SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Jun 2, 2020 • 7min

ISC StormCast for Tuesday, June 2nd 2020

Apple Patches Unc0ver https://support.apple.com/en-us/HT201222 Office 365 Adds Details About Malicious E-Mail Attachments https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=64570 Impact of Research on Our Data https://isc.sans.edu/forums/diary/The+Impact+of+Researchers+on+Our+Data/26182/

Jun 1, 2020 • 6min

ISC StormCast for Monday, June 1st 2020

Sectigo AddTrust CA Expired https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020 Critical Sign In With Apple Flaw https://bhavukjain.com/blog/2020/05/30/zeroday-signin-with-apple/ DABANGG: Refined Flush Based Cache Attacks https://www.cse.iitk.ac.in/users/biswap/DABANGG.pdf New Website Explaining FIDO https://loginwithfido.com/

May 29, 2020 • 19min

ISC StormCast for Friday, May 29th 2020

USBFuzz Finds Numerous USB Flaws https://www.nebelwelt.net/files/20SEC3.pdf Cisco Products Vulnerable to Saltstack Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG Another Nail in the Coffin for SHA-1 https://eprint.iacr.org/2020/014.pdf STI Student: Andy Piazza; Qualifying Threat Actor Assessments https://www.sans.org/reading-room/whitepapers/threatintelligence/paper/39585

May 28, 2020 • 7min

ISC StormCast for Thursday, May 28th 2020

Phishing With Google Cloud https://isc.sans.edu/forums/diary/Frankensteins+phishing+using+Google+Cloud+Storage/26174/ Trend Micro AntiVirus Blocked by Microsoft https://billdemirkapi.me/How-to-use-Trend-Micro-Rootkit-Remover-to-Install-a-Rootkit/ Netgear Nighthawk Firmware Update Vulnerability https://iot-lab-fh-ooe.github.io/netgear_update_vulnerability/

May 27, 2020 • 6min

ISC StormCast for Wednesday, May 27th 2020

Where is SHA3 https://isc.sans.edu/forums/diary/Seriously+SHA3+where+art+thou/26170/ Apple Updates https://support.apple.com/en-us/HT201222 Google ZDI Releases Details Regarding Unpatched Windows Vulnerabilities https://www.zerodayinitiative.com/advisories/ZDI-20-666/ https://www.zerodayinitiative.com/advisories/ZDI-20-665/ https://www.zerodayinitiative.com/advisories/ZDI-20-663/ https://www.zerodayinitiative.com/advisories/ZDI-20-662/ https://www.zerodayinitiative.com/advisories/ZDI-20-664/ Research into Phish Detection https://medium.com/@curtbraz/these-arent-the-phish-you-re-looking-for-7374c3986af5

May 26, 2020 • 7min

ISC StormCast for Tuesday, May 26th 2020

Malicious PowerPoint Add-Ins Deliver Malware https://isc.sans.edu/forums/diary/AgentTesla+Delivered+via+a+Malicious+PowerPoint+AddIn/26162/ Virtual Machine Delivers Malware https://news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/ iOS Patch Analysis https://blog.zecops.com/vulnerabilities/hidden-demons-maildemon-patch-analysis-ios-13-4-5-beta-vs-ios-13-5/ eBay Port Scanning https://www.ghacks.net/2020/05/25/ebay-is-port-scanning-your-system-when-you-load-the-webpage/ iPhone Jailbreak https://thehackernews.com/2020/05/iphone-ios-jailbreak-tools.html SANSFIRE https://isc.sans.edu/sansfire

May 22, 2020 • 6min

ISC StormCast for Friday, May 22nd 2020

Malware Triage with FLOSS: API Calls Based Behavior https://isc.sans.edu/forums/diary/Malware+Triage+with+FLOSS+API+Calls+Based+Behavior/26156/ Verizon Breach Report https://enterprise.verizon.com/resources/reports/dbir/ Apple Updates https://support.apple.com/en-us/HT201222 Sophos Firewall Vulnerability Exploit https://news.sophos.com/en-us/2020/05/21/asnarok2/

May 21, 2020 • 6min

ISC StormCast for Thursday, May 21st 2020

IceID Malware Update https://isc.sans.edu/forums/diary/Microsoft+Word+document+with+malicious+macro+pushes+IcedID+Bokbot/26146/ NXNSAttack DNS Amplification https://www.nxnsattack.com/ https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/ Adobe Updates https://helpx.adobe.com/security.html

May 20, 2020 • 7min

ISC StormCast for Wednesday, May 20th 2020

Spike of Scans for Port 62234 https://isc.sans.edu/forums/diary/What+is+up+on+Port+62234/26144/ Cisco Patches https://tools.cisco.com/security/center/publicationListing.x https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB Google Chrome 83 Released https://chromereleases.googleblog.com/ QNAP Vulnerability Details Released https://medium.com/bugbountywriteup/qnap-pre-auth-root-rce-affecting-450k-devices-on-the-internet-d55488d28a05 ISC YouTube Channel https://www.youtube.com/channel/UCfbOsqPmWg1H_34hTjKEW2A

May 19, 2020 • 6min

ISC StormCast for Tuesday, May 19th 2020

Antivirus & Multiple Detections https://isc.sans.edu/forums/diary/Antivirus+Multiple+Detections/26134/ Office 365 Returning Search Results from Other Organizations https://www.theregister.co.uk/2020/05/18/microsoft_office_365_internal_search_mixup/ MagicPairing Vulnerabilities https://arxiv.org/pdf/2005.07255.pdf BIAS: Bluetooth Impersonation AttackS https://francozappa.github.io/about-bias/

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner