SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Nov 17, 2016 • 6min
ISC StormCast for Thursday, November 17th 2016
Russian Malspam Distributing Troldesh Ransomware
https://isc.sans.edu/forums/diary/Malspam+distributing+Troldesh+ransomware/21717/
Poisontap Exploits USB Ethernet Adapters
https://samy.pl/poisontap/
Symantec Patches Untrusted DLL Loading Vulnerability
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161115_00
VMWare Patches VM Escape Vulnerablity
http://www.vmware.com/security/advisories/VMSA-2016-0019.html
Some Android Phones Leak Data To China
http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html
Jacksonville ISC2 Meeting
https://www.eventbrite.com/e/isc2-ne-florida-chapter-meeting-november-2016-tickets-29050701430
Nov 16, 2016 • 6min
ISC StormCast for Wednesday, November 16th 2016
Vulnerability in LUKS Can Be used to Boot Encrypted Linux Systems
http://betanews.com/2016/11/15/linux-security-bug-cryptsetup-luks/
Shazam Keeps Microphone Turned on Even While not "Listening"
https://objective-see.com/blog/blog_0x13.html
nginx Privilege Escalation Vulnerability (Debian Only)
http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
Nov 15, 2016 • 5min
ISC StormCast for Tuesday, November 15th 2016
Indictment for the theft of FIFA Game Coins
https://regmedia.co.uk/2016/11/14/fifafraudindictment.pdf
Crysis Ransomware Master Encryption Key Released
http://www.bleepingcomputer.com/news/security/master-decryption-keys-and-decryptor-for-the-crysis-ransomware-released-/
Adult Friend Finder Breached
https://www.leakedsource.com/blog/friendfinder
Lightbulb Web Application Firewall Auditing Framework
http://seclist.us/lightbulb-is-an-open-source-python-framework-for-auditing-web-applications-firewalls.html
Nov 14, 2016 • 5min
ISC StormCast for Monday, November 14th 2016
EMET Will Defeat Shell Code Executing Inside Word
https://isc.sans.edu/forums/diary/VBA+Shellcode+and+EMET/21705/
Bitcoin Miners Distributed via FTP Exploits
https://isc.sans.edu/forums/diary/Bitcoin+Miner+File+Upload+via+FTP/21707/
5 Russian Banks Suffer DoS Attack
https://www.rt.com/news/366172-russian-banks-ddos-attack/
Wifi May Reveal Mobile Phone Passwords
http://dl.acm.org/citation.cfm?id=2978397
Nov 11, 2016 • 6min
ISC StormCast for Friday, November 11th 2016
ICMP Unreachable DoS Attacks
https://isc.sans.edu/forums/diary/ICMP+Unreachable+DoS+Attacks+aka+Black+Nurse/21699/
OpenSSL 1.1.0 Patch
https://www.openssl.org/news/secadv/20161110.txt
OWASP ModSecurity Core Rule Set Version 3.0.0 Release
https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/2016-November/002265.html
Nov 9, 2016 • 5min
ISC StormCast for Thursday, November 10th 2016
DoS Attack Turns off Heat for More then a Week
http://www.hs.fi/kotimaa/a1478495966653 (finish only)
DLink HNAP Vulnerability
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/dlink-hnap-login.txt
PoC Exploits Available for Two MSFT Vulnerabilities
https://github.com/tinysec/public/tree/master/CVE-2016-7255
https://g-laurent.blogspot.com/2016/11/ms16-137-lsass-remote-memory-corruption.html
OpenSSL Patch Pre-Announced
https://mta.openssl.org/pipermail/openssl-announce/2016-November/000085.html
Hue Lightbulb Exploit/Worm
http://iotworm.eyalro.net (Sophos labels this link as "Spam", but appears to be harmless)
Nov 8, 2016 • 7min
ISC StormCast for Wednesday, November 9th 2016
Microsoft Patch Tuesday
https://isc.sans.edu/forums/diary/November+2016+Microsoft+Patch+Day/21689/
Adobe Updates
https://helpx.adobe.com/security/products/connect/apsb16-35.html
https://helpx.adobe.com/security/products/flash-player/apsb16-37.html
Nov 8, 2016 • 6min
ISC StormCast for Tuesday, November 8th 2016
Tesco Bank Limits Online Banking After Online Criminal Activity
https://yourcommunity.tescobank.com/t5/News/Message-for-Current-Account-customers/td-p/6599
Belkin WeMo Devices Used To Attack Mobile Devices
https://www.blackhat.com/eu-16/briefings/schedule/index.html#breaking-bhad-abusing-belkin-home-automation-devices-4640
Fake Retail Apps Flooding Apple App Store
http://www.nytimes.com/2016/11/07/technology/more-iphone-fake-retail-apps-before-holidays.html?_r=0
Netflix Password Recovery via Phone Call Vulnerability
https://slashcrypto.org/2016/11/07/Netflix/
Webcast: 8 Ways To Watch The Invisible: Analyzing Encrypted Network Traffic
https://www.sans.org/webcasts/8-ways-watch-invisible-analyzing-encrypted-network-traffic-103277
Nov 7, 2016 • 6min
ISC StormCast for Monday, November 7th 2016
Hancitor Maldoc Bypasses Application Whitelisting
https://isc.sans.edu/forums/diary/Hancitor+Maldoc+Bypasses+Application+Whitelisting/21683/
Microsoft Extends EMET Support Deadline
https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/
Wifi Based IMSI Catcher
https://www.blackhat.com/docs/eu-16/materials/eu-16-OHanlon-WiFi-IMSI-Catcher.pdf
Nov 3, 2016 • 7min
ISC StormCast for Friday, November 4th 2016
Reconstruct Binaries Sent via Telnet
https://isc.sans.edu/forums/diary/Extracting+Malware+Transmitted+Via+Telnet/21673/
Wix.com DOM Based XSS
https://www.contrastsecurity.com/security-influencers/dom-xss-in-wix.com
DNS Based Mail Security
https://nccoe.nist.gov/projects/building_blocks/secured_email
Web of Trust Plugin Released Anonymized User Data
https://www.mywot.com/en/forum/70396--virus-spyware-do-not-install-uninstall-as-soon-as-possible
