SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Sep 19, 2017 • 8min

ISC StormCast for Tuesday, September 19th 2017

CCleaner Compromise http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users Word INCLUDEPICTURE Feature Abuse https://securelist.com/an-undocumented-word-feature-abused-by-attackers/81899/ security.txt file https://www.ietf.org/id/draft-foudil-securitytxt-00.txt https://www.ietf.org/rfc/rfc2142.txt

Sep 18, 2017 • 6min

ISC StormCast for Monday, September 18th 2017

Bashware: Bypassing Windows Security via Linux (WSL) https://research.checkpoint.com/beware-bashware-new-method-malware-bypass-security-solutions/ Javascript Rogue Crypto Currency Miner https://www.welivesecurity.com/2017/09/14/cryptocurrency-web-mining-union-profit/ NodeJS Hash Table DoS https://medium.com/@ahmadbamieh/nodejs-constant-hashtables-seeds-vulnerability-f03bf70e3593 HTTPS Interception https://blog.cloudflare.com/understanding-the-prevalence-of-web-traffic-interception/

Sep 15, 2017 • 5min

ISC StormCast for Friday, September 15th 2017

Another Webshell; Another Backdoor https://isc.sans.edu/forums/diary/Another+webshell+another+backdoor/22826/ D-Link Vulnerability https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html Chrome To Label FTP As Insecure https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/HknIAQwMoWo/xYyezYV5AAAJ More Google Play Store Malware https://blog.checkpoint.com/2017/09/14/expensivewall-dangerous-packed-malware-google-play-will-hit-wallet/ Elasticsearch Botnet https://mackeepersecurity.com/post/kromtech-discovers-massive-elasticsearch-infected-malware-botnet

Sep 14, 2017 • 5min

ISC StormCast for Thursday, September 14th 2017

No IPv6? Challenge Accepted https://isc.sans.edu/forums/diary/No+IPv6+Challenge+Accepted+Part+1/22820/ Exploiting CVE-2017-8759 https://www.mdsec.co.uk/2017/09/exploiting-cve-2017-8759-soap-wsdl-parser-code-injection/ Wordpress Plugin Found With Backdoor https://www.pluginvulnerabilities.com/2017/09/11/wordpress-poor-handling-of-plugin-security-exacerbates-malicious-takeover-of-display-widgets/

Sep 13, 2017 • 6min

ISC StormCast for Wednesday, September 13th 2017

Microsoft Patch Tuesday https://www.fireeye.com/blog/threat-research/2017/09/zero-day-used-to-distribute-finspy.html https://technet.microsoft.com/security/advisories BlueBorne Bluetooth Vulnerability http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf

Sep 12, 2017 • 7min

ISC StormCast for Tuesday, September 12th 2017

Cisco Struts Updates https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170909-struts2-rce Google Chrome Warning Users of Anti-Malware SSL Interception https://twitter.com/sashaperigo/status/906263091624591360 Machinelearning To Identify Malicious TLS Connections https://arxiv.org/pdf/1607.01639.pdf Comodo Breaking CAA Standard https://www.mail-archive.com/dev-security-policy@lists.mozilla.org/msg08027.html

Sep 11, 2017 • 6min

ISC StormCast for Monday, September 11th 2017

Analyzing JPEG Files https://isc.sans.edu/forums/diary/Analyzing+JPEG+files/22806/ Auditing Windows With WINspect https://isc.sans.edu/forums/diary/Windows+Auditing+with+WINspect/22810/ Windows PSSetLoadImageNotifyRoutine Vulnerability https://breakingmalware.com/documentation/windows-pssetloadimagenotifyroutine-callbacks-good-bad-unclear-part-1/ IOTA Cryptocurrency Vulnerable Hash Function https://medium.com/@neha/cryptographic-vulnerabilities-in-iota-9a6a9ddc4367

Sep 8, 2017 • 16min

ISC StormCast for Friday, September 8th 2017

Yet Another Struts RCE Vulnerability https://struts.apache.org/docs/s2-053.html Equifax Compromise https://www.bloomberg.com/news/articles/2017-09-07/three-equifax-executives-sold-stock-before-revealing-cyber-hack Hash Extension Flaws https://isc.sans.edu/forums/diary/Modern+Web+Application+Penetration+Testing+Hash+Length+Extension+Attacks/22792/ Matt Hosburgh: Offensive Intrusion Analysis: Uncovering Insiders with Threat Hunting and Active Defense

Sep 7, 2017 • 5min

ISC StormCast for Thursday, September 7th 2017

Struts2 Metasploit Module https://github.com/rapid7/metasploit-framework/pull/8924/commits/5ea83fee5ee8c23ad95608b7e2022db5b48340ef Google Docs Table With Hacked MongoDB Databases https://docs.google.com/spreadsheets/d/1QonE9oeMOQHVh8heFIyeqrjfKEViL0poLnY8mAakKhM/edit#gid=1781677175 Bypassing Cloudflare https://rhinosecuritylabs.com/cloud-security/cloudflare-bypassing-cloud-security/

Sep 6, 2017 • 7min

ISC StormCast for Wednesday, September 6th 2017

A Look Back At Nira and What's Next https://isc.sans.edu/forums/diary/The+Mirai+Botnet+A+Look+Back+and+Ahead+At+Whats+Next/22786/ New Struts Vulnerability and Patch https://isc.sans.edu/forums/diary/Struts+vulnerability+patch+released+by+apache+patch+now/22788 Mastercard Internet Gateway Service Flaw http://tinyhack.com/2017/09/05/mastercard-internet-gateway-service-hashing-design-flaw/ Mac OS X High Sierra Insecure Kernel Module Loading https://objective-see.com/blog/blog_0x21.html

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner