included in Mirai https://isc.sans.edu/diary/Exploit%20against%20Unnamed%20%22Bytevalue%22%20router%20vulnerability%20included%20in%20Mirai%20Bot/30642 Senior Executives Targeted in Ongoing Azure Account Takeover https://www.darkreading.com/cloud-security/senior-executives-targeted-ongoing-azure-account-takeover CISA Parners With OpenSSF To Secure Software Repositories https://www.cisa.gov/news-events/alerts/2024/02/08/cisa-partners-openssf-securing-software-repositories-working-group-release-principles-package PostgreSQL Vulnerability https://www.postgresql.org/support/security/CVE-2024-0985/ Microsoft Defender Bypass via Comma https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART2.txt
ISC StormCast for Monday, February 12th, 2024
MSIX With Heaviliy Obfuscated PowerShell Script https://isc.sans.edu/diary/MSIX%20With%20Heavily%20Obfuscated%20PowerShell%20Script/30636 Too Many Honeypots https://vulncheck.com/blog/too-many-honeypots ClamAV Command Injection Vulnerability CVE-2024-20328 https://amitschendel.github.io/vulnerabilites/CVE-2024-20328/ ExpressVPN DNS Leaks https://www.expressvpn.com/blog/windows-app-dns-requests/
ISC StormCast for Monday, February 12th, 2024
MSIX With Heaviliy Obfuscated PowerShell Script https://isc.sans.edu/diary/MSIX%20With%20Heavily%20Obfuscated%20PowerShell%20Script/30636 Too Many Honeypots https://vulncheck.com/blog/too-many-honeypots ClamAV Command Injection Vulnerability CVE-2024-20328 https://amitschendel.github.io/vulnerabilites/CVE-2024-20328/ ExpressVPN DNS Leaks https://www.expressvpn.com/blog/windows-app-dns-requests/
ISC StormCast for Friday, February 9th, 2024
A Python MP3 Player With Builtin Keylogger Capability https://isc.sans.edu/diary/A%20Python%20MP3%20Player%20with%20Builtin%20Keylogger%20Capability/30632 Fake LastPass App in Apple App Store https://blog.lastpass.com/2024/02/warning-fraudulent-app-impersonating-lastpass-currently-available-in-apple-app-store/ Ivanti XXE Vulnerability https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure FortiOS sslvpnd vulnerability https://www.fortiguard.com/psirt/FG-IR-24-015
ISC StormCast for Friday, February 9th, 2024
A Python MP3 Player With Builtin Keylogger Capability https://isc.sans.edu/diary/A%20Python%20MP3%20Player%20with%20Builtin%20Keylogger%20Capability/30632 Fake LastPass App in Apple App Store https://blog.lastpass.com/2024/02/warning-fraudulent-app-impersonating-lastpass-currently-available-in-apple-app-store/ Ivanti XXE Vulnerability https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure FortiOS sslvpnd vulnerability https://www.fortiguard.com/psirt/FG-IR-24-015
ISC StormCast for Thursday, February 8th, 2024
Anybody knows what this URL is about? Maybe Balena API request? https://isc.sans.edu/forums/diary/Anybody%20knows%20that%20this%20URL%20is%20about%3F%20Maybe%20Balena%20API%20request%3F/30628/ Critical shim vulnerability and patch https://github.com/rhboot/shim/releases/tag/15.8 Volt Typhoon Lessons Learned https://www.cisa.gov/resources-tools/resources/identifying-and-mitigating-living-land-techniques
ISC StormCast for Thursday, February 8th, 2024
Anybody knows what this URL is about? Maybe Balena API request? https://isc.sans.edu/forums/diary/Anybody%20knows%20that%20this%20URL%20is%20about%3F%20Maybe%20Balena%20API%20request%3F/30628/ Critical shim vulnerability and patch https://github.com/rhboot/shim/releases/tag/15.8 Volt Typhoon Lessons Learned https://www.cisa.gov/resources-tools/resources/identifying-and-mitigating-living-land-techniques
ISC StormCast for Wednesday, February 7th, 2024
Computer viruses are celebrating their 40th birthday (well, 54th, really) https://isc.sans.edu/diary/Computer%20viruses%20are%20celebrating%20their%2040th%20birthday%20%28well%2C%2054th%2C%20really%29/30624 Three million malware-infected smart toothbrushes used in Swiss DDoS attacks https://www.tomshardware.com/networking/three-million-malware-infected-smart-toothbrushes-used-in-swiss-ddos-attacks-botnet-causes-millions-of-euros-in-damages Critical Security Issue Affecting TeamCity On-Premises CVE-2024-23917 https://blog.jetbrains.com/teamcity/2024/02/critical-security-issue-affecting-teamcity-on-premises-cve-2024-23917/ Resume Looters https://www.group-ib.com/blog/resumelooters/ Facebook Advertising Spreads Novel Malware Variant https://www.trustwave.com/hubfs/Web/Library/Documents_pdf/FaceBook_Ad_Spreads_Novel_Malware.pdf
ISC StormCast for Wednesday, February 7th, 2024
Computer viruses are celebrating their 40th birthday (well, 54th, really) https://isc.sans.edu/diary/Computer%20viruses%20are%20celebrating%20their%2040th%20birthday%20%28well%2C%2054th%2C%20really%29/30624 Three million malware-infected smart toothbrushes used in Swiss DDoS attacks https://www.tomshardware.com/networking/three-million-malware-infected-smart-toothbrushes-used-in-swiss-ddos-attacks-botnet-causes-millions-of-euros-in-damages Critical Security Issue Affecting TeamCity On-Premises CVE-2024-23917 https://blog.jetbrains.com/teamcity/2024/02/critical-security-issue-affecting-teamcity-on-premises-cve-2024-23917/ Resume Looters https://www.group-ib.com/blog/resumelooters/ Facebook Advertising Spreads Novel Malware Variant https://www.trustwave.com/hubfs/Web/Library/Documents_pdf/FaceBook_Ad_Spreads_Novel_Malware.pdf
ISC StormCast for Tuesday, February 6th, 2024
Public Information and Email Spam https://isc.sans.edu/diary/Public+Information+and+Email+Spam/30620/ Anydesk Update https://www.bleepingcomputer.com/news/security/anydesk-says-hackers-breached-its-production-servers-reset-passwords/ https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2024/2024-213655-1032.pdf Ivanti POC For CVE-2024-21893 https://attackerkb.com/topics/FGlK1TVnB2/cve-2024-21893/rapid7-analysis Deepfake Exploits https://www.scmp.com/news/hong-kong/law-and-crime/article/3250851/everyone-looked-real-multinational-firms-hong-kong-office-loses-hk200-million-after-scammers-stage https://www.404media.co/inside-the-underground-site-where-ai-neural-networks-churns-out-fake-ids-onlyfake/