SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
May 9, 2017 • 6min
ISC StormCast for Wednesday, May 10th 2017
Microsoft Path Tuesday Summary
https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+and+Adobe/22396/
Snake For Mac OS X Included in Handbrake
https://blog.fox-it.com/2017/05/03/snake-coming-soon-in-mac-os-x-flavour/
Cisco Patches CMP-Telnet Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp
WolfSSL Library X.509 Certificate Text Parsing Code Execution Vulnerability
http://blog.talosintelligence.com/2017/05/wolfssl-x509-vuln.html
May 9, 2017 • 7min
ISC StormCast for Tuesday, May 9th 2017
Exploring a P2P Transient Botnet - From Discovery to Enumeration
https://isc.sans.edu/forums/diary/Exploring+a+P2P+Transient+Botnet+From+Discovery+to+Enumeration/22392/
Video Conversion Application Handbrake Compromised
https://forum.handbrake.fr/viewtopic.php?f=33&t=36364
Emergency Update for Microsoft Malware Protection Engine
https://technet.microsoft.com/en-us/library/security/4022344
OS X Keychain OTR Vulnerability
https://medium.com/@longtermsec/bypassing-otr-signature-verification-to-steal-icloud-keychain-secrets-9e92ab55b605
May 7, 2017 • 6min
ISC StormCast for Monday, May 8th 2017
Tenable Discovers Details Regarding Intel AMT Vulnerability
http://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability
Android Apps Use Ultrasound Beacons To Track Users
http://christian.wressnegger.info/content/projects/sidechannels/2017-eurosp.pdf
HTTP Headers... the Achilles' Heel of Many Applications
https://isc.sans.edu/forums/diary/HTTP+Headers+the+Achilles+heel+of+many+applications/22382/
May 5, 2017 • 5min
ISC StormCast for Friday, May 5th 2017
Google OAUTH Spam Wrapup
https://threatpost.com/1-million-gmail-users-impacted-by-google-docs-phishing-attack/125436/
Artificial Master Fingerprint Set
https://wp.nyu.edu/memon/the-master-print/
rpcbind denial of service
https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/
Debian Discontinue FTP Support for Downloads
https://www.debian.org/News/2017/20170425
May 3, 2017 • 8min
ISC StormCast for Thursday, May 4th 2017
Google Docs OAUTH Phishing E-Mails
https://isc.sans.edu/forums/diary/OAUTH+phishing+against+Google+Docs+beware/22372/
Review Google App Permissions https://myaccount.google.com/u/0/permissions?pli=1
SS7 Exploits Documented in Banking Attacks
http://www.sueddeutsche.de/digital/it-sicherheit-schwachstelle-im-mobilfunknetz-kriminelle-hacker-raeumen-konten-leer-1.3486504
http://www.theregister.co.uk/2017/05/03/hackers_fire_up_ss7_flaw/
May 2, 2017 • 5min
ISC StormCast for Wednesday, May 3rd 2017
Scans Sighted for Ports Used by Intel Remote Management Interface
https://isc.sans.edu/port.html?port=16992
https://isc.sans.edu/port.html?port=16993
Outlook Forms Can Run Macros
https://sensepost.com/blog/2017/outlook-forms-and-shells/
Jenkins Vulnerability
https://jenkins.io/security/advisory/2017-04-26/
Google Android May Patchday
https://source.android.com/security/bulletin/2017-05-01
IBM Storwize USB Stick Malware
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010146&myns=s028&mynp=OCSTHGUJ&mynp=OCSTLM5A&mynp=OCSTLM6B&mynp=OCHW206&mync=E&cm_sp=s028-_-OCSTHGUJ-OCSTLM5A-OCSTLM6B-OCHW206-_-E
May 2, 2017 • 6min
ISC StormCast for Tuesday, May 2nd 2017
Intel AMT, SBT and ISM Escalation of Privilege Vulnerability
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr
https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/
Local Root Exploit in chkrootkit
https://lepetithacker.wordpress.com/2017/04/30/local-root-exploit-in-chkrootkit/
Escape Sequence Exploits in Various Linux Terminals
http://www.openwall.com/lists/oss-security/2017/05/01/13
May 1, 2017 • 6min
ISC StormCast for Monday, May 1st 2017
Simple Javascript Word Macro Not Recognized By Many AV Products
https://isc.sans.edu/forums/diary/Another+Day+Another+Obfuscation+Technique/22354/
OS X Malware Adds Proxy To Intercept HTTPS
http://blog.checkpoint.com/2017/04/27/osx-malware-catching-wants-read-https-traffic/
OVH Vulnerability Put Servers at Risk
https://jrwr.io/doku.php?id=blog:ovh_vrack_security_issue
Apr 28, 2017 • 6min
ISC StormCast for Friday, April 28th 2017
VISA IP Block Hijacked By Russian ISP
https://isc.sans.edu/forums/diary/BGP+Hijacking+The+Internet+is+StillAgain+Broken/22350/
Antminer "Checking" DoS Vulnerability
http://www.antbleed.com
Symantec Offers Audits To Stave Off Google's CA Blacklisting
https://www.symantec.com/connect/blogs/symantec-ca-proposal
NoMX Security E-Mail Appliance Pentest
https://scotthelme.co.uk/nomx-the-worlds-most-secure-communications-protocol/
vendor response: www.nomx.com
SANS Defending Web Applications
https://www.sans.org/dev522
Apr 27, 2017 • 6min
ISC StormCast for Thursday, April 27th 2017
Bots Disrupts US ISP
https://www.bleepingcomputer.com/news/security/us-isp-goes-down-as-two-malware-families-go-to-war-over-its-modems/
Samsung Smart TV Wi-Fi Direct Exploit
http://seclists.org/fulldisclosure/2017/Apr/101
Adobe Publishes ColdFusion Update
https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html
SNMP Misconfiguration Eliminates Community String Validation
https://stringbleed.github.io/#
