SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

May 24, 2019 • 6min

ISC StormCast for Friday, May 24th 2019

Dangers of Custom URL Schemes https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/ Update on Phyiscal Skimmer Market https://www.advanced-intel.com/blog/skimming-threat-landscape-technology-advances-lower-barriers-of-entry-for-novice-skimming-operators Apple Supplemental Update For masOS 10.14.5 https://support.apple.com/kb/DL2005?locale=en_US Microsoft Releases Advanced Threat Protection for MacOS https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Defender-ATP-for-Mac-now-in-open-public-preview/ba-p/634603

May 22, 2019 • 6min

ISC StormCast for Thursday, May 23rd 2019

An Update on the Microsoft Windows RDP BlueKeep Vulnerablity https://isc.sans.edu/forums/diary/An+Update+on+the+Microsoft+Windows+RDP+Bluekeep+Vulnerability+CVE20190708+now+with+pcaps/24960/ New Zero Day Exploits by SandboxEscaper https://github.com/SandboxEscaper/polarbearrepo Signed Exploit Code https://medium.com/@chroniclesec/abusing-code-signing-for-profit-ef80a37b50f4

May 21, 2019 • 6min

ISC StormCast for Wednesday, May 22nd 2019

Setting Up Shodan Monitoring https://isc.sans.edu/forums/diary/Using+Shodan+Monitoring/24956/ Fingerprinting Smartphones With Gyroscope Data https://sensorid.cl.cam.ac.uk/ 20% of Linux Docker Containers Without Password https://www.kennasecurity.com/20-of-the-1000-most-popular-docker-containers-have-no-root-password/ RDP #bluekeep Signature For Snort/Suricata https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt

May 20, 2019 • 5min

ISC StormCast for Tuesday, May 21st 2019

MSFT RDP Vulnerability (#BlueKeep) Update https://twitter.com/search?q=%23bluekeep Sharepoint Exploited https://isc.sans.edu/forums/diary/CVE20190604+Attack/24952/ Risks of JWT https://snikt.net/blog/2019/05/16/jwt-signature-vs-mac-attacks/ MuddyWater Campaign Evolves https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html

May 19, 2019 • 6min

ISC StormCast for Monday, May 20th 2019

Google Analyzes Vendor Response to 0-Day Exploits https://googleprojectzero.blogspot.com/p/0day.html ASUS WebStorage Abused For Malware Distribution https://www.welivesecurity.com/2019/05/14/plead-malware-mitm-asus-webstorage/ Vulnerabilities in Apple Air Drop https://www.usenix.org/system/files/sec19fall_stute_prepub.pdf

May 17, 2019 • 6min

ISC StormCast for Friday, May 17th 2019

The Risk of Authenticated Vulnerability Scans https://isc.sans.edu/forums/diary/The+Risk+of+Authenticated+Vulnerability+Scans/24942/ ARIN Revokes about 735,000 IP Addresses https://www.arin.net/vault/about_us/media/releases/20190513.html More Cisco Patches (Prime Infrastructure, EPN Manager) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-pi-rce Instrument Landing Systems Spoofing https://aanjhan.com/assets/ils_usenix2019.pdf

May 16, 2019 • 5min

ISC StormCast for Thursday, May 16th 2019

Forbes Website Infected by Magecart https://twitter.com/bad_packets/status/1128517905765683201 Malware Randomizes TLS Ciphers https://blogs.akamai.com/sitr/2019/05/bots-tampering-with-tls-to-avoid-detection.html Google Recalls Titan Security Keys https://security.googleblog.com/2019/05/titan-keys-update.html SAMBA Update https://www.samba.org/samba/security/CVE-2018-16860.html SAP Patches https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032

May 15, 2019 • 6min

ISC StormCast for Wednesday, May 15th 2019

New Intel CPU Vulnerabilities https://cpu.fail/ Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+May+2019+Patch+Tuesday/24934/ Apple Updates https://support.apple.com/en-us/HT201222 Broken Trustseal https://twitter.com/gwillem/status/1127890329175244800 https://twitter.com/bestoftheweb/status/1128036593208524800

May 14, 2019 • 6min

ISC StormCast for Tuesday, May 14th 2019

Linux Remote Code Execution When Closing TCP Sockets https://github.com/torvalds/linux/commit/cb66ddd156203daefb8d71158036b27b0e2caf63 WhatsApp Buffer Overflow Exploited to Install Spyware https://www.facebook.com/security/advisories/cve-2019-3568 Cisco Vulnerabilities Lead to Trust Anchor Module Exploit https://thrangrycat.com/ Linksys Unauthenticated Information Leak https://badpackets.net/over-25000-linksys-smart-wi-fi-routers-vulnerable-to-sensitive-information-disclosure-flaw/

May 13, 2019 • 5min

ISC StormCast for Monday, May 13th 2019

DSSuite - A Docker Container with Didier's Tools https://isc.sans.edu/forums/diary/DSSuite+A+Docker+Container+with+Didiers+Tools/24926/ Sqlite3 Vulnerability https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0777 NVidia Updates https://nvidia.custhelp.com/app/answers/detail/a_id/4797 Windows 10 FIDO2 Certified https://fidoalliance.org/microsoft-achieves-fido2-certification-for-windows-hello/ Google May Remove ADB Backup/Restore from Future Android Versions https://www.xda-developers.com/adb-backup-and-restore-depreciated/

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner