SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Jan 5, 2018 • 8min
ISC StormCast for Friday, January 5th 2018
SANS Special Webcast
https://www.sans.org/webcast/recording/citrix/106815/138095
ISC Diary with Links to Patches
https://isc.sans.edu/forums/diary/Spectre+and+Meltdown+What+You+Need+to+Know+Right+Now/23193/
Jan 4, 2018 • 8min
ISC StormCast for Thursday, January 4th 2018
Intel CPU Vulnerablity
https://meltdownattack.com
Crypto Coin Mining Pool IP List
https://isc.sans.edu/api/threatlist/miner
Phishing to Rural America Leads to Six-figure Wire Fraud Losses
https://isc.sans.edu/forums/diary/Phishing+to+Rural+America+Leads+to+Sixfigure+Wire+Fraud+Losses/23185/
Jan 3, 2018 • 7min
ISC StormCast for Wednesday, January 3rd 2018
Extracting URLs From PDFs
https://isc.sans.edu/forums/diary/PDF+documents+URLs+update/23167/
Priviledge Escalation Exploit for macOS
https://siguza.github.io/IOHIDeous/
34C3: Chaos Communications Congress
https://media.ccc.de/c/34c3
Vulnerabilities in Online Geolocation Services
https://0x0.li/trackmageddon/
Jan 1, 2018 • 7min
ISC StormCast for Tuesday, January 2nd 2018
Analyzing TNEF Files
https://isc.sans.edu/forums/diary/Analyzing+TNEF+files/23175/
Obfuscated RTF Files
https://isc.sans.edu/forums/diary/Dealing+with+obfuscated+RTF+files/23169/
2017 Flood of CVEs
https://isc.sans.edu/forums/diary/2017+The+Flood+of+CVEs/23173/
Sonos/Bose Smart Speaker Flaws
https://documents.trendmicro.com/assets/pdf/The-Sound-of-a-Targeted-Attack.pdf
Web Trackers Exploit Login Managers
https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/
Backdoored Wordpress Plugins
https://www.bleepingcomputer.com/news/security/three-more-wordpress-plugins-found-hiding-a-backdoor/
Dec 22, 2017 • 6min
ISC StormCast for Friday, December 22nd 2017
Critical Flaw in SMBv1 Implementation of Dell EMC Data Domain DD OS
http://seclists.org/fulldisclosure/2017/Dec/79
Facebook Enables Feature To Review All E-Mails Sent By Facebook
https://www.facebook.com/notes/facebook-security/new-security-feature-reveals-if-facebook-mails-are-legit/10154983636230766/
EtherDelta DNS Attack
https://twitter.com/etherdelta
Enigmail Vulnerability
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
Dec 21, 2017 • 5min
ISC StormCast for Thursday, December 21st 2017
Kernel Hooking Basics
https://isc.sans.edu/forums/diary/Guest+Diary+Etay+Nir+Kernel+Hooking+Basics/23155/
Intel Memory Encryption
https://software.intel.com/sites/default/files/managed/a5/16/Multi-Key-Total-Memory-Encryption-Spec.pdf
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=33e63acc119d15c2fac3e3775f32d1ce7a01021b
WordPress Sites Infected with Monero Miners
https://www.wordfence.com/blog/2017/12/aggressive-brute-force-wordpress-attack/
Dec 20, 2017 • 5min
ISC StormCast for Wednesday, December 20th 2017
Example of "MouseOver" Link in a Powerpoint File
https://isc.sans.edu/forums/diary/Example+of+MouseOver+Link+in+a+Powerpoint+File/23149/
Adups Malware Still Haunting Android Phones
https://blog.malwarebytes.com/cybercrime/2017/12/mobile-menace-monday-upping-the-ante-on-adups-fwupgradeprovider/
Popular Wordpress Captcha Included Backdoor
https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/
Comparing DNS Filters
https://medium.com/@nykolas.z/dns-security-filters-compared-quad9-x-opendns-x-comodo-secure-x-norton-connectsafe-x-yandex-safe-a00ace3bf21f
Dec 19, 2017 • 5min
ISC StormCast for Tuesday, December 19th 2017
Not So Malicious Word Doc
https://isc.sans.edu/forums/diary/Phish+or+scam+Part+1/23141/
https://isc.sans.edu/forums/diary/Phish+or+scam+Part+2/23145/
AMF Descerializer Vulnerability
http://codewhitesec.blogspot.com/2017/04/amf.html?m=1
Windows "Keeper" Password Manager Vulnerable
https://bugs.chromium.org/p/project-zero/issues/detail?id=1481&desc=3
Android Malware Destroys Device
https://securelist.com/jack-of-all-trades/83470/
Dec 18, 2017 • 6min
ISC StormCast for Monday, December 18th 2017
Microsoft Office VBA Macro Obfuscation via Metadata
https://isc.sans.edu/forums/diary/Microsoft+Office+VBA+Macro+Obfuscation+via+Metadata/23139/
Large Scale BGP Attack
https://bgpmon.net/popular-destinations-rerouted-to-russia/
HSTS and HPKP Weaknesses in Firefox, IE/Edge and Chrome
http://blog.en.elevenpaths.com/2017/12/breaking-out-hsts-and-hpkp-on-firefox.html
Dec 15, 2017 • 5min
ISC StormCast for Friday, December 15th 2017
Citizen Lab Security Planner
https://securityplanner.org/
Apple Update to iOS/tvOS/iCloud (Windows)
https://support.apple.com/en-us/HT201222
Fortinet Client Credentials Shared Key
https://www.sec-consult.com/en/blog/advisories/vpn-credentials-disclosure-in-fortinet-forticlient/index.html
Fox-It Victim of a Man-in-the-Middle Attack
https://blog.fox-it.com/2017/12/14/lessons-learned-from-a-man-in-the-middle-attack/
