A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Friday, March 31st, 2023
Malicious 3CX Dekstop App Update Lifestream (Friday March 31st 1400 ET, 1800 UTC) https://www.youtube.com/watch?v=cCf3Km_j5bY 3CX Update: https://www.3cx.com/blog/news/desktopapp-security-alert/ SentinelOne: https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/ Objective-See Blog Post: https://objective-see.org/blog/blog_0x73.html Crowdstrike: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/ Bypassing PowerShell Strong Obfuscation https://isc.sans.edu/diary/Bypassing%20PowerShell%20Strong%20Obfuscation/29692
ISC StormCast for Thursday, March 30th, 2023
Extracting Multiple Streams From OLE Files https://isc.sans.edu/diary/Extracting%20Multiple%20Streams%20From%20OLE%20Files/29688 3CXDesktop App Compromise https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/ Microsoft Defender False Positives https://twitter.com/MSFT365Status/status/1641048649525260289 https://admin.microsoft.com/Adminportal/Home?ref=/servicehealth/:/alerts/DZ534539 (requires login) Active Exploitation of IBM Aspera Faspex CVE-2022-47986 https://www.rapid7.com/blog/post/2023/03/28/etr-active-exploitation-of-ibm-aspera-faspex-cve-2022-47986/ QNAP Patch for sudo vulnerablity https://www.qnap.com/en/security-advisory/qsa-23-11
ISC StormCast for Thursday, March 30th, 2023
Extracting Multiple Streams From OLE Files https://isc.sans.edu/diary/Extracting%20Multiple%20Streams%20From%20OLE%20Files/29688 3CXDesktop App Compromise https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/ Microsoft Defender False Positives https://twitter.com/MSFT365Status/status/1641048649525260289 https://admin.microsoft.com/Adminportal/Home?ref=/servicehealth/:/alerts/DZ534539 (requires login) Active Exploitation of IBM Aspera Faspex CVE-2022-47986 https://www.rapid7.com/blog/post/2023/03/28/etr-active-exploitation-of-ibm-aspera-faspex-cve-2022-47986/ QNAP Patch for sudo vulnerablity https://www.qnap.com/en/security-advisory/qsa-23-11
ISC StormCast for Wednesday, March 29th, 2023
Network Data Collector Placement Makes a Difference https://isc.sans.edu/diary/Network%20Data%20Collector%20Placement%20Makes%20a%20Difference/29664 Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online https://techcommunity.microsoft.com/t5/exchange-team-blog/throttling-and-blocking-email-from-persistently-vulnerable/ba-p/3762078 Bypassing Wi-Fi Encryption by Manipulating Transmit Queues https://papers.mathyvanhoef.com/usenix2023-wifi.pdf
ISC StormCast for Wednesday, March 29th, 2023
Network Data Collector Placement Makes a Difference https://isc.sans.edu/diary/Network%20Data%20Collector%20Placement%20Makes%20a%20Difference/29664 Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online https://techcommunity.microsoft.com/t5/exchange-team-blog/throttling-and-blocking-email-from-persistently-vulnerable/ba-p/3762078 Bypassing Wi-Fi Encryption by Manipulating Transmit Queues https://papers.mathyvanhoef.com/usenix2023-wifi.pdf
ISC StormCast for Tuesday, March 28th, 2023
Another Malicious HTA File Analysis Part 1 https://isc.sans.edu/diary/Another%20Malicious%20HTA%20File%20Analysis%20-%20Part%201/29674 Apple Updates Everything https://isc.sans.edu/diary/Apple%20Updates%20Everything%20%28including%20Studio%20Display%29/29682 MacStealer Malware Exfiltrates Mac Secrets https://www.uptycs.com/blog/macstealer-command-and-control-c2-malware
ISC StormCast for Tuesday, March 28th, 2023
Another Malicious HTA File Analysis Part 1 https://isc.sans.edu/diary/Another%20Malicious%20HTA%20File%20Analysis%20-%20Part%201/29674 Apple Updates Everything https://isc.sans.edu/diary/Apple%20Updates%20Everything%20%28including%20Studio%20Display%29/29682 MacStealer Malware Exfiltrates Mac Secrets https://www.uptycs.com/blog/macstealer-command-and-control-c2-malware
ISC StormCast for Monday, March 27th, 2023
Update for Windows Snipping Tool https://isc.sans.edu/diary/Microsoft%20Released%20an%20Update%20for%20Windows%20Snipping%20Tool%20Vulnerability/29670 GitHub Rotates SSH Keys https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ redis-py vulnerability leads to mixed up sessions, affects ChatGPT https://openai.com/blog/march-20-chatgpt-outage Linux Tech Tips YouTube Hack https://www.theverge.com/2023/3/23/23653115/linus-tech-tips-youtube-hack-crypto-scam https://isc.sans.edu/diary/Elon%20Musk%20Themed%20Crypto%20Scams%20Flooding%20YouTube%20Today/29434 CyberChef Update https://github.com/gchq/CyberChef/wiki/Character-encoding,-EOL-separators,-and-editor-features
ISC StormCast for Monday, March 27th, 2023
Update for Windows Snipping Tool https://isc.sans.edu/diary/Microsoft%20Released%20an%20Update%20for%20Windows%20Snipping%20Tool%20Vulnerability/29670 GitHub Rotates SSH Keys https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ redis-py vulnerability leads to mixed up sessions, affects ChatGPT https://openai.com/blog/march-20-chatgpt-outage Linux Tech Tips YouTube Hack https://www.theverge.com/2023/3/23/23653115/linus-tech-tips-youtube-hack-crypto-scam https://isc.sans.edu/diary/Elon%20Musk%20Themed%20Crypto%20Scams%20Flooding%20YouTube%20Today/29434 CyberChef Update https://github.com/gchq/CyberChef/wiki/Character-encoding,-EOL-separators,-and-editor-features
ISC StormCast for Friday, March 24th, 2023
Cropping and Redacting Images Safely https://isc.sans.edu/diary/Cropping%20and%20Redacting%20Images%20Safely/29666 Untitled Goose Tool https://github.com/cisagov/untitledgoosetool Veeam Vulnerability Details https://www.horizon3.ai/veeam-backup-and-replication-cve-2023-27532-deep-dive/ Unicode Support in Python used to Evade Detection https://blog.phylum.io/malicious-actors-use-unicode-support-in-python-to-evade-detection
ISC StormCast for Friday, March 24th, 2023
Cropping and Redacting Images Safely https://isc.sans.edu/diary/Cropping%20and%20Redacting%20Images%20Safely/29666 Untitled Goose Tool https://github.com/cisagov/untitledgoosetool Veeam Vulnerability Details https://www.horizon3.ai/veeam-backup-and-replication-cve-2023-27532-deep-dive/ Unicode Support in Python used to Evade Detection https://blog.phylum.io/malicious-actors-use-unicode-support-in-python-to-evade-detection
ISC StormCast for Thursday, March 23rd, 2023
Windows Snipping Tool Privacy Bug: Inspecting PNG Files https://isc.sans.edu/diary/Windows%2011%20Snipping%20Tool%20Privacy%20Bug%3A%20Inspecting%20PNG%20Files/29660 Acropalypse Detection and Sanitization Tools https://github.com/infobyte/CVE-2023-21036 WooCommerce Skimmer Reveals Tampered Gateway Plugin https://blog.sucuri.net/2023/03/woocommerce-skimmer-reveals-tampered-gateway-plugin.html Netgear Orbi Router Vulnerable https://blog.talosintelligence.com/vulnerability-spotlight-netgear-orbi-router-vulnerable-to-arbitrary-command-execution/
ISC StormCast for Thursday, March 23rd, 2023
Windows Snipping Tool Privacy Bug: Inspecting PNG Files https://isc.sans.edu/diary/Windows%2011%20Snipping%20Tool%20Privacy%20Bug%3A%20Inspecting%20PNG%20Files/29660 Acropalypse Detection and Sanitization Tools https://github.com/infobyte/CVE-2023-21036 WooCommerce Skimmer Reveals Tampered Gateway Plugin https://blog.sucuri.net/2023/03/woocommerce-skimmer-reveals-tampered-gateway-plugin.html Netgear Orbi Router Vulnerable https://blog.talosintelligence.com/vulnerability-spotlight-netgear-orbi-router-vulnerable-to-arbitrary-command-execution/
ISC StormCast for Wednesday, March 22nd, 2023
String Obfuscation: Character Pair Reversal https://isc.sans.edu/diary/String%20Obfuscation%3A%20Character%20Pair%20Reversal/29654 Windows 11 Snipping Tool Privacy Bug https://www.bleepingcomputer.com/news/microsoft/windows-11-snipping-tool-privacy-bug-exposes-cropped-image-content/ Malicious .Net Packages https://jfrog.com/blog/attackers-are-starting-to-target-net-developers-with-malicious-code-nuget-packages/ Spring Framework Vulnerability https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861 Snappy Vulnerability https://github.com/KnpLabs/snappy/security/advisories/GHSA-gq6w-q6wh-jggc
ISC StormCast for Wednesday, March 22nd, 2023
String Obfuscation: Character Pair Reversal https://isc.sans.edu/diary/String%20Obfuscation%3A%20Character%20Pair%20Reversal/29654 Windows 11 Snipping Tool Privacy Bug https://www.bleepingcomputer.com/news/microsoft/windows-11-snipping-tool-privacy-bug-exposes-cropped-image-content/ Malicious .Net Packages https://jfrog.com/blog/attackers-are-starting-to-target-net-developers-with-malicious-code-nuget-packages/ Spring Framework Vulnerability https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861 Snappy Vulnerability https://github.com/KnpLabs/snappy/security/advisories/GHSA-gq6w-q6wh-jggc