A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Monday, July 24th, 2023
Shodan's API for the (Recon) Win! https://isc.sans.edu/diary/Shodan%27s%20API%20For%20The%20%28Recon%29%20Win!/30050 Stolen Microsoft Key May Have Opened Up a lot more than US Government E-Mail Inboxes https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr https://www.theregister.com/2023/07/21/microsoft_key_skeleton/ Okta Logs Decoded https://www.rezonate.io/blog/okta-logs-decoded-unveiling-identity-threats-through-threat-hunting/ Threat Actors Exploiting Citrix CVE-2023-3519 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a https://github.com/securekomodo/citrixInspector
ISC StormCast for Friday, July 21st, 2023
Deobfuscation of Malware Delivered Through a .bat File https://isc.sans.edu/diary/Deobfuscation%20of%20Malware%20Delivered%20Through%20a%20.bat%20File/30048 Citrix CVE-2023-3519 Indicators of Compromise https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/ ssh-agent vulnerability https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt Spring Security: WebFlux Security Bypass with Un-Prefixed Double Wildcard Pattern https://spring.io/security/cve-2023-34034 American Megatrends (AMI) MegaRAC BMC Vulnerabilities https://eclypsium.com/research/bmcc-lights-out-forever/
ISC StormCast for Friday, July 21st, 2023
Deobfuscation of Malware Delivered Through a .bat File https://isc.sans.edu/diary/Deobfuscation%20of%20Malware%20Delivered%20Through%20a%20.bat%20File/30048 Citrix CVE-2023-3519 Indicators of Compromise https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/ ssh-agent vulnerability https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt Spring Security: WebFlux Security Bypass with Un-Prefixed Double Wildcard Pattern https://spring.io/security/cve-2023-34034 American Megatrends (AMI) MegaRAC BMC Vulnerabilities https://eclypsium.com/research/bmcc-lights-out-forever/
ISC StormCast for Thursday, July 20th, 2023
Citrix ADC Vulneraiblity CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 https://isc.sans.edu/forums/diary/Citrix%20ADC%20Vulnerability%20CVE-2023-3519%2C%203466%20and%203467%20-%20Patch%20Now!/30044/ HAM Radio Enigma Machine Challenge https://isc.sans.edu/diary/HAM%20Radio%20%2B%20Enigma%20Machine%20Challenge/30042 Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujul2023.html Microsoft Expanding Cloud Logging https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/
ISC StormCast for Thursday, July 20th, 2023
Citrix ADC Vulneraiblity CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 https://isc.sans.edu/forums/diary/Citrix%20ADC%20Vulnerability%20CVE-2023-3519%2C%203466%20and%203467%20-%20Patch%20Now!/30044/ HAM Radio Enigma Machine Challenge https://isc.sans.edu/diary/HAM%20Radio%20%2B%20Enigma%20Machine%20Challenge/30042 Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujul2023.html Microsoft Expanding Cloud Logging https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/
ISC StormCast for Wednesday, July 19th, 2023
Exploit Attempts for "Stagil navigation for Jira Menus & Themes" https://isc.sans.edu/diary/Exploit%20Attempts%20for%20%22Stagil%20navigation%20for%20Jira%20Menus%20%26%20Themes%22%20CVE-2023-26255%20and%20CVE-2023-26256/30038 Citrix Vulnerabilities https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467 Google Cloud Build Service Vulnerability https://orca.security/resources/blog/bad-build-google-cloud-build-potential-supply-chain-attack-vulnerability
ISC StormCast for Wednesday, July 19th, 2023
Exploit Attempts for "Stagil navigation for Jira Menus & Themes" https://isc.sans.edu/diary/Exploit%20Attempts%20for%20%22Stagil%20navigation%20for%20Jira%20Menus%20%26%20Themes%22%20CVE-2023-26255%20and%20CVE-2023-26256/30038 Citrix Vulnerabilities https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467 Google Cloud Build Service Vulnerability https://orca.security/resources/blog/bad-build-google-cloud-build-potential-supply-chain-attack-vulnerability
ISC StormCast for Tuesday, July 18th, 2023
Zimbra Vulnerability Exploited https://blog.zimbra.com/2023/07/security-update-for-zimbra-collaboration-suite-version-8-8-15 Woocommerce Vulnerability Actively Being Exploited https://www.rcesecurity.com/2023/07/patch-diffing-cve-2023-28121-to-compromise-a-woocommerce/ Adobe Coldfusion Flaws exploited https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-coldfusion-rce-bug-exploited-in-attacks/ CISA Cloud Security Fact Sheet: Free Tools for Cloud Environments https://www.cisa.gov/sites/default/files/2023-07/Free%20Tools%20for%20Cloud%20Environments_508c.pdf JumpCloud Breach https://arstechnica.com/security/2023/07/jumpcloud-says-nation-state-hacker-breach-targeted-some-of-its-customers/
ISC StormCast for Tuesday, July 18th, 2023
Zimbra Vulnerability Exploited https://blog.zimbra.com/2023/07/security-update-for-zimbra-collaboration-suite-version-8-8-15 Woocommerce Vulnerability Actively Being Exploited https://www.rcesecurity.com/2023/07/patch-diffing-cve-2023-28121-to-compromise-a-woocommerce/ Adobe Coldfusion Flaws exploited https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-coldfusion-rce-bug-exploited-in-attacks/ CISA Cloud Security Fact Sheet: Free Tools for Cloud Environments https://www.cisa.gov/sites/default/files/2023-07/Free%20Tools%20for%20Cloud%20Environments_508c.pdf JumpCloud Breach https://arstechnica.com/security/2023/07/jumpcloud-says-nation-state-hacker-breach-targeted-some-of-its-customers/
ISC StormCast for Monday, July 17th, 2023
Microsoft Driver Certs Details https://blog.talosintelligence.com/old-certificate-new-signature/ Threads App Lures https://www.helpnetsecurity.com/2023/07/14/threads-app-lure/ First Releases CVSS 4.0 Preview https://www.first.org/cvss/
ISC StormCast for Monday, July 17th, 2023
Microsoft Driver Certs Details https://blog.talosintelligence.com/old-certificate-new-signature/ Threads App Lures https://www.helpnetsecurity.com/2023/07/14/threads-app-lure/ First Releases CVSS 4.0 Preview https://www.first.org/cvss/
ISC StormCast for Friday, July 14th, 2023
DShield Honeypot Maintenance and Data Retention https://isc.sans.edu/diary/DShield%20Honeypot%20Maintenance%20and%20Data%20Retention/30024 Enhanced Monitoring to Detect APT Activity Targeting Outlook Online https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a PoC Exploit: Fake Proof of Concept with Backdoor Malware https://www.uptycs.com/blog/new-poc-exploit-backdoor-malware GhostScript CVE-2023-36664 PoC Exploit https://www.kroll.com/en/insights/publications/cyber/ghostscript-cve-2023-36664-remote-code-execution-vulnerability
ISC StormCast for Friday, July 14th, 2023
DShield Honeypot Maintenance and Data Retention https://isc.sans.edu/diary/DShield%20Honeypot%20Maintenance%20and%20Data%20Retention/30024 Enhanced Monitoring to Detect APT Activity Targeting Outlook Online https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a PoC Exploit: Fake Proof of Concept with Backdoor Malware https://www.uptycs.com/blog/new-poc-exploit-backdoor-malware GhostScript CVE-2023-36664 PoC Exploit https://www.kroll.com/en/insights/publications/cyber/ghostscript-cve-2023-36664-remote-code-execution-vulnerability
ISC StormCast for Thursday, July 13th, 2023
Apple Re-Releases Rapid Security Update for iOS/MacOS https://support.apple.com/HT201224 Loader Activity For Formbook "QM18" https://isc.sans.edu/diary/Loader%20activity%20for%20Formbook%20%22QM18%22/30020 Adobe Patches https://helpx.adobe.com/security/products/coldfusion/apsb23-40.html FortiOS/FortiProxy Stack Based Overflow https://www.fortiguard.com/psirt/FG-IR-23-183 Citrix Secure Access Client for Ubuntu https://support.citrix.com/article/CTX564169/citrix-secure-access-client-for-ubuntu-security-bulletin-for-cve202324492 Sonicwall Updates https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010
ISC StormCast for Thursday, July 13th, 2023
Apple Re-Releases Rapid Security Update for iOS/MacOS https://support.apple.com/HT201224 Loader Activity For Formbook "QM18" https://isc.sans.edu/diary/Loader%20activity%20for%20Formbook%20%22QM18%22/30020 Adobe Patches https://helpx.adobe.com/security/products/coldfusion/apsb23-40.html FortiOS/FortiProxy Stack Based Overflow https://www.fortiguard.com/psirt/FG-IR-23-183 Citrix Secure Access Client for Ubuntu https://support.citrix.com/article/CTX564169/citrix-secure-access-client-for-ubuntu-security-bulletin-for-cve202324492 Sonicwall Updates https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010