SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Aug 24, 2016 • 5min

ISC StormCast for Wednesday, August 24th 2016

Voicemail Message Notification Deliver Ransomware https://isc.sans.edu/forums/diary/Voice+Message+Notifications+Deliver+Ransomware/21397/ Updates Microsoft Word Bulletin https://support.microsoft.com/en-us/kb/3179163 Multiple BTS Software Vulnerabilities https://blog.zimperium.com/analysis-of-multiple-vulnerabilities-in-different-open-source-bts-products/ Popular HTTP Proxies Vulnerable to Cache Poisoning https://hostoftroubles.com

Aug 23, 2016 • 5min

ISC StormCast for Tuesday, August 23rd 2016

Multiple Vulnerabilities in BHU Router http://blog.ioactive.com/2016/08/multiple-vulnerabilities-in-bhu-wifi.html Smart Socket Vulnerability https://labs.bitdefender.com/2016/08/hackers-can-use-smart-sockets-to-shut-down-critical-systems/ Smart Security Cameras are Spying on You http://www.forbes.com/sites/marcwebertobias/2016/08/22/is-your-smart-security-camera-protecting-your-home-or-spying-on-you/#6fb3a6414d1e Veracrypt 1.18a With Limited UEFI Support https://veracrypt.codeplex.com/releases/view/625477

Aug 22, 2016 • 5min

ISC StormCast for Monday, August 22nd 2016

GnuPG/libgcrypt Weak Random Numbers (CVE-2016-6316) https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html Wikileaks Leaked E-Mail Includes Malware https://github.com/bontchev/wlscrape/blob/master/malware.md Android Vulnerable to TCP Connection Hijack https://blog.lookout.com/blog/2016/08/15/linux-vulnerability-android/ Cerber Ransomware Decryption Tool No Longer Operational https://www.cerberdecrypt.com/RansomwareDecryptionTool/

Aug 18, 2016 • 7min

ISC StormCast for Friday, August 19th 2016

One Compromised Site - 2 Exploit Campaigns https://isc.sans.edu/forums/diary/1+compromised+site+2+campaigns/21381/ Shadow Broker Leak Vendor Responses https://blogs.cisco.com/security/shadow-brokers http://fortiguard.com/advisory/FG-IR-16-023 Google Releases OS X Whitelisting Application https://github.com/google/santa/wiki

Aug 17, 2016 • 6min

ISC StormCast for Thursday, August 18th 2016

522 Error Code For the Win https://isc.sans.edu/forums/diary/522+Error+Code+for+the+Win/21377/ Short PGP Keys Abused in the Wild https://news.ycombinator.com/item?id=12296974 HTTP "FalseConnect" Vulnerability http://www.kb.cert.org/vuls/id/905344

Aug 16, 2016 • 6min

ISC StormCast for Wednesday, August 17th 2016

Cryptoanalysis of a Fully Homomorphic Encryption Scheme http://eprint.iacr.org/2016/775.pdf Recreating Android App Displays from Memory https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_saltaformaggio.pdf Various Router Exploits Released https://medium.com/@msuiche/shadow-brokers-nsa-exploits-of-the-week-3f7e17bdc216#.mnoyydmeu

Aug 15, 2016 • 6min

ISC StormCast for Tuesday, August 16th 2016

Starting October 2016, Microsoft Will Use Montly Rollup Updates for Win 7/8.1 https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/ Updated Group Policies To Block Macros in Office 2013 https://isc.sans.edu/forums/diary/MS+Office+2013+New+Macro+Controls+Sorta/21371/ Bypassing Application Whitelisting using WinDbg http://www.exploit-monday.com/2016/08/windbg-cdb-shellcode-runner.html Bypassing UAC without writing to disk https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/

Aug 14, 2016 • 6min

ISC StormCast for Monday, August 15th 2016

Most Android Devices Protected From Quadrooter By Default http://www.androidcentral.com/google-confirms-verify-apps-can-block-apps-quadrooter-exploits Dangers of IP Geolocation https://nakedsecurity.sophos.com/2016/08/11/couple-sue-over-ip-glitch-that-repeatedly-sent-feds-to-their-house/ Microsoft Secure Boot Key Bypass https://rol.im/securegoldenkeyboot/ (careful. highly annoying but harmless)

Aug 11, 2016 • 10min

ISC StormCast for Friday, August 12th 2016

Bling Spoofing of TCP Connections CVE-2016-5696 http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf Fingerprinting TLS Using TShark https://isc.sans.edu/forums/diary/Profiling+SSL+Clients+with+tshark/21361/ Forensics Artifcats on iOS Messaging Apps https://isc.sans.edu/forums/diary/Looking+for+the+insider+Forensic+Artifacts+on+iOS+Messaging+App/21363/ Vulnerable VW Remote Keyless Unlock https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/garcia

Aug 10, 2016 • 5min

ISC StormCast for Wednesday, August 10th 2016

MSFT Patch Tuesday Summary https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+August+2016/21357/ Adobe Patch for Adobe Experience Manager https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html Avast Anti Virus Conflict With Windows 10 Anniversary Update https://forum.avast.com/index.php?topic=189403.0

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner