A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Linux For Everyone
A show about the thrilling world of desktop Linux, open-source software, and the community creating it. For beginners and veterans alike! Hosted by Jason Evangelho, Jerry Morrison and Schykle.
ISC StormCast for Thursday, June 15th, 2023
Deobfuscating a VBS Script With Custom Encoding https://isc.sans.edu/diary/Deobfuscating%20a%20VBS%20Script%20With%20Custom%20Encoding/29940 Every Signature is Broken: On the Insecurity of Microsoft Office s OOXML Signatures https://www.usenix.org/conference/usenixsecurity23/presentation/rohlmann How to Manage the Vulnerailbity Associated with CVE-2023-32019 https://support.microsoft.com/en-gb/topic/kb5028407-how-to-manage-the-vulnerability-associated-with-cve-2023-32019-bd6ed35f-48b1-41f6-bd19-d2d97270f080 Fake Security Research GitHub Repos https://vulncheck.com/blog/fake-repos-deliver-malicious-implant Fortigate Vuln Details https://blog.lexfo.fr/xortigate-cve-2023-27997.html Zoom Updates https://explore.zoom.us/en/trust/security/security-bulletin/
ISC StormCast for Thursday, June 15th, 2023
Deobfuscating a VBS Script With Custom Encoding https://isc.sans.edu/diary/Deobfuscating%20a%20VBS%20Script%20With%20Custom%20Encoding/29940 Every Signature is Broken: On the Insecurity of Microsoft Office s OOXML Signatures https://www.usenix.org/conference/usenixsecurity23/presentation/rohlmann How to Manage the Vulnerailbity Associated with CVE-2023-32019 https://support.microsoft.com/en-gb/topic/kb5028407-how-to-manage-the-vulnerability-associated-with-cve-2023-32019-bd6ed35f-48b1-41f6-bd19-d2d97270f080 Fake Security Research GitHub Repos https://vulncheck.com/blog/fake-repos-deliver-malicious-implant Fortigate Vuln Details https://blog.lexfo.fr/xortigate-cve-2023-27997.html Zoom Updates https://explore.zoom.us/en/trust/security/security-bulletin/
ISC StormCast for Wednesday, June 14th, 2023
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/June%202023%20Microsoft%20Patch%20Tuesday/29942/ VMWare 0-Day https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass https://www.vmware.com/security/advisories/VMSA-2023-0013.html SAP Patches https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
ISC StormCast for Wednesday, June 14th, 2023
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/June%202023%20Microsoft%20Patch%20Tuesday/29942/ VMWare 0-Day https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass https://www.vmware.com/security/advisories/VMSA-2023-0013.html SAP Patches https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
ISC StormCast for Tuesday, June 13th, 2023
Geoserver Attack Details: More Cryptominers Against Unconfigured WebApps https://isc.sans.edu/diary/Geoserver%20Attack%20Details%3A%20More%20Cryptominers%20against%20Unconfigured%20WebApps/29936 Fortinet Update CVE-2023-27997 https://www.fortiguard.com/psirt/FG-IR-23-097 Bitwarden Key Accessible By Low Privileged User https://hackerone.com/reports/1874155 Western Digital SMART Flag Abuse https://arstechnica.com/gadgets/2023/06/clearly-predatory-western-digital-sparks-panic-anger-for-age-shaming-hdds/
ISC StormCast for Tuesday, June 13th, 2023
Geoserver Attack Details: More Cryptominers Against Unconfigured WebApps https://isc.sans.edu/diary/Geoserver%20Attack%20Details%3A%20More%20Cryptominers%20against%20Unconfigured%20WebApps/29936 Fortinet Update CVE-2023-27997 https://www.fortiguard.com/psirt/FG-IR-23-097 Bitwarden Key Accessible By Low Privileged User https://hackerone.com/reports/1874155 Western Digital SMART Flag Abuse https://arstechnica.com/gadgets/2023/06/clearly-predatory-western-digital-sparks-panic-anger-for-age-shaming-hdds/
ISC StormCast for Monday, June 12th, 2023
Undetected PowerShell Backdoor Disduigsed as a Profiled File https://isc.sans.edu/diary/Undetected%20PowerShell%20Backdoor%20Disguised%20as%20a%20Profile%20File/29930 DShield Honeypot Activity for May 2023 https://isc.sans.edu/diary/DShield%20Honeypot%20Activity%20for%20May%202023%20/29932 Second MOVEit Vulnerability https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability Fortinet Patches CVE-2023-27997 https://twitter.com/cfreal_/status/1667852157536616451
ISC StormCast for Monday, June 12th, 2023
Undetected PowerShell Backdoor Disduigsed as a Profiled File https://isc.sans.edu/diary/Undetected%20PowerShell%20Backdoor%20Disguised%20as%20a%20Profile%20File/29930 DShield Honeypot Activity for May 2023 https://isc.sans.edu/diary/DShield%20Honeypot%20Activity%20for%20May%202023%20/29932 Second MOVEit Vulnerability https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability Fortinet Patches CVE-2023-27997 https://twitter.com/cfreal_/status/1667852157536616451
ISC StormCast for Friday, June 9th, 2023
Geoserver Scans https://isc.sans.edu/diary/Ongoing%20scans%20for%20Geoserver/29926 Barracuda Recommends Replacing Compromised Devices https://www.barracuda.com/company/legal/esg-vulnerability Google improves Chrome Password Manager https://www.msn.com/en-us/news/other/chrome-adds-windows-biometric-logins-to-its-password-powers/ar-AA1ciCCf Minecraft Mods Include Malicious Code https://www.bleepingcomputer.com/news/security/new-fractureiser-malware-used-curseforge-minecraft-mods-to-infect-windows-linux/ Trend Micro Service Pack https://files.trendmicro.com/documentation/readme/Apex%20One/2020/apex_one_2019_win_cp_b12033_EN_Critical_Patch_Readme.html
ISC StormCast for Friday, June 9th, 2023
Geoserver Scans https://isc.sans.edu/diary/Ongoing%20scans%20for%20Geoserver/29926 Barracuda Recommends Replacing Compromised Devices https://www.barracuda.com/company/legal/esg-vulnerability Google improves Chrome Password Manager https://www.msn.com/en-us/news/other/chrome-adds-windows-biometric-logins-to-its-password-powers/ar-AA1ciCCf Minecraft Mods Include Malicious Code https://www.bleepingcomputer.com/news/security/new-fractureiser-malware-used-curseforge-minecraft-mods-to-infect-windows-linux/ Trend Micro Service Pack https://files.trendmicro.com/documentation/readme/Apex%20One/2020/apex_one_2019_win_cp_b12033_EN_Critical_Patch_Readme.html
ISC StormCast for Thursday, June 8th, 2023
DMARC in .co TLD https://isc.sans.edu/diary/Management%20of%20DMARC%20control%20for%20email%20impersonation%20of%20domains%20in%20the%20.co%20TLD%20-%20part%202/29922 Three Vulnerabilities in VMWare Aria Operations for Networks https://www.vmware.com/security/advisories/VMSA-2023-0012.html SpinOK Spyware SDK found in Android Apps https://vms.drweb.com/search/?q=Android.Spy.SpinOk&lng=en https://www.cloudsek.com/threatintelligence/supply-chain-attack-infiltrates-android-apps-with-malicious-sdk Cisco Anyconnect Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw RSA Webcast https://www.rsaconference.com/library/webcast/149-sans-followup-2023
ISC StormCast for Thursday, June 8th, 2023
DMARC in .co TLD https://isc.sans.edu/diary/Management%20of%20DMARC%20control%20for%20email%20impersonation%20of%20domains%20in%20the%20.co%20TLD%20-%20part%202/29922 Three Vulnerabilities in VMWare Aria Operations for Networks https://www.vmware.com/security/advisories/VMSA-2023-0012.html SpinOK Spyware SDK found in Android Apps https://vms.drweb.com/search/?q=Android.Spy.SpinOk&lng=en https://www.cloudsek.com/threatintelligence/supply-chain-attack-infiltrates-android-apps-with-malicious-sdk Cisco Anyconnect Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw RSA Webcast https://www.rsaconference.com/library/webcast/149-sans-followup-2023
ISC StormCast for Wednesday, June 7th, 2023
Github Copilot vs Google: Which Code is More Secure https://isc.sans.edu/forums/diary/Github%20Copilot%20vs.%20Google%3A%20Which%20code%20is%20more%20secure/29918/ Android Update https://source.android.com/docs/security/bulletin/2023-06-01 Chrome Updates https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html FBI Warns of Manipulated Photos and Videos For Sextortion https://www.ic3.gov/Media/Y2023/PSA230605
ISC StormCast for Wednesday, June 7th, 2023
Github Copilot vs Google: Which Code is More Secure https://isc.sans.edu/forums/diary/Github%20Copilot%20vs.%20Google%3A%20Which%20code%20is%20more%20secure/29918/ Android Update https://source.android.com/docs/security/bulletin/2023-06-01 Chrome Updates https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html FBI Warns of Manipulated Photos and Videos For Sextortion https://www.ic3.gov/Media/Y2023/PSA230605
ISC StormCast for Tuesday, June 6th, 2023
Brute Forcing Simple Archive Passwords https://isc.sans.edu/diary/Brute%20Forcing%20Simple%20Archive%20Passwords/29914 KeePass 2.54 Released https://keepass.info/news/n230603_2.54.html Splunk Advisories https://advisory.splunk.com/advisories Malicious Google Chrome Extensions https://palant.info/2023/05/31/more-malicious-extensions-in-chrome-web-store/ Symantec Updates https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22217