SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Nov 30, 2018 • 14min

ISC StormCast for Friday, November 30th 2018

Russian Language Malspam Pushing Shade (Troldesh) Ransomware https://isc.sans.edu/forums/diary/Russian+language+malspam+pushing+Shade+Troldesh+ransomware/24358/ Scamclub Malvertising Against iOS Users https://blog.confiant.com/malvertising-attack-hijacks-300-million-sessions-over-48-hours-9d0218fe02cd Andre Shori: To Block Or Not To Block? Impact and Analysis of Actively Blocking Shodan Scans http://www.sans.org/reading-room/whitepapers/networksecurity/block-block-impact-analysis-actively-blocking-shodan-scans-38645

Nov 29, 2018 • 6min

ISC StormCast for Thursday, November 29th 2018

Obfuscated Shell Scripts: Fake MacOS Flash Updates https://isc.sans.edu/forums/diary/More+obfuscated+shell+scripts+Fake+MacOS+Flash+update/24352/ Sennheiser HeadSetup Certificate Authority Install https://www.secorvo.de/publikationen/headsetup-vulnerability-report-secorvo-2018.pdf Microsoft Fixes Shared Folder Permission Deletion Problem https://support.microsoft.com/en-us/help/4467684/windows-10-update-kb4467684 3ve Botnet Dismanteled https://services.google.com/fh/files/blogs/3ve_google_whiteops_whitepaper_final_nov_2018.pdf

Nov 28, 2018 • 5min

ISC StormCast for Wednesday, November 28th 2018

Obfuscated QNAP bash Malware; https://isc.sans.edu/forums/diary/Obfuscated+bash+script+targeting+QNap+boxes/24348/ Half of All Phishing Sites Use HTTPS https://krebsonsecurity.com/2018/11/half-of-all-phishing-sites-now-have-the-padlock/ Chrome and Firefox to Remove FTP Support https://www.bleepingcomputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/ California Wildfire Used in BEC Scams https://www.agari.com/identity-intelligence-blog/california-wildfire-email-scams/

Nov 27, 2018 • 6min

ISC StormCast for Tuesday, November 27th 2018

ViperMonkey: VBA Maldoc Deobfuscation https://isc.sans.edu/forums/diary/ViperMonkey+VBA+maldoc+deobfuscation/24346/ Malicious NPM Libraries https://medium.com/@cnorthwood/todays-javascript-trash-fire-and-pile-on-f3efcf8ac8c7 Turning Your BMC Into A Revolving Door https://www.synacktiv.com/ressources/zeronights_2018_turning_your_bmc_into_a_revolving_door.pdf

Nov 26, 2018 • 6min

ISC StormCast for Monday, November 26th 2018

Attacks Against Docker API https://isc.sans.edu/forums/diary/Moby+the+Shark/24340/ Mirai Like Attack Hitting Hadoop https://asert.arbornetworks.com/mirai-not-just-for-iot-anymore/ New Rowhammer Variant Effects ECC Memory https://www.vusec.net/projects/eccploit/

Nov 21, 2018 • 3min

ISC StormCast for Wednesday, November 21st 2018

Critical Flash Update https://helpx.adobe.com/security/products/flash-player/apsb18-44.html Thanksgiving Lure for Emotet https://www.forcepoint.com/blog/security-labs/thanks-giving-emotet

Nov 20, 2018 • 5min

ISC StormCast for Tuesday, November 20th 2018

Google Play Malware https://twitter.com/LukasStefanko ATM Vulnerabilities https://www.ptsecurity.com/upload/corporate/ww-en/analytics/ATM-Vulnerabilities-2018-eng.pdf Nagios XI Update https://www.tenable.com/security/research/tra-2018-37

Nov 18, 2018 • 5min

ISC StormCast for Monday, November 19th 2018

Multipurpose PCAP Analysis Tool https://isc.sans.edu/forums/diary/Multipurpose+PCAP+Analysis+Tool/24322/ Quickly Investigating Websites with Lookyloo https://isc.sans.edu/forums/diary/Quickly+Investigating+Websites+with+Lookyloo/24320/ From Field Spoofing in GMail https://blog.cotten.io/hacking-gmail-with-weird-from-fields-d6494254722f?gi=ce61de4cb006

Nov 16, 2018 • 15min

ISC StormCast for Friday, November 16th 2018

Emotet Spreading IcedID Banking Malware https://isc.sans.edu/forums/diary/Emotet+infection+with+IcedID+banking+Trojan/24312/ Crypto Miners Abusing Insecure Docker Installs https://forums.juniper.net/t5/Threat-Research/Container-Malware-Miners-Go-Docker-Hunting-In-The-Cloud/ba-p/400587 GPS Watches Can Be Used To Track Kids https://www.pentestpartners.com/security-blog/tracking-and-snooping-on-a-million-kids/ Firefox Will Notify Users of Breached Sites https://blog.mozilla.org/blog/2018/11/14/firefox-monitor-launches-in-26-languages-and-adds-new-desktop-browser-feature/ David Kennel: All-Seeing Eye or Blind Man? Understanding the Linux Kernel Auditing System https://www.sans.org/reading-room/whitepapers/linux/all-seeing-eye-blind-man-understanding-linux-kernel-auditing-system-38605

Nov 15, 2018 • 6min

ISC StormCast for Thursday, November 15th 2018

Details about Zero Day Exploit Taking Advantage of Win32k Vuln. https://securelist.com/a-new-exploit-for-zero-day-vulnerability-cve-2018-8589/88845/ PacSec Pwn2Own Results https://www.zerodayinitiative.com/blog/2018/11/13/pwn2own-tokyo-2018-day-one-results https://www.zerodayinitiative.com/blog/2018/11/14/pwn2own-tokyo-2018-day-two-results-and-master-of-pwn More Spectre/Meltdown Flaws https://arxiv.org/pdf/1811.05441.pdf

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner