SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Sep 21, 2016 • 6min
ISC StormCast for Thursday, September 22nd 2016
Those never-ending waves of Locky Malspam
https://isc.sans.edu/forums/diary/Those+neverending+waves+of+Locky+malspam/21505/
Windows Anti Malware Scan Interface (AMSI)
http://www.labofapenetrationtester.com/2016/09/amsi.html
Cloudflare Intorducing SSL Re-Write
https://blog.cloudflare.com/opportunistic-encryption-bringing-http-2-to-the-unencrypted-web/
Australian Police Warns of Malicious USB Sticks
https://www.vicpolicenews.com.au/news/harmful-usb-drives-found-in-letterboxes
Sep 21, 2016 • 5min
ISC StormCast for Wednesday, September 21st 2016
MacOS Sierra and Safari 10 Released
https://isc.sans.edu/forums/diary/Getting+Ready+for+macOS+Sierra+Upgrade+Securely/21465/
BackConnect BGP Hijacks
http://research.dyn.com/2016/09/backconnects-suspicious-bgp-hijacks/
Metasploit Vulnerablity
https://github.com/justinsteven/advisories/blob/master/2016_metasploit_rce_static_key_deserialization.md
Sep 20, 2016 • 6min
ISC StormCast for Tuesday, September 20th 2016
Taking Over Facebook Pages
http://arunsureshkumar.me/index.php/2016/09/16/facebook-page-takeover-zero-day-vulnerability/
Exchange Auto-Discovery Vulnerability
http://www.theregister.co.uk/2016/09/19/ms_exchange_alleged_bug/
Spyware Apps Targeting Travelers Removed From Goolge App Store
https://blog.lookout.com/blog/2016/09/16/embassy-spyware-google-play/
Firefox Will Patch HSTS Vulnerability
https://threatpost.com/mozilla-patching-firefox-certificate-pinning-vulnerability/120694/
OpenSSL Patch Pre-Announcement
https://mta.openssl.org/pipermail/openssl-announce/2016-September/000076.html
Sep 19, 2016 • 7min
ISC StormCast for Monday, September 19th 2016
Cisco Issues Advisories for IKEv1 "heartbleed like" Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1
Intercepting OS X Passwords
https://www.scriptjunkie.us/2016/09/intercepting-passwords-to-escalate-privileges-on-os-x/
Vulnerabilities Introduced By Converting 32 Bit to 64 Bit
https://www.tu-braunschweig.de/Medien-DB/sec/pubs/2016-ccs.pdf
HSTS Preload Database and Webservices
https://hstspreload.com
Sep 16, 2016 • 6min
ISC StormCast for Friday, September 16th 2016
Locky Ransomware Updates
https://blog.avira.com/locky-ransomware-goes-autopilot/
https://blogs.forcepoint.com/security-labs/locky-distributor-uses-newly-released-quant-loader-sold-russian-underground
https://isc.sans.edu/forums/diary/Is+2+out+of+3+good+enough+for+AntiMalware/21485/
Critical Update For Cisco WebEx Server
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wem
Dualtoy Malware Attacks iOS and Android
http://researchcenter.paloaltonetworks.com/2016/09/dualtoy-new-windows-trojan-sideloads-risky-apps-to-android-and-ios-devices/
Certificate Pinning Issue in Firefox/Tor Browser
https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95#.9jnte0u52
Sep 15, 2016 • 5min
ISC StormCast for Thursday, September 15th 2016
Exploit Attempts for Drupal RESTWS Module Vulnerablity
https://isc.sans.edu/forums/diary/Exploit+Attempts+for+Drupal+RESTWS+x+Module+Vulnerability/21481/
Google France XSS Vulnerability
https://sysdream.com/news/lab/2016-09-12-cross-site-scripting-vulnerability-found-on-www-google-fr/
Pokemon Go Continues to Lead to Malware
https://securelist.com/blog/mobile/76081/rooting-pokemons-in-google-play-store/
VMWare Update Fixes Escape Vulnerablity
https://www.vmware.com/security/advisories/VMSA-2016-0014.html
Sep 14, 2016 • 9min
ISC StormCast for Wednesday, September 14th 2016
Microsoft Patches
https://isc.sans.edu/mspatchdays.html?viewday=2016-09-13
Adobe Air Patches
https://helpx.adobe.com/security/products/air/apsb16-31.html
iOS 10 Update
https://isc.sans.edu/forums/diary/Apple+iOS+10+and+1001+Released/21473/
Sep 13, 2016 • 6min
ISC StormCast for Tuesday, September 13th 2016
If it's Free, YOU are the Product
https://isc.sans.edu/forums/diary/If+its+Free+YOU+are+the+Product/21469/
Weak MySQL Configurations Can Lead To Privilege Escalation
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
Full Disk Encryption Ransomware
https://www.linkedin.com/pulse/mamba-new-full-disk-encryption-ransomware-family-member-marinho?trk=prof-post
Sep 12, 2016 • 6min
ISC StormCast for Monday, September 12th 2016
Upgrading Security to MacOS Sierra
https://isc.sans.edu/forums/diary/Getting+Ready+for+macOS+Sierra+Upgrade+Securely/21465/
PCI PIN Transation Security / Point of Interaction Update
https://www.pcisecuritystandards.org/documents/PCI_PTS_POI_SRs_v5.pdf
IMAPS Scans
https://isc.sans.edu/forums/diary/Ongoing+IMAP+Scan+Anyone+Else/21463/
Sep 8, 2016 • 7min
ISC StormCast for Friday, September 9th 2016
Spikes in SNMP Traffic: Looking for PCAPs
https://isc.sans.edu/forums/diary/Curious+SNMP+Traffic+Spike/21457/
New Version of Wireshark Released
https://www.wireshark.org/docs/relnotes/wireshark-2.2.0.html
XEN Hypervisor Vulnerabilities
https://xenbits.xen.org/xsa/
Google Moving Ahead With HTTP Phaseout
https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
Old Windows Media Player DRM Feature Still Used To Install Malware
http://blog.cyren.com/articles/windows-media-player-drm-feature-used-for-malware-delivery-again.html
SEC503 Intrusion Detection in Depth Online Training
https://www.sans.org/vlive/details/sec503-19sep2016-johannes-ullrich-phd
