SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Oct 4, 2018 • 6min
ISC StormCast for Thursday, October 4th 2018
Identifying a Phisher
https://isc.sans.edu/forums/diary/Identifying+a+phisher/24164/
Phishing via Azure Blob Storage
https://www.netskope.com/blog/phishing-in-the-public-cloud
Zoho Domains Used for Phishing and Keyloggers
https://cofense.com/staggering-amount-stolen-data-heading-zoho-domains/
Dell iDRAC Exploit
https://www.servethehome.com/idracula-vulnerability-impacts-millions-of-legacy-dell-emc-servers/
Oct 3, 2018 • 5min
ISC StormCast for Wednesday, October 3rd 2018
How to Write Yara Rules
https://isc.sans.edu/forums/diary/Developing+YARA+Rules+a+Practical+Example/24158/
GhostDNS DNS Changer Malware
https://blog.netlab.360.com/70-different-types-of-home-routers-all-together-100000-are-being-hijacked-by-ghostdns-en/
Foxit PDF Reader Vulnerabilities
https://www.foxitsoftware.com/support/security-bulletins.php
Apple Laptops Shipped With CPU in Manufacturing Mode
http://blog.ptsecurity.com/2018/10/intel-me-manufacturing-mode-macbook.html
Oct 2, 2018 • 6min
ISC StormCast for Tuesday, October 2nd 2018
Update About Facebook Breach
https://newsroom.fb.com/news/2018/09/security-update/
Adobe Acrobat/Reader Update
https://helpx.adobe.com/security/products/acrobat/apsb18-30.html
SMTP MTA Strict Transport Security (MTA-STS)
https://www.rfc-editor.org/rfc/rfc8461.txt
Oct 1, 2018 • 6min
ISC StormCast for Monday, October 1st 2018
Facebook Leaks more than 50 Million Accounts
https://newsroom.fb.com/news/2018/09/security-update/
Telegram Leaks Local IP Address By Default
https://www.inputzero.io/2018/09/bug-bounty-telegram-cve-2018-17780.html
Site Tricks Users Into Subscribing to Browser Notifications
https://www.bleepingcomputer.com/news/security/sites-trick-users-into-subscribing-to-browser-notification-spam/
DDE Code Injection
https://isc.sans.edu/forums/diary/More+Excel+DDE+Code+Injection/24150/
Sep 28, 2018 • 6min
ISC StormCast for Friday, September 28th 2018
Enriching Radare2 and x64dbg malware analysis with statically decoded strings
https://isc.sans.edu/forums/diary/Enriching+Radare2+and+x64dbg+malware+analysis+with+statically+decoded+strings/24146/
Weaknesses in Apple's Mobile Device Management
https://duo.com/labs/research/mdm-me-maybe
LoJax UEFI Rootkit
https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group/
Sep 27, 2018 • 5min
ISC StormCast for Thursday, September 27th 2018
Emotet Malware Delivery Service Update
https://isc.sans.edu/forums/diary/One+Emotet+infection+leads+to+three+followup+malware+infections/24140/
Fedora Crypto Policy Update Causes SSH Issues
https://bugzilla.redhat.com/show_bug.cgi?id=1631970
Android Banking Trojan Impersonates QRecorder
https://lukasstefanko.com/2018/09/banking-trojan-found-on-google-play-stole-10000-euros-from-victims.html
Google Reverts Changes to Chrome
https://www.blog.google/products/chrome/product-updates-based-your-feedback/amp/
Sep 26, 2018 • 5min
ISC StormCast for Wednesday, September 26th 2018
Firefox Haveibeenpwned Monitor
https://blog.mozilla.org/blog/2018/09/25/introducing-firefox-monitor-helping-people-take-control-after-a-data-breach/
Chrome 69 Privacy Issues
https://www.bleepingcomputer.com/news/google/chrome-69-keeps-googles-cookies-after-you-clear-browser-data/
Cisco FragmentSmack Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment
Micorsoft Bitlocker Turns itself Off During Updates
https://social.technet.microsoft.com/Forums/en-US/0e48536f-40ff-4046-bd08-ed4a39b4840f/bitlocker-automatically-suspending-during-updates?forum=win10itprosecurity
Sep 25, 2018 • 6min
ISC StormCast for Tuesday, September 25th 2018
More Sextortion Emails
https://isc.sans.edu/forums/diary/Sextortion+Spam+and+the+Infinite+Monkey+Theorem/24136/
MacOS 10.14 (Mojahve) Security Fixes
https://support.apple.com/en-us/HT209139
Mojave Privacy Protection Bypass
https://vimeo.com/291491984
Cloudflare Supporting Encrypted SNI
https://blog.cloudflare.com/esni/
Sep 24, 2018 • 5min
ISC StormCast for Monday, September 24th 2018
Odd DNS Requests from Firewalls
https://isc.sans.edu/forums/diary/Suspicious+DNS+Requests+Issued+by+a+Firewall/24128/
Securing API Connections
https://isc.sans.edu/forums/diary/The+danger+of+sending+information+for+API+consumption+without+adequate+security+measures/24130/
Microsoft JET Database 0day
https://www.zerodayinitiative.com/advisories/ZDI-18-1075/
Western Digital Releases Patch for MyCloud Drives
https://support.wdc.com/knowledgebase/answer.aspx?ID=25952&s
Job Offers With Malware Attachment
https://www.bleepingcomputer.com/news/security/malware-disguised-as-job-offers-distributed-on-freelance-sites/
Sep 21, 2018 • 13min
ISC StormCast for Friday, September 21st 2018
Hunting for Suspicious Processes with OSSEC
https://isc.sans.edu/forums/diary/Hunting+for+Suspicious+Processes+with+OSSEC/24122/
NSSLabs Sues Crowdstrike, Symantec, ESET
https://www.nsslabs.com/blog/company/advancing-transparency-and-accountability-in-the-cybersecurity-industry/
Bitcoin Core Vulnerability
https://motherboard.vice.com/amp/en_us/article/qvakp3/a-major-bug-in-bitcoin-software-could-have-crashed-the-currency?__twitter_impression=true
WebAuthn Standard
https://paragonie.com/blog/2018/08/security-concerns-surrounding-webauthn-don-t-implement-ecdaa-yet
https://fidoalliance.org/
