SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
May 24, 2017 • 6min
ISC StormCast for Wednesday, May 24th 2017
Multiple Video Players are Vulnerable to Code Execution via Subtitle Files
http://blog.checkpoint.com/2017/05/23/hacked-in-translation/
Samsung Galaxy S8 Iris Scanner Bypass
https://www.ccc.de/en/updates/2017/iriden
Verizon XSS Flaw in Web Messaging Application
https://randywestergren.com/xss-sms-hacking-text-messages-verizon-messages
May 23, 2017 • 7min
ISC StormCast for Tuesday, May 23rd 2017
Fake "Uber Disputes" Site Lures Victims With Valid TLS Certificate
https://isc.sans.edu/forums/diary/Investigating+Sites+After+They+are+Gone+And+a+Case+of+Uber+Phishing+With+SSL/22440/
Let's Encrypt Outage
http://letsencrypt.status.io/pages/history/55957a99e800baa4470002da
https://community.letsencrypt.org/t/ocsp-and-issuance-outage-2017-05-19/34506
More ImageMagik Flaws
https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html
May 22, 2017 • 5min
ISC StormCast for Monday, May 22nd 2017
Typosquatting: A recent example and what to do with look alike domains
https://isc.sans.edu/forums/diary/Typosquatting+Awareness+and+Hunting/22436/
Netgear Collecting Analytics Data in Recent Update
https://kb.netgear.com/000038663/What-router-analytics-data-is-collected-and-how-is-the-data-being-used-by-NETGEAR
disable: https://kb.netgear.com/000038661/How-do-I-Enable-Disable-Router-Analytics-Data-Collection
WannaCry Updates
https://venturebeat.com/2017/05/19/ransomware-wannacry-causes-fewer-tears-than-feared/
LastPass Authenticator Cloud Backup
https://blog.lastpass.com/2017/05/announcing-cloud-backup-for-lastpass-authenticator-easier-multifactor-security-for-everyone.html/
May 19, 2017 • 13min
ISC StormCast for Friday, May 19th 2017
Discovering Relevant CVEs with CVE Bot
https://isc.sans.edu/forums/diary/My+Little+CVE+Bot/22432/
Probablility of Vulnerability Re-Discovery
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2928758
Wannakey May Recover WannaCry Keys
https://github.com/aguinet/wannakey
Finding Bad With Splunk
https://www.sans.org/reading-room/whitepapers/critical/finding-bad-splunk-3748
May 18, 2017 • 5min
ISC StormCast for Thursday, May 18th 2017
Handbreak Proton Malware Used to Steal Sourcecode
https://panic.com/blog/stolen-source-code/
NIST Password Guidance Update
https://isc.sans.edu/forums/diary/Wait+What+We+dont+have+to+change+passwords+every+90+days/22428/
Exploiting XXE Vulnerabilities in Peoplesoft
https://www.ambionics.io/blog/oracle-peoplesoft-xxe-to-rce
May 17, 2017 • 6min
ISC StormCast for Wednesday, May 17th 2017
Docusign Breach Leads to Increase in Phishing Email
https://trust.docusign.com/en-us/personal-safeguards/
HP Updates Audio Drivers (twice) to Remove Keylogger
https://support.hp.com/us-en/document/c05519670
Chrome File Download Behaviour Can Lead to SMB Credential Theft
http://defensecode.com/news_article.php?id=21
May 16, 2017 • 7min
ISC StormCast for Tuesday, May 16th 2017
Apple Updates Everything
https://support.apple.com/en-us/HT201222
OpenVPN Audit Results
https://www.privateinternetaccess.com/blog/2017/05/openvpn-2-4-evaluation-summary-report/
Italian Car Insurance Leaks User Driving Data
https://www.andreascarpino.it/posts/how-my-car-insurance-exposed-my-position.html
May 15, 2017 • 7min
ISC StormCast for Monday, May 15th 2017
WannaCry Malware Links
Latest updates see https://isc.sans.edu
Webcast: https://www.sans.org/webcasts/special-webcast-wannacry-ransomeware-threat-105160
PowerPoint: https://isc.sans.edu/presentations/WannaCry.ppt
May 12, 2017 • 13min
ISC StormCast for Friday, May 12th 2017
Conexant Audio Drivers Log Keystrokes;
https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html
Rig Exploit Kit Used to Send Ramnit Trojan
https://isc.sans.edu/forums/diary/Seamless+Campaign+using+Rig+Exploit+Kit+to+send+Ramnit+Trojan/22404/
Encase Forensic Imager Exploit
http://blog.sec-consult.com/2017/05/chainsaw-of-custody-manipulating.html
May 11, 2017 • 9min
ISC StormCast for Thursday, May 11th 2017
How to Review OAUTH Application Permissions for Popular Sites
https://isc.sans.edu/forums/diary/OAuth+and+Its+High+Time+for+Some+Personal+SecurityScaping+Today/22400/
Apple Working on Firmware Integrity Check
http://apple.stackexchange.com/questions/282028/pop-up-firmware-changes-detected-randomly-appear
Panda Mobile Anti Malware Releases Patch for Evilgrade Bug
https://www.contextis.com/resources/blog/exploiting-vulnerable-pandas/
ASUS RT Router Vulnerabilities
https://wwws.nightwatchcybersecurity.com/2017/05/09/multiple-vulnerabilities-in-asus-routers/
Microsoft Edge SOP Bypass
https://www.brokenbrowser.com/sop-bypass-uxss-stealing-credentials-pretty-fast/
Linux Kernel Packet Socket Vulnerability Exploit
https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
