SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

Episodes

Mentioned books

undefined
Mar 1, 2021 • 5min

ISC StormCast for Monday, March 1st, 2021

Pretending to be an Outlook Version Update https://isc.sans.edu/forums/diary/Pretending+to+be+an+Outlook+Version+Update/27144/ Geolocating Satori Botnet Scanning Port 26 https://isc.sans.edu/forums/diary/So+where+did+those+Satori+attacks+come+from/27140/ Alexa Skill Security https://www.ndss-symposium.org/wp-content/uploads/ndss2021_5A-1_23111_paper.pdf TMobile Data Breach / SIM Swapping https://beta.documentcloud.org/documents/20492859-t-mobile-feb-2021-bc-data-breach
undefined
Feb 26, 2021 • 5min

ISC StormCast for Friday, February 26th, 2021

Forensicating Azure VMs https://isc.sans.edu/forums/diary/Forensicating+Azure+VMs/27136/ FriarFox Browser Extension Targeting GMail Accounts https://www.proofpoint.com/us/blog/threat-insight/ta413-leverages-new-friarfox-browser-extension-target-gmail-accounts-global JSON Parser Inconsistencies https://labs.bishopfox.com/tech-blog/an-exploration-of-json-interoperability-vulnerabilities Apple MacOS Update https://www.reddit.com/r/macbook/comments/kge24m/dead_m1_mac_with_usbc_multiport_adapters/
undefined
Feb 25, 2021 • 5min

ISC StormCast for Thursday, February 25th, 2021

Malspam Pushes GuLoader for Remcos RAT https://isc.sans.edu/forums/diary/Malspam+pushes+GuLoader+for+Remcos+RAT/27132/ vCenter Exploit / Vulnerability Details https://swarm.ptsecurity.com/unauth-rce-vmware/#more-2477 DNS CNAME Tracking https://blog.lukaszolejnik.com/large-scale-analysis-of-dns-based-tracking-evasion-broad-data-leaks-included/ Cisco MSO Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mso-authbyp-bb5GmBQv
undefined
Feb 24, 2021 • 6min

ISC StormCast for Wednesday, February 24th, 2021

Qakbot In a Response to Full Disclosure Post https://isc.sans.edu/forums/diary/Qakbot+in+a+response+to+Full+Disclosure+post/27130/ Firefox Total Cookie Protection https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/ VMWare ESXi / vCenter Server Update https://www.vmware.com/security/advisories/VMSA-2021-0002.html Replacing Content in Signed PDFs https://www.ndss-symposium.org/wp-content/uploads/ndss2021_1B-4_24117_paper.pdf
undefined
Feb 23, 2021 • 6min

ISC StormCast for Tuesday, February 23rd, 2021

Unprotecting Malicious Documents For Inspection https://isc.sans.edu/forums/diary/Unprotecting+Malicious+Documents+For+Inspection/27126/ Brave Browser DNS Leak https://www.theregister.com/2021/02/22/in_brief_security/ Telephony DoS https://www.ic3.gov/Media/Y2021/PSA210217
undefined
Feb 22, 2021 • 6min

ISC StormCast for Monday, February 22nd, 2021

Dynamic Data Exchange (DDE) is Back in the Wild https://isc.sans.edu/forums/diary/Dynamic+Data+Exchange+DDE+is+Back+in+the+Wild/27116/ https://isc.sans.edu/forums/diary/DDE+and+oledump/27122/ macOS Malware "Prototype" https://redcanary.com/blog/clipping-silver-sparrows-wings/ New Phishing Attack Identifed: Malformed URL Prefixes https://www.greathorn.com/blog-new-phishing-attack-identified-malformed-url-prefixes/ Sonicwall SMA 100 Firmware Update https://www.sonicwall.com/support/product-notification/additional-sma-100-series-10-x-and-9-x-firmware-updates-required-updated-feb-19-2-p-m-cst/210122173415410/
undefined
Feb 19, 2021 • 6min

ISC StormCast for Friday, February 19th, 2021

Malspam Pushes Trickbot gtag rob13 https://isc.sans.edu/forums/diary/Malspam+pushing+Trickbot+gtag+rob13/27112/ AppleJeus https://us-cert.cisa.gov/ncas/alerts/aa21-048a Python 3 Buffer Overflow https://bugs.python.org/issue42938 Apple Platform Security Guide https://support.apple.com/guide/security/welcome/web
undefined
Feb 18, 2021 • 6min

ISC StormCast for Thursday, February 18th, 2021

The new "LinkedInSecureMessage" Phish https://isc.sans.edu/forums/diary/The+new+LinkedInSecureMessage/27110/ Apple M1 Optimized Malware https://objective-see.com/blog/blog_0x62.html QNAP Surveilance Station Vulnerability https://www.qnap.com/en/security-advisory/qsa-21-07 Masslogger Exfiltrates User Credentials https://blog.talosintelligence.com/2021/02/masslogger-cred-exfil.html
undefined
Feb 17, 2021 • 5min

ISC StormCast for Wednesday, February 17th, 2021

More Weirdness on TCP Port 26 https://isc.sans.edu/forums/diary/More+weirdness+on+TCP+port+26/27106/ Microsoft Pulls Servicing Stack Update https://threatpost.com/microsoft-windows-update-patch-tuesday/163981/ Network Monitoring Company Centreon Compromised https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf SHAREit Flaw Could Lead to Remote Code Execution https://www.trendmicro.com/en_us/research/21/b/shareit-flaw-could-lead-to-remote-code-execution.html VSCode NPM Extension RCE https://github.com/jackadamson/CVE-2021-26700
undefined
Feb 16, 2021 • 7min

ISC StormCast for Tuesday, February 16th, 2021

Securing and Optimizing Networks Using pfSense Traffic Shaper to Combat Bufferbloat https://isc.sans.edu/forums/diary/Securing+and+Optimizing+Networks+Using+pfSense+Traffic+Shaper+Limiters+to+Combat+Bufferbloat/27102/ Apple to Proxy Safe Browsing Requests https://twitter.com/othermaciej/status/1359736220809531393 Power Outages and Some Network Outages as a Result https://downdetector.com Phone Scam Success Rates https://www.helpnetsecurity.com/2021/02/15/lost-money-to-phone-scams/ https://nakedsecurity.sophos.com/2021/02/12/sms-tax-scam-unmasked-bogus-but-believable-dont-fall-for-it/

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
 Get the app