SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Feb 15, 2019 • 6min
ISC StormCast for Friday, February 15th 2019
PDF includes SMB Link
https://isc.sans.edu/forums/diary/Suspicious+PDF+Connecting+to+a+Remote+SMB+Share/24646/
QNAP Malware
https://www.qnap.com/en/security-advisory/nas-201902-13
Bomb Threat Spammers Arrested
https://www.justice.gov/usao-cdca/pr/members-hacker-collective-face-federal-charges-attacking-computer-systems-emailing-mass
Managed Service Providers Targeted By Ransomware
https://www.bleepingcomputer.com/news/security/ransomware-attacks-target-msps-to-mass-infect-customers/
Feb 14, 2019 • 6min
ISC StormCast for Thursday, February 14th 2019
Fake Updates Campaign Still Active in 2019
https://isc.sans.edu/forums/diary/Fake+Updates+campaign+still+active+in+2019/24640/
macOS Malware (Shlayer) Disables Gatekeeper
https://www.carbonblack.com/2019/02/12/tau-threat-intelligence-notification-new-macos-malware-variant-of-shlayer-osx-discovered/
Microsoft Exchange Server Patch (Errata for yesterday's podcast)
https://support.microsoft.com/en-ca/help/4490060/exchange-web-services-push-notifications-can-provide-unauthorized-acce
Cisco Network Assurance Engine Password Synchronization Issue
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos
VFEMail Backup Failure
https://www.vfemail.net/
Feb 13, 2019 • 5min
ISC StormCast for Wednesday, February 13th 2019
Microsoft Patch Tuesday
https://isc.sans.edu/forums/diary/Microsoft+February+2019+Patch+Tuesday/24638/
Adobe Updates
https://helpx.adobe.com/security.html
Ubuntu Linux snapd "dirty_sock" exploit
https://shenaniganslabs.io/2019/02/13/Dirty-Sock.html
Feb 12, 2019 • 5min
ISC StormCast for Tuesday, February 12th 2019
Severe Docker runc Vulnerability
https://seclists.org/oss-sec/2019/q1/119
MacOS Mojave Privacy Flaw
https://lapcatsoftware.com/articles/mojave-privacy3.html
Android Malware Steals Crypto Addresses from Clipboard
https://www.welivesecurity.com/2019/02/08/first-clipper-malware-google-play/
Not An E-Mail Virus, Just Intersting Malware
https://isc.sans.edu/forums/diary/Have+You+Seen+an+Email+Virus+Recently/24634/
Feb 11, 2019 • 7min
ISC StormCast for Monday, February 11th 2019
Phishing Kit with JavaScript Keylogger
https://isc.sans.edu/forums/diary/Phishing+Kit+with+JavaScript+Keylogger/24622/
Phishing Via Google Translate
https://blogs.akamai.com/sitr/2019/02/phishing-attacks-against-facebook-google-via-google-translate.html
iPhone Apps Record Screens
https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/
Packet Challenge
https://johannes.homepc.org/packet10.txt
Feb 8, 2019 • 5min
ISC StormCast for Friday, February 8th 2019
Value of UAC
https://isc.sans.edu/forums/diary/UAC+is+not+all+that+bad+really/24620/
Apple Releases Facetime Patch
https://support.apple.com/en-us/HT201222
Skype Video Now Allows For Blurred Background
https://blogs.skype.com/news/2019/02/06/introducing-background-blur-in-skype/
Microsoft Exchange Server Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv190007
Feb 6, 2019 • 6min
ISC StormCast for Thursday, February 7th 2019
Android Monthly Security Update
https://source.android.com/security/bulletin/2019-02-01.html
Skia Graphics Library Vulnerability
https://googleprojectzero.blogspot.com/2019/02/the-curious-case-of-convexity-confusion.html
Google Chrome Password Check
https://chrome.google.com/webstore/detail/password-checkup/pncabnpcffmalkkjpajodfhijclecjno/related
Hancitor HelloFax Malspam
https://isc.sans.edu/forums/diary/Hancitor+malspam+and+infection+traffic+from+Tuesday+20190205/24616/
Feb 6, 2019 • 7min
ISC StormCast for Wednesday, February 6th 2019
Mitigations against Mimikatz Style Attacks
https://isc.sans.edu/forums/diary/Mitigations+against+Mimikatz+Style+Attacks/24612/
LibreOffice Macro Vulnerability
https://insert-script.blogspot.com/2019/02/libreoffice-cve-2018-16858-remote-code.html
Firefox 65 Breaks HTTPS AV Scanning
https://bugzilla.mozilla.org/show_bug.cgi?id=1523701
RDP Client Vulnerabilities
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/
DNS "Lookingglass"
https://isc.sans.edu/tools/dnslookup.html
Feb 5, 2019 • 5min
ISC StormCast for Tuesday, February 5th 2019
Exploiting Struts in vCenter
https://isc.sans.edu/forums/diary/Struts+Vulnerability+CVE20175638+on+VMware+vCenter+the+Gift+that+Keeps+on+Giving/24606/
Wikipedia Tech Support Scam
https://isc.sans.edu/forums/diary/Wikipedia+Articles+as+part+of+Tech+Support+Scamming+Campaigns/24608/
Stealing MacOS Keychain
https://www.youtube.com/watch?v=nYTBZ9iPqsU
Beauty Camera Ads for Android include Adware
https://blog.trendmicro.com/trendlabs-security-intelligence/various-google-play-beauty-camera-apps-sends-users-pornographic-content-redirects-them-to-phishing-websites-and-collects-their-pictures/
Feb 4, 2019 • 8min
ISC StormCast for Monday, February 4th 2019
Sextortion EMail Update
https://isc.sans.edu/forums/diary/Sextortion+Follow+the+Money+Part+3+The+cashout+begins/24592/
Ubiquity Devices Used in DDoS Attack
https://blog.rapid7.com/2019/02/01/ubiquiti-discovery-service-exposures/?fbclid=IwAR0OUPQIfSV7YsBLvkjoC2WIbe_E4p9WGAM4LCTsL9TKr30I7aQ2Qwqoins
Google Chrome Experimenting with Typo Domain Detection
https://www.usenix.org/conference/enigma2019/presentation/stark
YouTube Copyright Extortion
https://www.youtube.com/watch?v=Q0i-sLESXqo
