SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Nov 6, 2019 • 6min

ISC StormCast for Wednesday, November 6th 2019

Formbook Malspam https://isc.sans.edu/forums/diary/Malspam+pushing+Formbook+info+stealer/23387/ Honeypot Update https://github.com/DShield-ISC/dshield Office on Mac XLM Macros https://kb.cert.org/vuls/id/125336/ Firefox Browser Lock Bug Exploited https://bugzilla.mozilla.org/show_bug.cgi?id=1593795 libarchive use after free vulnerability https://medium.com/@social_62682/new-libarchive-use-after-free-vulnerability-36c4b141fe89

Nov 5, 2019 • 6min

ISC StormCast for Tuesday, November 5th 2019

Clam AV Vulnerability https://twitter.com/hackerfantastic/status/1190685521153937408 https://pastebin.com/cfP7X89m XCode Vulnerability https://support.apple.com/en-is/HT210729 MikroTik DNS Cache Poisoning https://blog.mikrotik.com/security/dns-cache-poisoning-vulnerability.html

Nov 4, 2019 • 6min

ISC StormCast for Monday, November 4th 2019

Critical Google Chrome Update Fixes Exploited Vulnerability https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html Blue Keep Vulnerability Mass Exploited to Install Crypto Coin Miner https://www.kryptoslogic.com/blog/2019/11/bluekeep-cve-2019-0708-exploitation-spotted-in-the-wild/ rConfig Vulnerabilities https://shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662/

Nov 1, 2019 • 6min

ISC StormCast for Friday, November 1st 2019

Phishing Made Easy With EML Files and Outlook 365 https://isc.sans.edu/forums/diary/EML+attachments+in+O365+a+recipe+for+phishing/25474/ Microsoft TLS Security Enhancements Lead to Timeouts https://support.microsoft.com/en-us/help/4528489/transport-layer-security-tls-connections-might-intermittently-fail-or MESSAGETAP: Who's Reading Your Text Messages https://www.fireeye.com/blog/threat-research/2019/10/messagetap-who-is-reading-your-text-messages.html Amazon Authentication Failure for 3rd Party Devices https://old.reddit.com/r/sysadmin/comments/dpbt3t/the_perils_of_security_and_how_i_finally_resolved/

Oct 31, 2019 • 7min

ISC StormCast for Thursday, October 31st 2019

Apple Security Updates Details Released https://support.apple.com/en-us/HT201222 Untitled Goose Deserialization https://pulsesecurity.co.nz/advisories/untitled-goose-game-deserialization Insecure Pagers Leak Medical Data https://techcrunch.com/2019/10/30/nhs-pagers-medical-health-data/ Kibana Vulnerablity https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/

Oct 30, 2019 • 6min

ISC StormCast for Wednesday, October 30th 2019

xHelper Android Malware https://www.symantec.com/blogs/threat-intelligence/xhelper-android-malware Counterstrike Game Keys Used for Money Laundry https://blog.counter-strike.net/index.php/2019/10/26113/ Greating PCAP Files From YAML https://isc.sans.edu/forums/diary/Generating+PCAP+Files+from+YAML/25464/

Oct 29, 2019 • 5min

ISC StormCast for Tuesday, October 29th 2019

PHP 7 Remote Code Execution Vulnerability Exploited https://lab.wallarm.com/php-remote-code-execution-0-day-discovered-in-real-world-ctf-exercise/ https://github.com/neex/phuip-fpizdam Finding Shellcode with scdbg https://isc.sans.edu/forums/diary/Using+scdbg+to+Find+Shellcode/25460/ Apple iOS / tvOS / Safari Updates https://support.apple.com/en-us/HT201222 Sextortion Attempts Are Targeting Blogs https://www.bleepingcomputer.com/news/security/blogger-and-wordpress-sites-hacked-to-show-sextortion-scams/

Oct 28, 2019 • 6min

ISC StormCast for Monday, October 28th 2019

Odd Double Base64 Endoded "BS_REAL_IP" Header https://isc.sans.edu/forums/diary/Unusual+Activity+with+Double+Base64+Encoding/25458/ DNS Archeology With PowerShell https://isc.sans.edu/forums/diary/More+on+DNS+Archeology+with+PowerShell/25452/ iOS Appstore Malware https://www.wandera.com/mobile-security/ios-trojan-malware/ British Law Enforcement Misses Malware Reports Due to Anti-Malware https://www.theregister.co.uk/2019/10/24/hmicfrs_report_cyber_crime/

Oct 25, 2019 • 7min

ISC StormCast for Friday, October 25th 2019

XML External Entity Vuln in LSP4XML Affects Various Developer Tools https://www.shielder.it/blog/dont-open-that-xml-xxe-to-rce-in-xml-plugins-for-vs-code-eclipse-theia/?preview=true Google Chrome Will Make "SameSite" Default https://blog.chromium.org/2019/10/developers-get-ready-for-new.html Leftover Gigamon Configurations https://isc.sans.edu/forums/diary/Your+Supply+Chain+Doesnt+End+At+Receiving+How+Do+You+Decommission+Network+Equipment/25448/

Oct 24, 2019 • 5min

ISC StormCast for Thursday, October 24th 2019

FTC Issues SIM Swapping Guidance https://www.consumer.ftc.gov/blog/2019/10/sim-swap-scams-how-protect-yourself Discord Used as Info Stealer Backdoor https://www.bleepingcomputer.com/news/security/discord-turned-into-an-info-stealing-backdoor-by-new-malware/ Cisco Exploit Code https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass Tails 4.0 Released https://tails.boum.org/news/version_4.0/index.en.html

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner