SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
May 17, 2016 • 7min
ISC StormCast for Tuesday, May 17th 2016
419 Death Scams Still Going Around
https://isc.sans.edu/forums/diary/An+oldie+but+a+goodie+419+Death+Scam/21061/
Apple Updates
https://support.apple.com/en-us/HT201222
Flash Zero Day Details
https://www.fireeye.com/blog/threat-research/2016/05/cve-2016-4117-flash-zero-day.html
Google "HTML5 By Default" Draft
https://docs.google.com/presentation/d/106_KLNJfwb9L-1hVVa4i29aw1YXUy9qFX-Ye4kvJj-4/edit#slide=id.p
May 16, 2016 • 5min
ISC StormCast for Monday, May 16th 2016
Python Malware
https://isc.sans.edu/forums/diary/Python+Malware+Part+1/21057/
Ubiquity AirOS Worm
http://community.ubnt.com/t5/airMAX-General-Discussion/Virus-attack-URGENT-UBNT/td-p/1562940
Google Chrome Update
http://www.theregister.co.uk/2016/05/13/google_crushes_five_vulns_with_patch_run_and_20k_in_bug_bounties/
More Banks Affected By Fake SWIFT Transactions
http://www.nytimes.com/2016/05/13/business/dealbook/swift-global-bank-network-attack.html?_r=0
Microsoft Releases Windows 10 Security Auditing And Monitoring Reference
https://www.microsoft.com/en-us/download/details.aspx?id=52630
May 12, 2016 • 5min
ISC StormCast for Friday, May 13th 2016
Adobe Flash Player Update Released
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
Microsoft Excel Phishing
https://isc.sans.edu/forums/diary/Another+Day+Another+Wave+of+Phishing+Emails/21045/
Squid Proxy Bug Allows For Cache Poisoning
http://bugs.squid-cache.org/show_bug.cgi?id=4501
Nation State Attackers May Exploit Firefox
https://blog.mozilla.org/blog/2016/05/11/advanced-disclosure-needed-to-keep-users-secure/
May 12, 2016 • 5min
ISC StormCast for Thursday, May 12th 2016
Exploited Flash Vulnerablity Patched Only For Windows
https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
SAP Vulnerabilities Exploited
https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications
Free Decryption Tool For CryptXXX No Longer Works
https://www.proofpoint.com/us/threat-insight/post/cryptxxx2-ransomware-authors-strike-back-against-free-decryption-tool
Multiple 7-Zip Vulnerabilities
http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html
Ransomware Overview
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/edit#gid=0
May 11, 2016 • 8min
ISC StormCast for Wednesday, May 11th 2016
Windows Patch Tuesday
https://isc.sans.edu/mspatchdays.html?viewday=2016-05-10
Adobe Patch Tuesday
https://helpx.adobe.com/security.html
May 10, 2016 • 6min
ISC StormCast for Tuesday, May 10th 2016
Network Forensics With DShell
https://isc.sans.edu/forums/diary/Performing+network+forensics+with+Dshell+Part+1+Basic+usage/21035/
Aruba Vulnerabilities (and Patches)
http://seclists.org/fulldisclosure/2016/May/19
Allwinner Android Device Debug Backdoor
http://forum.armbian.com/index.php/topic/1108-security-alert-for-allwinner-sun8i-h3a83th8/
ImageTragick Flaw Being Exploited
https://blog.cloudflare.com/inside-imagetragick-the-real-payloads-being-used-to-hack-websites-2/
Attacking JSON Web Tokens
https://www.notsosecure.com/crafting-way-json-web-tokens/
ASUS UEFI Red Screen Of Death Workaround
https://www.asus.com/support/FAQ/1016356/
May 9, 2016 • 5min
ISC StormCast for Monday, May 9th 2016
A Quick Introduction To Linux Capabilities
https://isc.sans.edu/forums/diary/Guest+Diary+Linux+Capabilities+A+friend+and+foe/21031/
Review of TLS Proxy Security Issues
http://users.encs.concordia.ca/~mmannan/publications/ssl-interception-ndss2016.pdf
Ransomware Claims to Donate Proceeds To Charity
https://heimdalsecurity.com/blog/security-alert-new-ransomware-donate-earnings-charity/
May 6, 2016 • 5min
ISC StormCast for Friday, May 6th 2016
Large Number of Credentials Offered For Sale
http://www.reuters.com/article/us-cyber-passwords-idUSKCN0XV1I6
Alphalocker: Affordable Ransom Ware
https://blog.cylance.com/an-introduction-to-alphalocker
JAKU Botnet
https://www.forcepoint.com/sites/default/files/resources/files/report_jaku_analysis_of_botnet_campaign_en_0.pdf
Juniper Update
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734&cat=SIRT_1&actp=LIST
May 5, 2016 • 1min
ISC StormCast for Thursday, May 5th 2016
Malicious Ads Seens On CBS TV Stations
https://blog.malwarebytes.org/threat-analysis/2016/05/cbs-affiliated-television-stations-expose-visitors-to-angler-exploit-kit/
ImageMagick Vulnerability
https://isc.sans.edu/forums/diary/ImageTragick+Another+Vulnerability+Another+Nickname/21023/
Fake DDoS Threats Continue
http://www.actionfraud.police.uk/news/online-extortion-demands-affecting-businesses-apr16/
Cisco Patches Tele Presence Equipment
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml
Cracking PeopleSoft PS_TOKEN with oclHashcat
http://blog.gosecure.ca/2016/05/04/oracle-peoplesoft-still-a-threat-for-enterprises/
May 4, 2016 • 2min
ISC StormCast for Wednesday, May 4th 2016
OpenSSL Update Released
https://isc.sans.edu/forums/diary/OpenSSL+Updates/21015/
Gerber Exploit Kit Installed By Neutrino EK
https://isc.sans.edu/forums/diary/Neutrino+exploit+kit+sends+Cerber+ransomware/21017/
Image Magick Vulnerablity
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
http://www.openwall.com/lists/oss-security/2016/05/03/18
Microsoft Will No Longer Consider SHA-1 Certificates As Secure
https://blogs.windows.com/msedgedev/2016/04/29/sha1-deprecation-roadmap/
