A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Thursday, January 25th, 2024
How Bad User Interfaces Make Security Tools Harmful https://isc.sans.edu/diary/How%20Bad%20User%20Interfaces%20Make%20Security%20Tools%20Harmful/30586 Sys:All Loophole Alloed Us to Penetrate GKE Clusters in Production https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk-example/ Automotive Pwn2Own https://www.zerodayinitiative.com/blog/2024/1/23/pwn2own-automotive-2024-the-full-schedule Android Keystroke Injection Vulnerability Exploit https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/ CVE-2024-0769 D-Link DIR-859 https://securityonline.info/cve-2024-0769-the-vulnerability-d-link-wont-fix-in-dir-859-router/ SANS.edu Dean's List https://www.sans.edu/students/awards
ISC StormCast for Thursday, January 25th, 2024
How Bad User Interfaces Make Security Tools Harmful https://isc.sans.edu/diary/How%20Bad%20User%20Interfaces%20Make%20Security%20Tools%20Harmful/30586 Sys:All Loophole Alloed Us to Penetrate GKE Clusters in Production https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk-example/ Automotive Pwn2Own https://www.zerodayinitiative.com/blog/2024/1/23/pwn2own-automotive-2024-the-full-schedule Android Keystroke Injection Vulnerability Exploit https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/ CVE-2024-0769 D-Link DIR-859 https://securityonline.info/cve-2024-0769-the-vulnerability-d-link-wont-fix-in-dir-859-router/ SANS.edu Dean's List https://www.sans.edu/students/awards
ISC StormCast for Wednesday, January 24th, 2024
Update on Atlassian Exploit Activity https://isc.sans.edu/forums/diary/Update%20on%20Atlassian%20Exploit%20Activity%20/30582/ POC For Fortra GoAnywhere MFT Authentication Bypass CVE-2024-0204 https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/ Baracuda Web Application Firewall https://campus.barracuda.com/product/webapplicationfirewall/doc/102888530/security-advisory/ GitGot: GitHub leveraged by cybercriminals to store stolen data https://www.reversinglabs.com/blog/gitgot-cybercriminals-using-github-to-store-stolen-data
ISC StormCast for Wednesday, January 24th, 2024
Update on Atlassian Exploit Activity https://isc.sans.edu/forums/diary/Update%20on%20Atlassian%20Exploit%20Activity%20/30582/ POC For Fortra GoAnywhere MFT Authentication Bypass CVE-2024-0204 https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/ Baracuda Web Application Firewall https://campus.barracuda.com/product/webapplicationfirewall/doc/102888530/security-advisory/ GitGot: GitHub leveraged by cybercriminals to store stolen data https://www.reversinglabs.com/blog/gitgot-cybercriminals-using-github-to-store-stolen-data
ISC StormCast for Tuesday, January 23rd, 2024
Apple Updates Everything https://isc.sans.edu/forums/diary/Apple%20Updates%20Everything%20-%20New%200%20Day%20in%20WebKit/30578/ Atlassian Confluence RCE Vulnerability Exploits CVE-2023-22527 https://isc.sans.edu/forums/diary/Scans%20Exploit%20Attempts%20for%20Atlassian%20Confluence%20RCE%20Vulnerability%20CVE-2023-22527/30576/ Updated Ivanti Mitigation Advise https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US Czech Republic Sets IPv6 Shutdown date https://konecipv4.cz/en/
ISC StormCast for Tuesday, January 23rd, 2024
Apple Updates Everything https://isc.sans.edu/forums/diary/Apple%20Updates%20Everything%20-%20New%200%20Day%20in%20WebKit/30578/ Atlassian Confluence RCE Vulnerability Exploits CVE-2023-22527 https://isc.sans.edu/forums/diary/Scans%20Exploit%20Attempts%20for%20Atlassian%20Confluence%20RCE%20Vulnerability%20CVE-2023-22527/30576/ Updated Ivanti Mitigation Advise https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US Czech Republic Sets IPv4 Shutdown date https://konecipv4.cz/en/
ISC StormCast for Monday, January 22nd, 2024
macOS Python Script Replacing Walling Applications with Rogue Apps https://isc.sans.edu/diary/macOS%20Python%20Script%20Replacing%20Wallet%20Applications%20with%20Rogue%20Apps/30572 Microsoft Breach https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/ Juniper Vulnerabilities https://labs.watchtowr.com/the-second-wednesday-of-the-first-month-of-every-quarter-juniper-0day-revisited/ Brave Removing Strict Fingerprint Mode https://brave.com/privacy-updates/28-sunsetting-strict-fingerprinting-mode/
ISC StormCast for Monday, January 22nd, 2024
macOS Python Script Replacing Walling Applications with Rogue Apps https://isc.sans.edu/diary/macOS%20Python%20Script%20Replacing%20Wallet%20Applications%20with%20Rogue%20Apps/30572 Microsoft Breach https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/ Juniper Vulnerabilities https://labs.watchtowr.com/the-second-wednesday-of-the-first-month-of-every-quarter-juniper-0day-revisited/ Brave Removing Strict Fingerprint Mode https://brave.com/privacy-updates/28-sunsetting-strict-fingerprinting-mode/
ISC StormCast for Friday, January 19th, 2024
More Scans for Ivanti Connect "Secure" VPN. Exploits Public https://isc.sans.edu/diary/More%20Scans%20for%20Ivanti%20Connect%20%22Secure%22%20VPN.%20Exploits%20Public/30568 Ivanti Endpoint Manager Mobile / MobileIron Core Vuln exploited CVE-2023-35082 https://www.cisa.gov/known-exploited-vulnerabilities-catalog Attacks against Exposed Databases https://twitter.com/fasterthanlime/status/1741935393413402739 Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes
ISC StormCast for Friday, January 19th, 2024
More Scans for Ivanti Connect "Secure" VPN. Exploits Public https://isc.sans.edu/diary/More%20Scans%20for%20Ivanti%20Connect%20%22Secure%22%20VPN.%20Exploits%20Public/30568 Ivanti Endpoint Manager Mobile / MobileIron Core Vuln exploited CVE-2023-35082 https://www.cisa.gov/known-exploited-vulnerabilities-catalog Attacks against Exposed Databases https://twitter.com/fasterthanlime/status/1741935393413402739 Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes
ISC StormCast for Thursday, January 18th, 2024
Number Usage in Passwords https://isc.sans.edu/diary/Number%20Usage%20in%20Passwords/30540 A Lightweight Method to Detect Potential iOS Malware https://securelist.com/shutdown-log-lightweight-ios-malware-detection-method/111734/ CISA and FBI Release Known IOCs Associated with Androxgh0st Malware https://www.cisa.gov/news-events/alerts/2024/01/16/cisa-and-fbi-release-known-iocs-associated-androxgh0st-malware
ISC StormCast for Thursday, January 18th, 2024
Number Usage in Passwords https://isc.sans.edu/diary/Number%20Usage%20in%20Passwords/30540 A Lightweight Method to Detect Potential iOS Malware https://securelist.com/shutdown-log-lightweight-ios-malware-detection-method/111734/ CISA and FBI Release Known IOCs Associated with Androxgh0st Malware https://www.cisa.gov/news-events/alerts/2024/01/16/cisa-and-fbi-release-known-iocs-associated-androxgh0st-malware
ISC StormCast for Wednesday, January 17th, 2024
Ivanti Vulnerability Widespread Scanning https://isc.sans.edu/diary/Scans%20for%20Ivanti%20Connect%20%22Secure%22%20VPN%20%20Vulnerability%20%28CVE-2023-46805%2C%20CVE-2024-21887%29/30562 https://www.volexity.com/blog/2024/01/15/ivanti-connect-secure-vpn-exploitation-goes-global/ Citrix Patches Already Exploited Vulnerability https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549 Atlassian Confluence Remote Code Execution Vulnerability https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html macOS Infostealers https://www.sentinelone.com/blog/the-many-faces-of-undetected-macos-infostealers-keysteal-atomic-cherrypie-continue-to-adapt/ Google Chrome 0-day https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html GitHub Key Rotation https://www.bleepingcomputer.com/news/security/github-rotates-keys-to-mitigate-impact-of-credential-exposing-flaw/
ISC StormCast for Wednesday, January 17th, 2024
Ivanti Vulnerability Widespread Scanning https://isc.sans.edu/diary/Scans%20for%20Ivanti%20Connect%20%22Secure%22%20VPN%20%20Vulnerability%20%28CVE-2023-46805%2C%20CVE-2024-21887%29/30562 https://www.volexity.com/blog/2024/01/15/ivanti-connect-secure-vpn-exploitation-goes-global/ Citrix Patches Already Exploited Vulnerability https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549 Atlassian Confluence Remote Code Execution Vulnerability https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html macOS Infostealers https://www.sentinelone.com/blog/the-many-faces-of-undetected-macos-infostealers-keysteal-atomic-cherrypie-continue-to-adapt/ Google Chrome 0-day https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html GitHub Key Rotation https://www.bleepingcomputer.com/news/security/github-rotates-keys-to-mitigate-impact-of-credential-exposing-flaw/
ISC StormCast for Tuesday, January 16th, 2024
One File, Two Payloads https://isc.sans.edu/diary/One%20File%2C%20Two%20Payloads/30558 Ivanti Vulnerability Updates https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887/ NVidia DGX H100 and A100 Updates https://nvidia.custhelp.com/app/answers/detail/a_id/5510 GitLab Vulnerability https://nvd.nist.gov/vuln/detail/CVE-2023-7028