SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Apr 19, 2016 • 5min
ISC StormCast for Tuesday, April 19th 2016
Retefer Banking Malware Appearing Again
https://isc.sans.edu/forums/diary/Retefe+is+back+in+town/20957/
Ransomware Switching Focus From Hospitals to Schools
http://blog.talosintel.com/2016/04/jboss-backdoor.html
git on OS X vulnerable
https://rachelbythebay.com/w/2016/04/17/unprotected/
Apr 18, 2016 • 6min
ISC StormCast for Monday, April 18th 2016
Implementing "bash_history" for cmd.exe
https://isc.sans.edu/forums/diary/Windows+Command+Line+Persistence/20949/
Mixed encoding in Malicious Documents
https://isc.sans.edu/forums/diary/VBS+VBE/20953/
Swedish Air Traffic Control Outage Result of Solar Flares
http://www.lfv.se/en/news/news-2016/full-capacity-after-90-minutes-radar-loss
Why you should not require password changes
https://www.cesg.gov.uk/articles/problems-forcing-regular-password-expiry
Bypassing Microsoft Edge XSS Filter
http://blog.portswigger.net/2016/04/edge-xss-filter-bypass.html
Apr 15, 2016 • 6min
ISC StormCast for Friday, April 15th 2016
Doing HTTP Key Pinning Right
https://isc.sans.edu/forums/diary/HTTP+Public+Key+Pinning+How+to+do+it+right/20943/
Apple Ceases Support for Quicktime on Windows
https://support.apple.com/HT205771
http://zerodayinitiative.com/advisories/ZDI-16-241/
VMWare Releases Patch for VMWare Client Plugin
http://www.vmware.com/security/advisories/VMSA-2016-0004.html
Identify Ransomware
https://id-ransomware.malwarehunterteam.com
Another Fake Flash Update For OS X
https://www.intego.com/mac-security-blog/mac-users-attacked-fake-adobe-update/
Chrome 50 Released
http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html
URL Shorteners Weaken Random URLs
http://arxiv.org/pdf/1604.02734v1.pdf
Apr 14, 2016 • 5min
ISC StormCast for Thursday, April 14th 2016 - Part 2
PFSense DShield Client Updated for PFSense Version 2.3
https://isc.sans.edu/forums/diary/Updated+PFSense+Client/20937/
JigSaw Decryption Tool Released
http://www.bleepingcomputer.com/news/security/jigsaw-ransomware-decrypted-will-delete-your-files-until-you-pay-the-ransom/
Android Bluetooth Pairing Vulnerability
https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-android-bluetooth-pairing-bypass-2016-04-12.pdf
Samsung Galaxy Phones Expose Modem via USB Port
https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004
Apr 14, 2016 • 7min
ISC StormCast for Thursday, April 14th 2016
Badlock not as bad
https://isc.sans.edu/forums/diary/BadLock+Vulnerability+CVE20162118/20933/
Microsoft Patches
https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+Summary+for+April+2016+httpsiscsansedumspatchdayshtmlviewday20160412/20935
Apr 12, 2016 • 6min
ISC StormCast for Tuesday, April 12th 2016
Petyz Ransomware Decrypted
https://isc.sans.edu/forums/diary/Tool+Released+to+Decrypt+Petya+Ransomware+Infected+Disks/20929/
Malware Creator Bribes Anti-Virus Vendors
http://blog.checkpoint.com/2016/04/08/qihoo-360-just-the-tip-of-the-whitelisted-malware-iceberg/
User Will Plug in USB Drives They Find In The Parking Lot
https://www.elie.net/publication/users-really-do-plug-in-usb-drives-they-find
Ruby Gems Replacement Vulnerability
http://blog.rubygems.org/2016/04/06/gem-replacement-vulnerability-and-mitigation.html
Apr 10, 2016 • 7min
ISC StormCast for Sunday, April 10th 2016
Flash Releases Pre-Announced Emergency Patch
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
http://blog.trendmicro.com/trendlabs-security-intelligence/look-adobe-flash-player-cve-2016-1019-zero-day-vulnerability/
Wordpress Will Start Using SSL
https://en.blog.wordpress.com/2016/04/08/https-everywhere-encryption-for-all-wordpress-com-sites/
iMessage Vulnerablitiy Allows Access To Chat History
https://www.bishopfox.com/blog/2016/04/if-you-cant-break-crypto-break-the-client-recovery-of-plaintext-imessage-data/
Ubuntu on Windows 10: Not as Insecure as Some Think
http://www.pcworld.com/article/3051604/windows/linuxs-deadliest-command-doesnt-faze-bash-on-windows-10.html
Special Badlock Webcast
https://www.sans.org/webcasts/badlock-102107
Apr 8, 2016 • 6min
ISC StormCast for Friday, April 8th 2016
Google/Facebook CAPTCHA Broken Again
https://www.blackhat.com/docs/asia-16/materials/asia-16-Sivakorn-Im-Not-a-Human-Breaking-the-Google-reCAPTCHA-wp.pdf
Updated FBI Damage Numbers For Business E-Mail Compromise
https://www.fbi.gov/phoenix/press-releases/2016/fbi-warns-of-dramatic-increase-in-business-e-mail-scams
PowerWare / PoshCoder Ransomware Decryption
https://www.alienvault.com/open-threat-exchange/blog/powerware-or-poshcoder-comparison-and-decryption
Leaking Information Via Browser XSS Filters
http://www.mbsd.jp/blog/20160407.html
Apr 7, 2016 • 5min
ISC StormCast for Thursday, April 7th 2016
Cisco Security Advisory
https://tools.cisco.com/security/center/publicationListing.x#~CiscoSecurityAdvisory
OSVDB Closes Down
https://blog.osvdb.org/2016/04/05/osvdb-fin/
Apple iOS Passcode Bypass Vulnerability
http://seclists.org/fulldisclosure/2016/Apr/19
Securing the Human: Ouch Newsletter
https://securingthehuman.sans.org/resources/newsletters/ouch/2016
Apr 6, 2016 • 6min
ISC StormCast for Wednesday, April 6th 2016
New Microsoft Patches API
https://isc.sans.edu/forums/diary/New+Features+for+Microsoft+Patch+Data/20911/
BadLock Webcast
https://www.sans.org/webcasts/badlock-102107
Microsoft Single Signon Vulnerable to Token Hijacking
https://whitton.xyz/articles/obtaining-tokens-outlook-office-azure-account/
Domino's Pizza Mobile App Payment Bypass
http://www.ifc0nfig.com/dominos-pizza-and-payments/
