SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Mar 30, 2017 • 5min

ISC StormCast for Thursday, March 30th 2017

Logical and Physical Security Correlation https://isc.sans.edu/forums/diary/Logical+Physical+Security+Correlation/22243/ Recent Mirai DDoS Attacks https://www.incapsula.com/blog/new-mirai-variant-ddos-us-college.html Crusader Injects Fake Support Phone Numbers into Websites https://www.bleepingcomputer.com/news/security/adware-replaces-phone-numbers-for-security-firms-returned-in-search-results/ VMWare Closes Pwn2Own Guest Escape Vulnerabilities http://www.vmware.com/security/advisories/VMSA-2017-0006.html Apple iCloud for Windows Update https://support.apple.com/de-de/HT207607

Mar 29, 2017 • 5min

ISC StormCast for Wednesday, March 29th 2017

New Exploit Variant for Recent Struts2 Vulnerability https://blog.gdssecurity.com/labs/2017/3/27/an-analysis-of-cve-2017-5638.html PoC Exploit for iBook ePub Javascript Vulnerability https://s1gnalcha0s.github.io/ibooks/epub/2017/03/27/This-book-reads-you-using-JavaScript.html Microsoft Docs.com Leak https://twitter.com/gossithedog/status/845446263244050434 Symantec SSL CA tool https://www.renditioninfosec.com/socapps/sslcheck/index.php

Mar 28, 2017 • 7min

ISC StormCast for Tuesday, March 28th 2017

Apple Updates https://support.apple.com/en-us/HT201222 IIS 6 / Windows Server 2003 Exploit https://github.com/edwardz246003/IIS_exploit/blob/master/exploit.py Symantec SSL Update https://www.symantec.com/connect/blogs/message-our-ca-customers

Mar 27, 2017 • 7min

ISC StormCast for Monday, March 27th 2017

Google Announces Removal of Symantec CAs for Extended Validation https://www.symantec.com/connect/blogs/symantec-backs-its-ca https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/eUAKwjihhBs https://chromium.googlesource.com/chromium/src/+/master/net/data/ssl/symantec/README.md Spoofing Referrer in Microsoft Edge https://www.brokenbrowser.com/referer-spoofing-patch-bypass/ Smart TV Compromise Via Broadcast Signals https://www.youtube.com/watch?v=bOJ_8QHX6OA Defending Web Applications Class https://www.sans.org/event/sans-security-west-2017/course/defending-web-applications-security-essentials

Mar 24, 2017 • 7min

ISC StormCast for Friday, March 24th 2017

"Swearing Trojan" Uses Fake BTSs To Spread Malware http://blog.checkpoint.com/2017/03/21/swearing-trojan-continues-rage-even-authors-arrest/ Lastpass Updates ClickJacking Exploit (Again) https://bugs.chromium.org/p/project-zero/issues/detail?id=1188&desc=2 Application Verifier "Bug" https://github.com/ionescu007/HookingNirvana/blob/master/Esoteric%20Hooks.pdf

Mar 23, 2017 • 6min

ISC StormCast for Thursday, March 23rd 2017

Criminals Threaten to Erase Millions of iCloud Conntected Apple devices https://motherboard.vice.com/en_us/article/hackers-we-will-remotely-wipe-iphones-unless-apple-pays-ransom?utm_source=vicefbus Siemens Control Systems Affected by Fake Firmware https://dragos.com/blog/mimics/ GitHub Used for C&C http://blog.trendmicro.com/trendlabs-security-intelligence/winnti-abuses-github/ Adium IM Vulnerable to Older libpurple Issue http://seclists.org/fulldisclosure/2017/Mar/57

Mar 22, 2017 • 5min

ISC StormCast for Wednesday, March 22nd 2017

Password Encrypted Word File Delivers Malware https://isc.sans.edu/forums/diary/Malspam+with+passwordprotected+Word+documents/22203/ Critical LastPass Vulnerability https://bugs.chromium.org/p/project-zero/issues/detail?id=1209 Nest Camera Bluetooth Vulnerability https://github.com/jasondoyle/Google-Nest-Cam-Bug-Disclosures/blob/master/README.md

Mar 21, 2017 • 6min

ISC StormCast for Tuesday, March 21st 2017

CISCO Releases Advisory With Details Regarding CMP Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp Pwn2Own Contest Leads to Exploits Against All Browsers (and VM!) https://www.zerodayinitiative.com/blog/2017/3/17/the-results-pwn2own-2017-day-three Git Moving Away From SHA1 (likely to SHA3) https://news.ycombinator.com/item?id=13906804 Proxy Security https://isc.sans.edu/forums/diary/What+is+really+being+proxied/22165/ https://www.us-cert.gov/ncas/alerts/TA17-075A

Mar 20, 2017 • 6min

ISC StormCast for Monday, March 20th 2017

An Example of a Multiple States Dropper https://isc.sans.edu/forums/diary/Example+of+Multiple+Stages+Dropper/22197/ Real-World Wiretaping Attacks Against ZRTP https://www.ibr.cs.tu-bs.de/papers/schuermann-popets2017.pdf Authenticating Against MySQL Server Using a Hashed Password https://github.com/cyrus-and/mysql-unsha1

Mar 17, 2017 • 6min

ISC StormCast for Friday, March 17th 2017

Certain Ubiquity Equipment Vulnerable to CSRF/Code Execution https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170316-0_Ubiquiti_Networks_authenticated_command_injection_v10.txt Proton Mac OS RAT https://www.cybersixgill.com/proton-a-new-mac-os-rat/ Linux Kernel n_hdlc Privilege Escalation http://seclists.org/oss-sec/2017/q1/569 VMWare Copy/Paste Exploit Fixed https://www.vmware.com/security/advisories/VMSA-2017-0005.html

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner