SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Jul 15, 2020 • 6min
ISC StormCast for Wednesday, July 15th 2020
MSFT Patch Tuesday
https://isc.sans.edu/forums/diary/Microsoft+July+2020+Patch+Tuesday+Patch+Now/26350/
Adobe Patches
https://helpx.adobe.com/security.html
Jul 14, 2020 • 6min
ISC StormCast for Tuesday, July 14th 2020
Purged VBA Code
https://isc.sans.edu/forums/diary/Maldoc+VBA+Purging+Example/26342/
Password protected VBA Code
https://isc.sans.edu/forums/diary/VBA+Project+Passwords/26346/
MacOS mount_apfs TCC Bypass
https://theevilbit.github.io/posts/cve_2020_9771/
Jul 13, 2020 • 7min
ISC StormCast for Monday, July 13th 2020
Excel Spreadsheet Macro Kicks Off Formbook Infection
https://isc.sans.edu/forums/diary/Excel+spreasheet+macro+kicks+off+Formbook+infection/26332/
Zoom Update Fixing Zoom on Windows 7 Vulnerability
https://support.zoom.us/hc/en-us/articles/360046081271-New-updates-for-July-10-2020
DigiCert Replaces 50,000 EV Certificates
https://knowledge.digicert.com/alerts/DigiCert-ICA-Replacement
Microsoft Warns of OAUTH consent Phishing
https://www.microsoft.com/security/blog/2020/07/08/protecting-remote-workforce-application-attacks-consent-phishing/
Jul 10, 2020 • 14min
ISC StormCast for Friday, July 10th 2020
Citrix Scanning
https://isc.sans.edu/forums/diary/Active+Exploit+Attempts+Targeting+Recent+Citrix+ADC+Vulnerabilities+CTX276688/26330/
https://www.youtube.com/watch?time_continue=6&v=1_D4_9BKHSc&feature=emb_logo
Juniper Patches
https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
Google Releases Tsunami Security Scanner
https://github.com/google/tsunami-security-scanner
SANS.edu Student Billy Wilson: Security Supercomputers with BPF Probes
https://www.sans.org/reading-room/whitepapers/detection/securing-soft-underbelly-supercomputer-bpf-probes-39635#__utma=56421037.1361558334.1422039453.1445264258.1445266863.510&__utmb=56421037.17.9.1445268558432&__utmc=56421037&__utmx=-&__utmz=56421037.1444729543.493.57.utmcsr=admin.sans.org|utmccn=%28referral%29|utmcmd=referral|utmcct=/account/madmin/account_manage
Jul 9, 2020 • 7min
ISC StormCast for Thursday, July 9th 2020
Obfuscated Malware
https://isc.sans.edu/forums/diary/If+You+Want+Something+Done+Right+You+Have+To+Do+It+Yourself+Malware+Too/26320/
PaloAlto Networks PAN-OS CVE-2020-2034
https://security.paloaltonetworks.com/CVE-2020-2034
Citrix Vulnerability Details (CVE-2020-8194)
https://dmaasland.github.io/posts/citrix.html
Mozilla Suspending Send Service
https://www.zdnet.com/article/mozilla-suspends-firefox-send-service-while-it-addresses-malware-abuse/
Jul 8, 2020 • 5min
ISC StormCast for Wednesday, July 8th 2020
F5 Big IP Wrapup
https://twitter.com/NCCGroupInfosec/status/1280593966879125504
https://www.sans.org/webcasts/116065
Citrix ADC / Citrix Gateway Patches
https://www.citrix.com/blogs/2020/07/07/citrix-provides-context-on-security-bulletin-ctx276688/
Microsoft Releases Free Memory Analysis Service
https://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/
Jul 7, 2020 • 5min
ISC StormCast for Tuesday, July 7th 2020
More BigIP Exploits
https://isc.sans.edu/forums/diary/Summary+of+CVE20205902+F5+BIGIP+RCE+Vulnerability+Exploits/26316/
Special F5 BigIP Webcast
https://www.sans.org/webcasts/116065
Microsoft ATP Web Content Filtering
https://techcommunity.microsoft.com/t5/microsoft-defender-atp/an-update-on-web-content-filtering/ba-p/1505445
Ouch Newsletter: Ransomware
https://www.sans.org/security-awareness-training/resources/ransomware
Extended Research Feed: Added Net Systems Research
https://isc.sans.edu/api/threatcategory/research
Jul 6, 2020 • 6min
ISC StormCast for Monday, July 6th 2020
F5 BigIP Critical RCE
https://support.f5.com/csp/article/K52145254
https://isc.sans.edu/forums/diary/CVE20205902+F5+BIGIP+Exploitation+Attempt/26310/
https://github.com/rapid7/metasploit-framework/pull/13807/commits/0417e88ff24bf05b8874c953bd91600f10186ba4
https://www.ptsecurity.com/ww-en/about/news/f5-fixes-critical-vulnerability-discovered-by-positive-technologies-in-big-ip-application-delivery-controller
Guacamole RDP Gateway Vulnerability
https://blog.checkpoint.com/2020/07/02/hole-y-guacamole-fixing-critical-vulnerabilities-in-apaches-popular-remote-desktop-gateway/
Barclays Caught Serving Code from Wayback Machine
https://www.theregister.com/2020/07/03/barclays_bank_javascript_wayback_machine/
Jul 2, 2020 • 4min
ISC StormCast for Thursday, July 2nd 2020
Alina PoS Malware Exfiltrating Data via DNS
https://blog.centurylink.com/alina-point-of-sale-malware-still-lurking-in-dns/
Evil Quest "Ransomware" Update
https://objective-see.com/blog/blog_0x59.html
IBM Cyber Resilient Organziation Report
https://www.ibm.com/account/reg/us-en/signup?formid=urx-45839
Jul 1, 2020 • 6min
ISC StormCast for Wednesday, July 1st 2020
Window 10 / 2019 Server Out of Order Patch
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1425
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1457
MacOS Ransomare Arrives as Fake Little Snitch Software
https://blog.malwarebytes.com/mac/2020/06/new-mac-ransomware-spreading-through-piracy/
VPN Privilege Escalation
https://0xsha.io/posts/zombievpn-breaking-that-internet-security
DNSSEC Phishing Scam
https://nakedsecurity.sophos.com/2020/06/29/beware-secure-dns-scam-targeting-website-owners-and-bloggers/
