SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Dec 1, 2020 • 6min

ISC StormCast for Tuesday, December 1st 2020

Decrypting PowerShell Payloads https://isc.sans.edu/forums/diary/Decrypting+PowerShell+Payloads+video/26838/ Trend Micro ServerProtect for Linux https://success.trendmicro.com/solution/000281950 WebKit Vulnerabilities https://blog.talosintelligence.com/2020/11/vuln-spotlight-webkit-use-after-free-nov-2020.html New Skimmer JS https://twitter.com/AffableKraut/status/1333258498910588928

Nov 30, 2020 • 7min

ISC StormCast for Monday, November 30th 2020

Live Patching Windows API Calls Using PowerShell https://isc.sans.edu/forums/diary/Live+Patching+Windows+API+Calls+Using+PowerShell/26826/ Threat Hunting with JARM https://isc.sans.edu/forums/diary/Threat+Hunting+with+JARM/26832/ https://isc.sans.edu/forums/diary/Quick+Tip+Using+JARM+With+a+SOCKS+Proxy/26834/ Be Careful With IoT Gifts https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/ https://www.cyberscoop.com/smart-doorbells-amazon-ebay-ncc-vulnerabilities/ Active Exploitation of Mobile Iron Vulnerabilities https://www.ncsc.gov.uk/news/alert-multiple-actors-attempt-exploit-mobileiron-vulnerability

Nov 25, 2020 • 11min

ISC StormCast for Wednesday, November 25th 2020

The Special Case of TCP Resets https://isc.sans.edu/forums/diary/The+special+case+of+TCP+RST/26824/ VMWare Workspace Vulnerability https://www.theregister.com/2020/11/24/vmware_urges_sysadmins_to_implement/ Holiday Hack Challenge 2020 https://holidayhackchallenge.com/2020/

Nov 24, 2020 • 4min

ISC StormCast for Tuesday, November 24th 2020

Quick Tip: Cobalt Strike Beacon Analysis https://isc.sans.edu/forums/diary/Quick+Tip+Cobalt+Strike+Beacon+Analysis/26818/ Godaddy Social Engineering Used to Compromise Bitcoin Exchange Domains https://blog.liquid.com/security-incident-november-13-2020 Spoofed FBI Domains https://www.ic3.gov/Media/Y2020/PSA201123

Nov 23, 2020 • 4min

ISC StormCast for Monday, November 23rd 2020

Updates for VMWare ESXi; Fusion and Workstation https://www.vmware.com/security/advisories/VMSA-2020-0026.html IBM DB2 Vulnerability https://www.ibm.com/support/pages/node/6370025 https://www.ibm.com/support/pages/node/6370023 Fortinet SSL VPN Exploit Used to Collect Credentials https://twitter.com/Bank_Security/status/1329426020647243778

Nov 20, 2020 • 16min

ISC StormCast for Friday, November 20th 2020

PowerShell Dropper Delivering Formbook https://isc.sans.edu/forums/diary/PowerShell+Dropper+Delivering+Formbook/26806/ Google Leading the Way in Phishing https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign Identifying Malicious Servers With JARM https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a Daniel Behrens: Industrial Traffic Collection: Understanding the Implications of Deploying Visibility Without Impacting Production https://www.sans.org/reading-room/whitepapers/ICS/industrial-traffic-collection-understanding-implications-deploying-visibility-impacting-production-39810

Nov 19, 2020 • 5min

ISC StormCast for Thursday, November 19th 2020

When Security Controls Lead to Security Issues https://isc.sans.edu/forums/diary/When+Security+Controls+Lead+to+Security+Issues/26804/ Google Chrome Update https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html Firefox 83 HTTPS Only Mode https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/ OOB Windows Kerberos Update https://docs.microsoft.com/en-us/windows/release-information/windows-message-center Cisco WebEx Patch Fixes "Ghost Users" https://securityintelligence.com/posts/ibm-works-with-cisco-exorcise-ghosts-webex-meetings/ Ransomware Flooding Printers https://twitter.com/Irlenys/status/1327784305465188353

Nov 18, 2020 • 6min

ISC StormCast for Wednesday, November 18th 2020

Apple Binaries Used to Bypass 3rd Party Security Products on MacOS 11 https://twitter.com/patrickwardle/status/1327726496203476992 Apple Improving Privacy on App Certificate Checks https://support.apple.com/en-us/HT202491 Cisco Security Manager Vulnerabilities https://gist.github.com/Frycos/8bf5c125d720b3504b4f28a1126e509e https://tools.cisco.com/security/center/publicationListing.x

Nov 17, 2020 • 6min

ISC StormCast for Tuesday, November 17th 2020

Old Vulnerbilities Don't Die https://isc.sans.edu/forums/diary/Heartbleed+BlueKeep+and+other+vulnerabilities+that+didnt+disappear+just+because+we+dont+talk+about+them+anymore/26798/ Citrix Virtual Apps and Desktops Security Update https://support.citrix.com/article/CTX285059 Zoom Security Improvements https://blog.zoom.us/new-ways-to-combat-zoom-meeting-disruptions/ Firefox File Read Vulnerability Details https://medium.com/@kanytu/firefox-and-how-a-website-could-steal-all-of-your-cookies-581fe4648e8d

Nov 16, 2020 • 7min

ISC StormCast for Monday, November 16th 2020

Oledump Removed Macro Indicator https://isc.sans.edu/forums/diary/oledumps+Indicator/26794/ Old Worm But New Obfuscation Technique https://isc.sans.edu/forums/diary/Old+Worm+But+New+Obfuscation+Technique/26792/ MacOS OCSP Disaster https://blog.cryptohack.org/macos-ocsp-disaster VoltPillager: Hardware-base fault injection attacks against Instel SGX Enclaves using the SVID voltage scaling interface https://www.usenix.org/system/files/sec21summer_chen-zitai.pdf

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner