A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ISC StormCast for Tuesday, February 28th, 2023
Phishing Again and Again https://isc.sans.edu/diary/Phishing%20Again%20and%20Again/29588 Unlocked Phone Stealing https://www.wsj.com/articles/apple-iphone-security-theft-passcode-data-privacya-basic-iphone-feature-helps-criminals-steal-your-digital-life-cbf14b1a More Fake Authenticator Apps https://nakedsecurity.sophos.com/2023/02/27/beware-rogue-2fa-apps-in-app-store-and-google-play-dont-get-hacked/ Zoneminder Vulnerability https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-72rg-h4vf-29gr WebLogic Exploit (not verified) CVE-2023-21839 https://github.com/4ra1n/CVE-2023-21839/blob/master/cmd/main.go
ISC StormCast for Tuesday, February 28th, 2023
Phishing Again and Again https://isc.sans.edu/diary/Phishing%20Again%20and%20Again/29588 Unlocked Phone Stealing https://www.wsj.com/articles/apple-iphone-security-theft-passcode-data-privacya-basic-iphone-feature-helps-criminals-steal-your-digital-life-cbf14b1a More Fake Authenticator Apps https://nakedsecurity.sophos.com/2023/02/27/beware-rogue-2fa-apps-in-app-store-and-google-play-dont-get-hacked/ Zoneminder Vulnerability https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-72rg-h4vf-29gr WebLogic Exploit (not verified) CVE-2023-21839 https://github.com/4ra1n/CVE-2023-21839/blob/master/cmd/main.go
ISC StormCast for Monday, February 27th, 2023
URL Files and WebDav used for IcedId Bockbot Infection https://isc.sans.edu/diary/URL%20files%20and%20WebDAV%20used%20for%20IcedID%20%28Bokbot%29%20infection/29578 oledump msi file plugin https://isc.sans.edu/diary/oledump%20%26%20MSI%20Files/29584 Automatic Disruption of Ransomware and BEC attacks with Microsoft 365 Defender https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/automatic-disruption-of-ransomware-and-bec-attacks-with/ba-p/3738294 Cisco Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-csrfv-DMx6KSwV https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX
ISC StormCast for Monday, February 27th, 2023
URL Files and WebDav used for IcedId Bockbot Infection https://isc.sans.edu/diary/URL%20files%20and%20WebDAV%20used%20for%20IcedID%20%28Bokbot%29%20infection/29578 oledump msi file plugin https://isc.sans.edu/diary/oledump%20%26%20MSI%20Files/29584 Automatic Disruption of Ransomware and BEC attacks with Microsoft 365 Defender https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/automatic-disruption-of-ransomware-and-bec-attacks-with/ba-p/3738294 Cisco Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-csrfv-DMx6KSwV https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX
ISC StormCast for Friday, February 24th, 2023
Updated Exchange AV Guidance https://techcommunity.microsoft.com/t5/exchange-team-blog/update-on-the-exchange-server-antivirus-exclusions/ba-p/3751464 Best Practices for Securing Your Home Network https://media.defense.gov/2023/Feb/22/2003165170/-1/-1/0/CSI_BEST_PRACTICES_FOR_SECURING_YOUR_HOME_NETWORK.PDF Attacks on Data Center Organizations https://www.resecurity.com/blog/article/cyber-attacks-on-data-center-organizations NPM Package Phishing https://checkmarx.com/blog/how-npm-packages-were-used-to-spread-phishing-links/ Malicious PyPi Packages https://www.fortinet.com/blog/threat-research/more-supply-chain-attacks-via-new-malicious-python-packages-in-pypi
ISC StormCast for Friday, February 24th, 2023
Updated Exchange AV Guidance https://techcommunity.microsoft.com/t5/exchange-team-blog/update-on-the-exchange-server-antivirus-exclusions/ba-p/3751464 Best Practices for Securing Your Home Network https://media.defense.gov/2023/Feb/22/2003165170/-1/-1/0/CSI_BEST_PRACTICES_FOR_SECURING_YOUR_HOME_NETWORK.PDF Attacks on Data Center Organizations https://www.resecurity.com/blog/article/cyber-attacks-on-data-center-organizations NPM Package Phishing https://checkmarx.com/blog/how-npm-packages-were-used-to-spread-phishing-links/ Malicious PyPi Packages https://www.fortinet.com/blog/threat-research/more-supply-chain-attacks-via-new-malicious-python-packages-in-pypi
ISC StormCast for Thursday, February 23rd, 2023
Internet Wide Scan Fingerprinting Confluence Servers https://isc.sans.edu/diary/Internet%20Wide%20Scan%20Fingerprinting%20Confluence%20Servers/29574 Apple Updates Advisories https://support.apple.com/en-us/HT213606 https://support.apple.com/en-us/HT213605 https://www.trellix.com/en-us/about/newsroom/stories/research/trellix-advanced-research-center-discovers-a-new-privilege-escalation-bug-class-on-macos-and-ios.html Questionable two-factor Apps https://twitter.com/mysk_co/status/1627097291063435264 VMWare Carbon Black App Control Vulnerability https://www.vmware.com/security/advisories/VMSA-2023-0004.html
ISC StormCast for Thursday, February 23rd, 2023
Internet Wide Scan Fingerprinting Confluence Servers https://isc.sans.edu/diary/Internet%20Wide%20Scan%20Fingerprinting%20Confluence%20Servers/29574 Apple Updates Advisories https://support.apple.com/en-us/HT213606 https://support.apple.com/en-us/HT213605 https://www.trellix.com/en-us/about/newsroom/stories/research/trellix-advanced-research-center-discovers-a-new-privilege-escalation-bug-class-on-macos-and-ios.html Questionable two-factor Apps https://twitter.com/mysk_co/status/1627097291063435264 VMWare Carbon Black App Control Vulnerability https://www.vmware.com/security/advisories/VMSA-2023-0004.html
ISC StormCast for Wednesday, February 22nd, 2023
Phishing Page Branded with Your Corporate Website https://isc.sans.edu/diary/Phishing%20Page%20Branded%20with%20Your%20Corporate%20Website/29570 Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/ Apache Commons FileUpload Vulnerability https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy VMWare Windows Server 2022 Fix https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-70u3k-release-notes.html#resolvedissues
ISC StormCast for Wednesday, February 22nd, 2023
Phishing Page Branded with Your Corporate Website https://isc.sans.edu/diary/Phishing%20Page%20Branded%20with%20Your%20Corporate%20Website/29570 Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/ Apache Commons FileUpload Vulnerability https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy VMWare Windows Server 2022 Fix https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-70u3k-release-notes.html#resolvedissues
ISC StormCast for Tuesday, February 21st, 2023
OneNote Suricata Rules https://isc.sans.edu/diary/OneNote%20Suricata%20Rules/29564 New IIS Backdoor https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/frebniis-malware-iis Outlook Spam https://www.bleepingcomputer.com/news/microsoft/microsoft-outlook-flooded-with-spam-due-to-broken-email-filters/ Godaddy Breach and Website Redirects https://aboutus.godaddy.net/newsroom/company-news/news-details/2023/Statement-on-recent-website-redirect-issues/default.aspx
ISC StormCast for Tuesday, February 21st, 2023
OneNote Suricata Rules https://isc.sans.edu/diary/OneNote%20Suricata%20Rules/29564 New IIS Backdoor https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/frebniis-malware-iis Outlook Spam https://www.bleepingcomputer.com/news/microsoft/microsoft-outlook-flooded-with-spam-due-to-broken-email-filters/ Godaddy Breach and Website Redirects https://aboutus.godaddy.net/newsroom/company-news/news-details/2023/Statement-on-recent-website-redirect-issues/default.aspx
ISC StormCast for Monday, February 20th, 2023
Phishing Emails to out Handlers Inbox https://isc.sans.edu/diary/Spear%20Phishing%20Handlers%20for%20Username%20Password/29560 Twitter Alters 2FA https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter Fortinet Updates https://www.fortiguard.com/psirt-monthly-advisory/february-2023-vulnerability-advisories https://twitter.com/Horizon3Attack/status/1626692778062237713 Cisco ClamAV Patches https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy
ISC StormCast for Monday, February 20th, 2023
Phishing Emails to out Handlers Inbox https://isc.sans.edu/diary/Spear%20Phishing%20Handlers%20for%20Username%20Password/29560 Twitter Alters 2FA https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter Fortinet Updates https://www.fortiguard.com/psirt-monthly-advisory/february-2023-vulnerability-advisories https://twitter.com/Horizon3Attack/status/1626692778062237713 Cisco ClamAV Patches https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy
ISC StormCast for Friday, February 17th, 2023
HTML Phishing Attachment with Browser-in-the-Browser Technique https://isc.sans.edu/diary/HTML%20phishing%20attachment%20with%20browser-in-the-browser%20technique/29556 Windows Server 2022 Might Not Start Up After Updates https://learn.microsoft.com/en-us/windows/release-health/status-windows-server-2022#windows-server-2022-might-not-start-up New ESXiArgs Encryption Routing Outmaneuvers Recovery Methods https://www.malwarebytes.com/blog/news/2023/02/new-esxiargs-encryption-routine-outmaneuvers-recovery-methods PHP Updates https://www.php.net ClamAV Patches https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html