SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Jan 5, 2017 • 5min

ISC StormCast for Thursday, January 5th 2017

GRE Packets May Be Related To Linux Kernel Bug http://www.openwall.com/lists/oss-security/2016/10/13/11 Insecure MongoDB Instances Hit By Fake Ransomware https://twitter.com/0xDUDE Android Security Update https://source.android.com/security/bulletin/2017-01-01.html Identifying WordPress Websites on Local Networks https://www.netsparker.com/blog/web-security/bruteforce-wordpress-local-networks-xshm-attack/

Jan 3, 2017 • 5min

ISC StormCast for Wednesday, January 4th 2017

Removing "Ransom Ware" From Android Based LG TVs https://www.youtube.com/watch?v=0WZ4uLFTHEE libpng Patches 30 Year Old Bug http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.567619 Kaspersky Antivirus SSL Interception Vulnerability https://bugs.chromium.org/p/project-zero/issues/detail?id=978 Thunderbird Update Fixes Critical Vulnerability https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/

Jan 3, 2017 • 5min

ISC StormCast for Tuesday, January 3rd 2017

AT&T 2G Network Shutdown https://www.att.com/esupport/article.html#!/wireless/KM1084805 Leap Second https://blog.cloudflare.com/how-and-why-the-leap-second-affected-cloudflare-dns/ Thunderbird Patch https://www.heise.de/security/meldung/Thunderbird-Mozilla-schliesst-mit-Sicherheitsupdate-kritische-Luecken-3583472.html iMessage Crash https://vincedes3.com/crash-message-app-iphone/ Truffle Hog https://github.com/dxa4481/truffleHog

Dec 30, 2016 • 4min

ISC StormCast for Friday, December 30th 2016

Protocol 47 (GRE) Traffic https://isc.sans.edu/forums/diary/Increase+in+Protocol+47+denys/21865/ US Cert Releases "Grizzly Steppe" Report https://www.us-cert.gov/security-publications/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity Android Malware Changes Router DNS Settings https://securelist.com/blog/mobile/76969/switcher-android-joins-the-attack-the-router-club/

Dec 29, 2016 • 5min

ISC StormCast for Thursday, December 29th 2016

More PHPMailer Issues. Update Again https://github.com/PHPMailer/PHPMailer/wiki/About-the-CVE-2016-10033-and-CVE-2016-10045-vulnerabilities CCC Talk: Lockpicking in the IoT https://media.ccc.de/v/33c3-8019-lockpicking_in_the_iot CCC Talk: IPv6 Scanning https://media.ccc.de/v/33c3-8061-you_can_-j_reject_but_you_can_not_hide_global_scanning_of_the_ipv6_internet

Dec 28, 2016 • 6min

ISC StormCast for Wednesday, December 28th 2016

Using Daemonlogger as a Software Tap https://isc.sans.edu/forums/diary/Using+daemonlogger+as+a+Software+Tap/21859/ CCC Conference https://events.ccc.de/congress/2016/wiki/Main_Page PHPMailer Exploit Released https://legalhackers.com/exploits/CVE-2016-10033/PHPMailer-RCE-exploit-poc.txt Patch For Exim Mail Server https://exim.org/static/doc/CVE-2016-9963.txt Signal Uses Domain Fronting To Evade Censor Ship https://whispersystems.org/blog/doodles-stickers-censorship/

Dec 27, 2016 • 6min

ISC StormCast for Tuesday, December 27th 2016

Criticial RCE Flaw in PHPMailer https://isc.sans.edu/forums/diary/Critical+security+update+PHPMailer+5218+CVE201610033/21855/ Malware Delays Execution with "Ping" https://isc.sans.edu/forums/diary/Pinging+All+The+Way/21849/ Apple Extends TLS Deadline https://isc.sans.edu/forums/diary/Pinging+All+The+Way/21849/

Dec 21, 2016 • 5min

ISC StormCast for Thursday, December 22nd 2016

Mirai Trying Various Telnet Alternatives https://isc.sans.edu/forums/diary/UPDATED+x1+Mirai+Scanning+for+Port+6789+Looking+for+New+Victims+Now+hitting+tcp23231/21833/ Ukraining Power Outages http://uawire.org/news/ukrenergo-claims-that-blackouts-in-kyiv-could-have-been-caused-by-hackers OurMine Hacks Netflix and Other Twitter Accounts http://www.bbc.com/news/technology-38390343?ocid=socialflow_twitter Methbot Generating Millions of Dollars With Click Fraud http://go.whiteops.com/rs/179-SQE-823/images/WO_Methbot_Operation_WP.pdf

Dec 21, 2016 • 5min

ISC StormCast for Wednesday, December 21st 2016

vSphere Data Protection Known SSH Key http://www.vmware.com/security/advisories/VMSA-2016-0024.html nmap Update https://nmap.org/download.html SCCM Software Metering https://www.fireeye.com/blog/threat-research/2016/12/do_you_see_what_icc.html CryptXXX Version 3 Decryptor Available https://noransom.kaspersky.com Airline Inflight Entertainment System Hack http://blog.ioactive.com/2016/12/in-flight-hacking-system.html SEC503, Intrusion Detection in Depth: Brussles January 16th-21st 2017 https://www.sans.org/event/brussels-winter-2017/course/intrusion-detection-in-depth

Dec 20, 2016 • 4min

ISC StormCast for Tuesday, December 20th 2016

Mirai Likely Behind Port 6789 Scans. Yet Another Backdoor https://isc.sans.edu/forums/diary/Mirai+Scanning+for+Port+6789+Looking+for+New+Victims/21833/ OpenSSH update https://www.openssh.com/releasenotes.html#7.4 Google Releases Tool to Audit Crypto Libraries https://security.googleblog.com/2016/12/project-wycheproof.html Escaping A Restricted Shell https://humblesec.wordpress.com/2016/12/08/escaping-a-restricted-shell/

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner