SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

Episodes

Mentioned books

undefined
May 18, 2021 • 6min

ISC StormCast for Tuesday, May 18th, 2021

Ransomware Defenses https://isc.sans.edu/forums/diary/Ransomware+Defenses/27420/ AXA Stops Ransomware Payments https://www.insurancejournal.com/news/international/2021/05/09/613255.htm http.sys Proof of Concept https://github.com/0vercl0k/CVE-2021-31166 Google/Mozilla colaborating on HTML Sanitizer API https://wicg.github.io/sanitizer-api/#sanitizer-api SANS Technology Institute Research Journal https://www.sans.edu/cyber-research
undefined
May 17, 2021 • 6min

ISC StormCast for Monday, May 17th, 2021

"Open" Access to Industrial Systems Interfaces is Also Far From Zero https://isc.sans.edu/forums/diary/Open+Access+to+Industrial+Systems+Interface+is+Also+Far+From+Zero/27418/ Malicious Rust Macro for VSCode https://github.com/lucky/bad_actor_poc Exim PoC Released https://adepts.of0x.cc/exim-cve-2020-28018/ Newly Observed PHP-based skimmmer shows ongoing Magecart Group 12 activity https://blog.malwarebytes.com/cybercrime/2021/05/newly-observed-php-based-skimmer-shows-ongoing-magecart-group-12-activity/
undefined
May 14, 2021 • 7min

ISC StormCast for Friday, May 14th, 2021

Cross Browser Tracking with Schemeflood https://fingerprintjs.com/blog/external-protocol-flooding/ Cisco AnyConnect Secure Mobility Client Patch https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-ipc-KfQO9QhK MSBuild Abused By Attackers https://www.anomali.com/blog/threat-actors-use-msbuild-to-deliver-rats-filelessly
undefined
May 13, 2021 • 6min

ISC StormCast for Thursday, May 13th, 2021

Number of industrial control systems on the internet is lower then in 2020...but still far from zero https://isc.sans.edu/forums/diary/Number+of+industrial+control+systems+on+the+internet+is+lower+then+in+2020but+still+far+from+zero/27412/ Webcast: Ransoming Critical Infrastructure https://www.sans.org/webcasts/119775 Links to FragAttacks Vendor Bulletins (in German) https://www.heise.de/news/WLAN-Sicherheitsluecken-FragAttacks-Erste-Updates-6045116.html Adobe Acrobat Patches https://helpx.adobe.com/security/products/acrobat/apsb21-29.html Sending Arbitrary Messages via FindMy https://positive.security/blog/send-my
undefined
May 12, 2021 • 7min

ISC StormCast for Wednesday, May 12th, 2021

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+May+2021+Patch+Tuesday/27408 WiFi Fragmentation Attacks https://www.fragattacks.com
undefined
May 11, 2021 • 5min

ISC StormCast for Tuesday, May 11th, 2021

Validating IP Addresses: Why Encoding Matters https://isc.sans.edu/forums/diary/Correctly+Validating+IP+Addresses+Why+encoding+matters+for+input+validation/27404/ Jail Breaking AirTags https://twitter.com/ghidraninja/status/1391148503196438529 Malicious Tor Exit Relay Activities https://nusenu.medium.com/tracking-one-year-of-malicious-tor-exit-relay-activities-part-ii-85c80875c5df
undefined
May 10, 2021 • 5min

ISC StormCast for Monday, May 10th, 2021

Who is Probing the Internet for Research Purposes https://isc.sans.edu/forums/diary/Who+is+Probing+the+Internet+for+Research+Purposes/27400/ Cycle Hunter and tsuNAME DDoS Attack https://github.com/SIDN/CycleHunter https://tsuname.io/tech_report.pdf Foxit Reader / Phantom PDF Vulnerabilities https://www.foxitsoftware.com/support/security-bulletins.html?Security+updates+available+in+Foxit+Reader+10.1.4+and+Foxit+PhantomPDF+10.1.42021-05-06 Hypocrit Patches Reviewed By Linux Foundation https://lore.kernel.org/lkml/202104221451.292A6ED4@keescook/
undefined
May 7, 2021 • 6min

ISC StormCast for Friday, May 7th, 2021

Scans for Exposed Azure Storage Containers https://isc.sans.edu/forums/diary/Exposed+Azure+Storage+Containers/27396/ Qualcomm MSM Vulnerability https://research.checkpoint.com/2021/security-probe-of-qualcomm-msm/ Google to Automatically enroll users in 2SF https://blog.google/technology/safety-security/a-simpler-and-safer-future-without-passwords/ New Cellebrite Vulnerabilities Announced https://www.ehackingnews.com/2021/05/new-vulnerabilities-in-cellebrites.html
undefined
May 6, 2021 • 6min

ISC StormCast for Thursday, May 6th, 2021

May 2021 Forensic Contest https://isc.sans.edu/forums/diary/May+2021+Forensic+Contest/27386/ Windows Defender Bug Fills Windows 10 Boot Drive with thousands of files https://www.bleepingcomputer.com/news/microsoft/windows-defender-bug-fills-windows-10-boot-drive-with-thousands-of-files/ VMWare vRealize Business for Cloud Patch https://kb.vmware.com/s/article/83475 Cisco Updates SD-WAN vManager / HyperFlex HX https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=100#~Vulnerabilities Security and Privacy Risks of Number Recycling at Mobile Carriers in the US https://recyclednumbers.cs.princeton.edu
undefined
May 5, 2021 • 6min

ISC StormCast for Wednesday, May 5th, 2021

Android Update https://source.android.com/security/bulletin/2021-05-01?hl=en Dell Privilege Escalation Vulnerability https://www.dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability https://labs.sentinelone.com/cve-2021-21551-hundreds-of-millions-of-dell-computers-at-risk-due-to-multiple-bios-driver-privilege-escalation-flaws/ Exim Mail Server Vulnerabilities https://www.qualys.com/2021/05/04/21nails/21nails.txt Quick and Dirty Python: masscan https://isc.sans.edu/forums/diary/Quick+and+dirty+Python+masscan/27384/ ICMP Tunnel Backdoor https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/backdoor-at-the-end-of-the-icmp-tunnel/

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
 Get the app