SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Jul 15, 2021 • 6min
ISC StormCast for Thursday, July 15th, 2021
One way to fail at malspam - give reipients the wrong password
https://isc.sans.edu/forums/diary/One+way+to+fail+at+malspam+give+recipients+the+wrong+password+for+an+encrypted+attachment/27634/
Firefox Updates
https://www.mozilla.org/en-US/security/advisories/mfsa2021-28/
SAP Netweaver Vulnerabilities
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506
Joker Android Fleezware
https://blog.zimperium.com/joker-is-still-no-laughing-matter/
less.js RCE
https://www.softwaresecured.com/exploiting-less-js
Jul 14, 2021 • 7min
ISC StormCast for Wednesday, July 14th, 2021
Microsoft Patch Tuesday
https://isc.sans.edu/forums/diary/Microsoft+July+2021+Patch+Tuesday/27628/
Adobe Patch Tuesday
https://helpx.adobe.com/security/products/acrobat/apsb21-51.html
ForgeRock OpenAM Vulnerability
https://backstage.forgerock.com/knowledge/kb/article/a47894244
GMail Supporting BIMI
https://cloud.google.com/blog/products/identity-security/bringing-bimi-to-gmail-in-google-workspace
Jul 13, 2021 • 6min
ISC StormCast for Tuesday, July 13th, 2021
Kaseya Releases Patch and Hardening Guide
https://helpdesk.kaseya.com/hc/en-gb/articles/4403760102417
Solarwinds Advisory CVE-2021-35211
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211
Mint Mobile Breach and Porting
https://www.bleepingcomputer.com/news/security/mint-mobile-hit-by-a-data-breach-after-numbers-ported-data-accessed/
Twitter Verified Account Mistake
https://twitter.com/conspirator0/status/1414475519609999366
Jul 12, 2021 • 6min
ISC StormCast for Monday, July 12th, 2021
Scanning for Microsoft Secure Socket Tunneling Protocol
https://isc.sans.edu/forums/diary/Scanning+for+Microsoft+Secure+Socket+Tunneling+Protocol/27622/
Hancitor tries XLL as Initial Malware File
https://isc.sans.edu/forums/diary/Hancitor+tries+XLL+as+initial+malware+file/27618/
Android Updates
https://source.android.com/security/bulletin/2021-07-01
Cisco Updates
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bpa-priv-esc-dgubwbH4
Job Seekers Attacked with Malicious Documents
https://www.ehackingnews.com/2021/07/job-seeking-engineers-have-become.html
Jul 9, 2021 • 6min
ISC StormCast for Friday, July 9th, 2021
Using Sudo With Python For More Security Controls
https://isc.sans.edu/forums/diary/Using+Sudo+with+Python+For+More+Security+Controls/27614/
Fake Kaseya Updates Include CobaltStrike Payload
https://www.theregister.com/2021/07/07/kaseya_malware_patches_/
WildPressure macOS Trojan
https://www.kaspersky.com/about/press-releases/2021_wildpressures-multi-platform-malware-hits-macos-in-the-middle-east
https://www.patreon.com/posts/53462690
iCloud Password Reset Weaknesss
https://thezerohack.com/apple-vulnerability-bug-bounty
Jul 8, 2021 • 6min
ISC StormCast for Thursday, July 8th, 2021
Microsoft Releases Patches for CVE-2021-34527 UPDATED
https://isc.sans.edu/forums/diary/Microsoft+Releases+Patches+for+CVE202134527/27610/
GitLab Update
https://www.ehackingnews.com/2021/07/gitlab-fixes-several-vulnerabilities.html
Vulnerable NuGet Packages
https://blog.secure.software/third-party-code-comes-with-some-baggage
Jul 7, 2021 • 9min
ISC StormCast for Wednesday, July 7th, 2021
Microsoft Releases Printnightmare Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
Kaseya Update
https://www.kaseya.com/potential-attack-on-kaseya-vsa/
Kaspersky Password Manager
https://donjon.ledger.com/kaspersky-password-manager/
Amazon Echo Dot After Reset Artifacts
https://dl.acm.org/doi/pdf/10.1145/3448300.3467820
Jul 6, 2021 • 7min
ISC StormCast for Tuesday, July 6th, 2021
Kaseya REvil Update
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689
https://www.huntress.com/blog/rapid-response-kaseya-vsa-mass-msp-ransomware-incident
https://doublepulsar.com/kaseya-supply-chain-attack-delivers-mass-ransomware-event-to-us-companies-76e4ec6ec64b
https://csirt.divd.nl/2021/07/03/Kaseya-Case-Update/
Printnightmare Update
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
https://doublepulsar.com/zero-day-for-every-supported-windows-os-version-in-the-wild-printnightmare-b3fdb82f840c
https://blog.truesec.com/2021/06/30/fix-for-printnightmare-cve-2021-1675-exploit-to-keep-your-print-servers-running-while-a-patch-is-not-available/
https://github.com/LaresLLC/CVE-2021-1675
Expired RPM Key Problem
https://github.com/rpm-software-management/rpm/issues/1598
Node.JS Update
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
Jul 4, 2021 • 5min
ISC StormCast for Monday, July 5th, 2021
Kaseya VSA REvil Ransomware Incident
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689
https://www.huntress.com/blog/rapid-response-kaseya-vsa-mass-msp-ransomware-incident
https://doublepulsar.com/kaseya-supply-chain-attack-delivers-mass-ransomware-event-to-us-companies-76e4ec6ec64b
https://csirt.divd.nl/2021/07/03/Kaseya-Case-Update/
Jul 2, 2021 • 8min
ISC StormCast for Friday, July 2nd, 2021
Print Spooler printnightmare Update
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
https://doublepulsar.com/zero-day-for-every-supported-windows-os-version-in-the-wild-printnightmare-b3fdb82f840c
https://blog.truesec.com/2021/06/30/fix-for-printnightmare-cve-2021-1675-exploit-to-keep-your-print-servers-running-while-a-patch-is-not-available/
https://github.com/LaresLLC/CVE-2021-1675
