SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Aug 7, 2017 • 6min
ISC StormCast for Monday, August 7th 2017
Opengraph Used to Obfuscate Facebook Links
https://isc.sans.edu/forums/diary/Use+of+the+Open+Graph+Protocol+to+Disguise+Malicious+Facebook+Links/22684/
Cerber Adding Bitcoin and Password Stealer to Crypto Ransomware
http://blog.trendmicro.com/trendlabs-security-intelligence/cerber-ransomware-evolves-now-steals-bitcoin-wallets/
Symantec Selling Certificate Business To Digicert
https://www.heise.de/security/meldung/Nachspiel-einer-fatalen-Panne-Symantec-verkauft-Zertifikatssparte-an-DigiCert-3793482.html
Siemens Medical Imaging Systems Vulnerable to Old Windows Flaws
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-822184.pdf
Aug 4, 2017 • 6min
ISC StormCast for Friday, August 4th 2017
Raspberry Pi Honeypot
https://github.com/DShield-ISC/dshield
Troy Hunt Releases Password List
https://haveibeenpwned.com/Passwords
Typosquatting npm Packages
http://blog.npmjs.org/post/163723642530/crossenv-malware-on-the-npm-registry
SEC503: Intrusion Detection in Depth Berlin (Oct 23rd-28th)
https://www.sans.org/event/berlin-2017/course/intrusion-detection-in-depth
Aug 2, 2017 • 5min
ISC StormCast for Thursday, August 3rd 2017
Attacking NoSQL Applications
https://isc.sans.edu/forums/diary/Attacking+NoSQL+applications+part+2/22676/
Web Developer Chrome Toolbar Replaced with AdWare
https://twitter.com/chrispederick
Android Banking Trojans
https://securelist.com/a-new-era-in-mobile-banking-trojans/79198/
Amazon Stops Selling Blu Smartphones
http://www.zdnet.com/article/amazon-halts-blu-phone-sales-over-potential-security-issue/
Aug 2, 2017 • 6min
ISC StormCast for Wednesday, August 2nd 2017
Detect SMB Versions with nmap
https://isc.sans.edu/forums/diary/Rooting+Out+Hosts+that+Support+Older+Samba+Versions/22672/
CopyFish Google Chrome Extension Replaced by Adware
https://a9t9.com/blog/chrome-extension-adware/
StartCom Applying to be Included in Mozilla SSL CAs again
https://bugzilla.mozilla.org/show_bug.cgi?id=1311832#c12
McAffee Uses Mixed SSL/nonSSL Content For Online Malware Scan
https://blogs.securiteam.com/index.php/archives/3350
Netflix Releases DoS Testing Tool
https://medium.com/netflix-techblog/starting-the-avalanche-640e69b14a06
Aug 1, 2017 • 6min
ISC StormCast for Tuesday, August 1st 2017
MSFT Re-Releases June Outlook Update
https://support.office.com/en-us/article/Outlook-known-issues-in-the-June-2017-security-updates-3f6dbffd-8505-492d-b19f-b3b89369ed9b?ui=en-US&rs=en-US&ad=US&fromAR=1
Iranian Hackers Use Social Media To Collect Data
https://www.darkreading.com/attacks-breaches/iranian-hackers-ensnared-targets-via-phony-female-photographer/d/d-id/1329502?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
ShieldFS Self Healing Filesystem
http://shieldfs.necst.it/continella-shieldfs-2016.pdf
Jul 31, 2017 • 6min
ISC StormCast for Monday, July 31st 2017
SMBloris DoS Attack Locks Up Windows
https://twitter.com/jennamagius/status/891434286212984832
https://isc.sans.edu/forums/diary/SMBLoris+the+new+SMB+flaw/22662/
Text Banking Attacks
https://isc.sans.edu/forums/diary/Text+Banking+Scams/22666/
Nissan Leaf WiFi Vulnerability
https://github.com/HackingThings/Publications/blob/cdb72df7c3feffd02593a31d67a34ae353b09114/2017/DC25_Driving%20down%20the%20rabbit%20hole-Mickey_Jesse_Oleksander.pdf
Jul 28, 2017 • 14min
ISC StormCast for Friday, July 28th 2017
Targeting HTTP's Hidden Attack-Surface
http://blog.portswigger.net/2017/07/cracking-lens-targeting-https-hidden.html
Petya/Goldeneye Decrypter
https://blog.malwarebytes.com/malwarebytes-news/2017/07/bye-bye-petya-decryptor-old-versions-released/
TinyPot, My Small Honeypot
https://isc.sans.edu/forums/diary/TinyPot+My+Small+Honeypot/22654/
Shaun McCullough
https://www.sans.org/reading-room/whitepapers/testing/docker-create-multi-container-environments-research-sharing-lateral-movement-37855
Jul 27, 2017 • 5min
ISC StormCast for Thursday, July 27th 2017
Malspam Pushing Emotet Malware
https://isc.sans.edu/forums/diary/Malspam+pushing+Emotet+malware/22650/
Broadpwn Released
http://blog.exodusintel.com/2017/07/26/broadpwn/
Microsoft Announces Windows 10 Bug Bounty
https://blogs.technet.microsoft.com/msrc/2017/07/26/announcing-the-windows-bounty-program/
Custom Map Vulnearbilty in Valve Games
https://oneupsecurity.com/research/remote-code-execution-in-source-games
Jul 26, 2017 • 6min
ISC StormCast for Wednesday, July 26th 2017
Adobe Announces End of Flash for 2020
https://blogs.adobe.com/conversations/2017/07/adobe-flash-update.html
JA3 Hash To Fingerprint SSL/TLS Connections
https://github.com/salesforce/ja3
https://engineering.salesforce.com/open-sourcing-ja3-92c9e53c3c41
New Wave of Apple iCloud Ransom Attacks
https://www.heise.de/mac-and-i/meldung/Erneut-iCloud-Erpressungswelle-ueber-Meinen-Mac-suchen-und-Mein-iPhone-suchen-3782075.html
Jul 25, 2017 • 7min
ISC StormCast for Tuesday, July 25th 2017
Uber Drivers Targeted in Social Engineering Scam
https://isc.sans.edu/forums/diary/Uber+drivers+new+threat+the+passenger/22626/
Mac Malware FruitFly2
https://motherboard.vice.com/en_us/article/zmv79w/mysterious-mac-malware-has-infected-hundreds-of-victims-for-years
Exploit Released for Critical Netscaler SD WAN 9.1.2 Vulnerability
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6316
